Jump to content

Windows Live Meessenger?


TeMerc

Recommended Posts

  • Staff
Malwarebytes' Anti-Malware 1.31

Database version: 1552

Windows 5.1.2600 Service Pack 2

12/26/2008 7:27:57 PM

mbam-log-2008-12-26 (19-27-57).txt

Scan type: Quick Scan

Objects scanned: 47083

Time elapsed: 4 minute(s), 35 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 1

Registry Data Items Infected: 5

Folders Infected: 0

Files Infected: 3

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows Live Messenger (Backdoor.Bot) -> Not selected for removal.

Registry Data Items Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Not selected for removal.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowRun (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Not selected for removal.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Not selected for removal.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyDocs (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Not selected for removal.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowMyComputer (Hijack.StartMenu) -> Bad: (0) Good: (1) -> Not selected for removal.

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Documents and Settings\Tom\Local Settings\temp\winWM36iJDMd.exe (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\Documents and Settings\Tom\Local Settings\Temporary Internet Files\Content.IE5\0123GHU7\win32sys[1].exe (Trojan.Vundo) -> Quarantined and deleted successfully.

C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Backdoor.Bot) -> Not selected for removal.

I'm pretty sure these have popped up before, the WLM related, but I'm not 100% the reg entries for Explorer are correct either. I do have those set to 'not show' on all my machines.
Link to post
Share on other sites

  • Staff
Try it again Tom , we should be good .
Not quite, see below(I checked for latest defs too):
Malwarebytes' Anti-Malware 1.31

Database version: 1552

Windows 5.1.2600 Service Pack 2

12/26/2008 10:53:18 PM

mbam-log-2008-12-26 (22-53-15).txt

Scan type: Quick Scan

Objects scanned: 44221

Time elapsed: 4 minute(s), 2 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 1

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\windows Live Messenger (Backdoor.Bot) -> No action taken.

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Backdoor.Bot) -> No action taken.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.