vfadool
2009-01-12, 16:32
:sick:
Malwarebytes' Anti-Malware 1.32
Database version: 1616
Windows 5.1.2600 Service Pack 3
1/12/2009 9:29:23 AM
mbam-log-2009-01-12 (09-28-58).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 160796
Time elapsed: 2 hour(s), 6 minute(s), 37 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 3
Registry Keys Infected: 21
Registry Values Infected: 3
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 12
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
C:\WINDOWS\system32\scngvyqa.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\yaywurRK.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\jykqde.dll (Trojan.Vundo.H) -> No action taken.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{707a5a6e-53ed-4e1f-8eca-7d0fe74e515d} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{707a5a6e-53ed-4e1f-8eca-7d0fe74e515d} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f6cb5f93-f97f-42a1-bf4f-7cda78457465} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{f6cb5f93-f97f-42a1-bf4f-7cda78457465} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{51efa149-387d-4fbe-9daa-5a2f62d6a2f3} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{51efa149-387d-4fbe-9daa-5a2f62d6a2f3} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{707a5a6e-53ed-4e1f-8eca-7d0fe74e515d} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{802cc67a-e2af-488f-a1b3-2cf90b2e2ed9} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{802cc67a-e2af-488f-a1b3-2cf90b2e2ed9} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{9307db7c-71e6-46b4-9260-b434db20e4d8} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9307db7c-71e6-46b4-9260-b434db20e4d8} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f6cb5f93-f97f-42a1-bf4f-7cda78457465} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\prunnet (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\xpreapp (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\28c4529e (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\prunnet (Trojan.Agent) -> No action taken.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\yaywurrk -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\yaywurrk -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> No action taken.
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\yaywurRK.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\KRruwyay.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\KRruwyay.ini2 (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\jykqde.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\scngvyqa.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\aqyvgncs.ini (Trojan.Vundo.H) -> No action taken.
C:\Documents and Settings\Nanette Fadool\Local Settings\Temp\seneka5a1e.tmp (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Nanette Fadool\Local Settings\Temp\seneka74bf.tmp (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Nanette Fadool\Temporary Internet Files\Content.IE5\D2OIV7SD\upd105320[1] (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\fmkpgaxq.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ddcDsrrs.dll (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\Nanette Fadool\Local Settings\Temp\xpre.tmp (Trojan.Downloader) -> No action taken.
Malwarebytes' Anti-Malware 1.32
Database version: 1616
Windows 5.1.2600 Service Pack 3
1/12/2009 9:29:23 AM
mbam-log-2009-01-12 (09-28-58).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 160796
Time elapsed: 2 hour(s), 6 minute(s), 37 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 3
Registry Keys Infected: 21
Registry Values Infected: 3
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 12
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
C:\WINDOWS\system32\scngvyqa.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\yaywurRK.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\jykqde.dll (Trojan.Vundo.H) -> No action taken.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{707a5a6e-53ed-4e1f-8eca-7d0fe74e515d} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{707a5a6e-53ed-4e1f-8eca-7d0fe74e515d} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f6cb5f93-f97f-42a1-bf4f-7cda78457465} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{f6cb5f93-f97f-42a1-bf4f-7cda78457465} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{51efa149-387d-4fbe-9daa-5a2f62d6a2f3} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{51efa149-387d-4fbe-9daa-5a2f62d6a2f3} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{707a5a6e-53ed-4e1f-8eca-7d0fe74e515d} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{802cc67a-e2af-488f-a1b3-2cf90b2e2ed9} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{802cc67a-e2af-488f-a1b3-2cf90b2e2ed9} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{9307db7c-71e6-46b4-9260-b434db20e4d8} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9307db7c-71e6-46b4-9260-b434db20e4d8} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f6cb5f93-f97f-42a1-bf4f-7cda78457465} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\prunnet (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\xpreapp (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\28c4529e (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\prunnet (Trojan.Agent) -> No action taken.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\yaywurrk -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\yaywurrk -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> No action taken.
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\yaywurRK.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\KRruwyay.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\KRruwyay.ini2 (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\jykqde.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\scngvyqa.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\aqyvgncs.ini (Trojan.Vundo.H) -> No action taken.
C:\Documents and Settings\Nanette Fadool\Local Settings\Temp\seneka5a1e.tmp (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Nanette Fadool\Local Settings\Temp\seneka74bf.tmp (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Nanette Fadool\Temporary Internet Files\Content.IE5\D2OIV7SD\upd105320[1] (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\fmkpgaxq.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\ddcDsrrs.dll (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\Nanette Fadool\Local Settings\Temp\xpre.tmp (Trojan.Downloader) -> No action taken.