Thread: [Active] The virus changed my password administrator
View Single Post
  #6 (permalink)  
Old 24-06-2009, 08:39 PM
broni's Avatar
broni broni is online now
Senior Member
  
Join Date: Nov 2004
Posts: 2,273
broni is beginning to become part of the furniturebroni is beginning to become part of the furniturebroni is beginning to become part of the furniturebroni is beginning to become part of the furniturebroni is beginning to become part of the furniturebroni is beginning to become part of the furniturebroni is beginning to become part of the furniturebroni is beginning to become part of the furniturebroni is beginning to become part of the furniturebroni is beginning to become part of the furniturebroni is beginning to become part of the furniture
Re: [Active] The virus changed my password administrator
Next time, please paste all logs into your reply. This time, I'll do it for you....

Malwarebytes' Anti-Malware 1.38
Database version: 2297
Windows 5.1.2600 Service Pack 2

6/24/2009 10:03:21 AM
mbam-log-2009-06-24_C3305 (10-03-02).txt

Scan type: Full Scan (C:\|D:\|F:\|)
Objects scanned: 181692
Time elapsed: 1 hour(s), 26 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 4
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 7
Files Infected: 4

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{28abc5c0-4fcb-11cf-aax5-21cx1c642131} (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{28abc5c0-4fcb-11cf-aax5-21cx1c643131} (Worm.Autorun) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> No action taken.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\Installr (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\Installr\1.bin (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\Installr\Cache (Adware.MyWebSearch) -> No action taken.
c:\program files\funwebproducts\Installr\setups (Adware.MyWebSearch) -> No action taken.
C:\SYSTEM\S-1-5-21-1482476501-1644491937-682003330-1013 (Trojan.Agent) -> No action taken.
C:\RESTORE\S-1-5-21-1482476501-1644491937-682003330-1013 (Backdoor.IRCBot) -> No action taken.

Files Infected:
c:\program files\funwebproducts\Installr\1.bin\F3EZSETP.DLL (Adware.FunWeb) -> No action taken.
c:\program files\funwebproducts\Installr\Cache\files.ini (Adware.MyWebSearch) -> No action taken.
c:\SYSTEM\s-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Trojan.Agent) -> No action taken.
c:\RESTORE\s-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Backdoor.IRCBot) -> No action taken.
__________________
My Home Page
Reply With Quote