2 replies to this topic

[CDubbs11]

Malwarebytes' Anti-Malware 1.40
Database version: 2551
Windows 5.1.2600 Service Pack 3

9/1/2009 8:51:32 PM
mbam-log-2009-09-01 (20-51-32).txt

Scan type: Quick Scan
Objects scanned: 84800
Time elapsed: 1 minute(s), 39 second(s)

Memory Processes Infected: 2
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 4
Registry Data Items Infected: 0
Folders Infected: 3
Files Infected: 10

Memory Processes Infected:
C:\WINDOWS\freddy62.exe (Worm.KoobFace) -> Unloaded process successfully.
C:\WINDOWS\pp11.exe (Worm.KoobFace) -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\MalwareRemovalBot (Rogue.MalwareRemovalBot) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\pp (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysfbtray (Worm.KoobFace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysmstray (Worm.KoobFace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysldtray (Backdoor.Bot) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Documents and Settings\Chris\Application Data\

[SpySentinel]

Hi CDubbs11, and welcome to the Piriform Community Forums


Download ComboFix from one of these locations:

Link 1
Link 2

* IMPORTANT !!! Save ComboFix.exe to your Desktop

• Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  
  
  
• Double click on ComboFix.exe & follow the prompts.
  
  
  
• As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  
  
  
• Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:




Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.

[SpySentinel]

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact Me or an other moderator. This applies only to the original topic starter. Everyone else please begin a New Topic.