Jump to content
Sign in to follow this  
sho-dan

(18) Trojan.BHO entries

Recommended Posts

Will be fixed in next update, see here

Malwarebytes' Anti-Malware 1.35

Database version: 1932

Windows 5.1.2600 Service Pack 3

4/2/2009 6:06:22 AM

mbam-log-2009-04-02 (06-06-15).txt

Scan type: Quick Scan

Objects scanned: 64029

Time elapsed: 1 minute(s), 2 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 9

Registry Values Infected: 9

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\CLSID\{08165ea0-e946-11cf-9c87-00aa005127ed} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218192

4706994]

HKEY_CLASSES_ROOT\CLSID\{7d559c10-9fe9-11d0-93f7-00aa0059ce02} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218192

4706994]

HKEY_CLASSES_ROOT\CLSID\{7fc0b86e-5fa7-11d1-bc7c-00c04fd929db} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218192

4706994]

HKEY_CLASSES_ROOT\CLSID\{abbe31d0-6dae-11d0-beca-00c04fd940be} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218192

4706994]

HKEY_CLASSES_ROOT\CLSID\{f5175861-2688-11d0-9c5e-00aa00a45957} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218192

4706994]

HKEY_CLASSES_ROOT\CLSID\{d8bd2030-6fc9-11d0-864f-00aa006809d9} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218192

4706994]

HKEY_CLASSES_ROOT\CLSID\{e3a8bde6-abce-11d0-bc4b-00c04fd929db} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218192

4706994]

HKEY_CLASSES_ROOT\CLSID\{e6cc6978-6b6e-11d0-beca-00c04fd940be} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218192

4706994]

HKEY_CLASSES_ROOT\CLSID\{e8bb6dc0-6b4e-11d0-92db-00a0c90c2bd7} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218192

4706994]

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{08165ea0-e946-11cf-9c87-00aa005127ed} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218192

4706994]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7d559c10-9fe9-11d0-93f7-00aa0059ce02} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218192

4706994]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7fc0b86e-5fa7-11d1-bc7c-00c04fd929db} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218192

4706994]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{abbe31d0-6dae-11d0-beca-00c04fd940be} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218192

4706994]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{f5175861-2688-11d0-9c5e-00aa00a45957} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218192

4706994]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{d8bd2030-6fc9-11d0-864f-00aa006809d9} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218192

4706994]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{e3a8bde6-abce-11d0-bc4b-00c04fd929db} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218192

4706994]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{e6cc6978-6b6e-11d0-beca-00c04fd940be} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218192

4706994]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{e8bb6dc0-6b4e-11d0-92db-00a0c90c2bd7} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218192

4706994]

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Share this post


Link to post
Share on other sites
Guest Robert_M

Today, after update NoScript (plugin for Firefox), a have few Trojan.BHO alerts too.

Share this post


Link to post
Share on other sites

Today, after update NoScript (plugin for Firefox), a have few Trojan.BHO alerts too.
I assume those are the same ones as in the first post here?

Share this post


Link to post
Share on other sites
Guest Robert_M
I assume those are the same ones as in the first post here?

Here is a log:

Malwarebytes' Anti-Malware 1.35

Database version: 1932

Windows 5.1.2600 Dodatek Service Pack 3

2009-04-02 12:58:32

mbam-log-2009-04-02 (12-58-30).txt

Scan type: Quick Scan

Objects scanned: 65655

Time elapsed: 38 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 9

Registry Values Infected: 10

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

HKEY_CLASSES_ROOT\CLSID\{08165ea0-e946-11cf-9c87-00aa005127ed} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218

1924706994]

HKEY_CLASSES_ROOT\CLSID\{7d559c10-9fe9-11d0-93f7-00aa0059ce02} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218

1924706994]

HKEY_CLASSES_ROOT\CLSID\{7fc0b86e-5fa7-11d1-bc7c-00c04fd929db} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218

1924706994]

HKEY_CLASSES_ROOT\CLSID\{abbe31d0-6dae-11d0-beca-00c04fd940be} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218

1924706994]

HKEY_CLASSES_ROOT\CLSID\{f5175861-2688-11d0-9c5e-00aa00a45957} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218

1924706994]

HKEY_CLASSES_ROOT\CLSID\{d8bd2030-6fc9-11d0-864f-00aa006809d9} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218

1924706994]

HKEY_CLASSES_ROOT\CLSID\{e3a8bde6-abce-11d0-bc4b-00c04fd929db} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218

1924706994]

HKEY_CLASSES_ROOT\CLSID\{e6cc6978-6b6e-11d0-beca-00c04fd940be} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218

1924706994]

HKEY_CLASSES_ROOT\CLSID\{e8bb6dc0-6b4e-11d0-92db-00a0c90c2bd7} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218

1924706994]

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{08165ea0-e946-11cf-9c87-00aa005127ed} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218

1924706994]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7d559c10-9fe9-11d0-93f7-00aa0059ce02} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218

1924706994]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{7fc0b86e-5fa7-11d1-bc7c-00c04fd929db} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218

1924706994]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{abbe31d0-6dae-11d0-beca-00c04fd940be} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218

1924706994]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{f5175861-2688-11d0-9c5e-00aa00a45957} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218

1924706994]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{d8bd2030-6fc9-11d0-864f-00aa006809d9} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218

1924706994]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{e3a8bde6-abce-11d0-bc4b-00c04fd929db} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218

1924706994]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{e6cc6978-6b6e-11d0-beca-00c04fd940be} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218

1924706994]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{e8bb6dc0-6b4e-11d0-92db-00a0c90c2bd7} (Trojan.BHO) -> No action taken. [4054423730927023716722701917146970202214181868711426682524141717666617172218

1924706994]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\adsltaskbar (Trojan.Agent) -> No action taken. [3857535134305383807566791534727079851301414438586445483634456446343641424738

61524839535634513861467468838084807185615674796980888461368683837079855570838474

8

07961518679933232323232323232113011838679697777201915708970113232323232323232156

9

7777116632]

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

Share this post


Link to post
Share on other sites

Yes, the same ones. This has nothing to do with the Noscript update from Firefox though :huh:

These detections will be fixed in next update. Should be within an hour :blink:

Share this post


Link to post
Share on other sites
Malwarebytes' Anti-Malware 1.35

Database version: 1932

Windows 5.1.2600 Service Pack 3

4/2/2009 8:16:08 AM

mbam-log-2009-04-02 (08-16-08).txt

Scan type: Quick Scan

Objects scanned: 71872

Time elapsed: 2 minute(s), 35 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Which program installs these affected BHO's?

Share this post


Link to post
Share on other sites

Thanks for the update, miekiemoes. :)

btw, you have a beautiful baby (avatar) :)

Share this post


Link to post
Share on other sites

cool. My yellow lab turned 5 years a couple months ago. Big boy though at 125 pounds. Mixed with something else but not sure what.

Guess we should stop going off topic so Bruce doesn't think he has new posts to look at though :)

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.