Jump to content

craziest and longest malwarebytes log ever?


Recommended Posts

i can't believe how many things were found here. all i did was open an email from a friend.

Malwarebytes' Anti-Malware 1.30

Database version: 1385

Windows 5.1.2600 Service Pack 3

11/11/2008 7:46:37 PM

mbam-log-2008-11-11 (19-46-37).txt

Scan type: Full Scan (C:\|)

Objects scanned: 100427

Time elapsed: 42 minute(s), 41 second(s)

Memory Processes Infected: 5

Memory Modules Infected: 3

Registry Keys Infected: 20

Registry Values Infected: 8

Registry Data Items Infected: 0

Folders Infected: 1

Files Infected: 28

Memory Processes Infected:

C:\Program Files\tinyproxy\tinyproxy.exe (Trojan.Proxy) -> Unloaded process successfully.

C:\Program Files\Applications\iebtm.exe (Trojan.Zlob) -> Unloaded process successfully.

C:\Program Files\Applications\iebtmm.exe (Trojan.Zlob) -> Unloaded process successfully.

C:\Program Files\Applications\wcm.exe (Trojan.Zlob) -> Unloaded process successfully.

C:\Program Files\Applications\wcs.exe (Trojan.Zlob) -> Unloaded process successfully.

Memory Modules Infected:

C:\WINDOWS\system32\367770\367770.dll (Trojan.BHO) -> Delete on reboot.

C:\Program Files\Applications\iebr.dll (Trojan.Zlob) -> Delete on reboot.

C:\Program Files\Applications\iebt.dll (Trojan.Zlob) -> Delete on reboot.

Registry Keys Infected:

HKEY_CLASSES_ROOT\TypeLib\{e63648f7-3933-440e-b4f6-a8584dd7b7eb} (Trojan.BHO) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{f7d09218-46d7-4d3d-9b7f-315204cd0836} (Trojan.BHO) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{cad68085-8805-4fd3-aa1e-2e282ed7e7a2} (Trojan.BHO) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{cad68085-8805-4fd3-aa1e-2e282ed7e7a2} (Trojan.BHO) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{cad68085-8805-4fd3-aa1e-2e282ed7e7a2} (Trojan.BHO) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{e43b6656-814b-4839-8ff8-affde0da9a3f} (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e43b6656-814b-4839-8ff8-affde0da9a3f} (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{8710df42-3171-4a3b-9079-3f7d7101552b} (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8710df42-3171-4a3b-9079-3f7d7101552b} (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8710df42-3171-4a3b-9079-3f7d7101552b} (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{daed9266-8c28-4c1c-8b58-5c66eff1d302} (Search.Hijack) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{9034a523-d068-4be8-a284-9df278be776e} (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\apple mobile device (apple mobile device) (Trojan.Proxy) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\apple mobile device (apple mobile device) (Trojan.Proxy) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\apple mobile device (apple mobile device) (Trojan.Proxy) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEBrowse Tool (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IExplorer Bar (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Warning Center (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\multimediaControls.chl (Trojan.Zlob) -> Quarantined and deleted successfully.

Registry Values Infected:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{e43b6656-814b-4839-8ff8-affde0da9a3f} (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{e43b6656-814b-4839-8ff8-affde0da9a3f} (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysftray2 (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\start (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\smile (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securewebinfo.com (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.safetyincludes.com (Trojan.Zlob) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.securemanaging.com (Trojan.Zlob) -> Quarantined and deleted successfully.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

C:\Program Files\TinyProxy (Trojan.Proxy) -> Quarantined and deleted successfully.

Files Infected:

C:\WINDOWS\system32\367770\367770.dll (Trojan.BHO) -> Delete on reboot.

C:\Program Files\Applications\iebr.dll (Trojan.Zlob) -> Delete on reboot.

C:\Program Files\Applications\iebt.dll (Trojan.Zlob) -> Delete on reboot.

C:\Program Files\TinyProxy\tinyproxy.exe (Trojan.Proxy) -> Quarantined and deleted successfully.

C:\WINDOWS\fmark2.dat (Malware.Trace) -> Quarantined and deleted successfully.

C:\WINDOWS\bolivar25.exe (Trojan.Agent) -> Delete on reboot.

C:\Documents and Settings\Administrator\My Documents\My Music\My Music.url (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\Documents and Settings\Administrator\My Documents\My Pictures\My Pictures.url (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\Documents and Settings\Administrator\My Documents\My Videos\My Video.url (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\Documents and Settings\Administrator\My Documents\My Documents.url (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\Program Files\Applications\iebtm.exe (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\Program Files\Applications\iebtmm.exe (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\Program Files\Applications\iebtu.exe (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\Program Files\Applications\iebu.exe (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\Program Files\Applications\myd.ico (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\Program Files\Applications\mym.ico (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\Program Files\Applications\myp.ico (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\Program Files\Applications\myv.ico (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\Program Files\Applications\ot.ico (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\Program Files\Applications\ts.ico (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\Program Files\Applications\wcm.exe (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\Program Files\Applications\wcs.exe (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\Program Files\Applications\wcu.exe (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\Documents and Settings\Administrator\Favorites\Antivirus Scan.url (Rogue.Link) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Start Menu\Antivirus Scan.url (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Desktop\Online Antispyware Test.url (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Start Menu\Online Antispyware Test.url (Trojan.Zlob) -> Quarantined and deleted successfully.

C:\Documents and Settings\All Users\Desktop\Antivirus Scan.url (Rogue.Link) -> Quarantined and deleted successfully.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.