Sign In
Create Account
1
I ran MAM last night to find 6 Registry Keys infected and 1 Registry Data Items Infected with backdoor.bot. I've read online these are possible false positives? Is this true? Do I need to worry that any of my data/passwords got stolen? I'm assuming, they are cleaned off since I re-ran MAM and nothing was detected. Any advice would be great.
Malwarebytes' Anti-Malware 1.41
Database version: 2775
Windows 5.1.2600 Service Pack 3
9/17/2009 11:32:23 PM
mbam-log-2009-09-17 (23-32-23).txt
Scan type: Quick Scan
Objects scanned: 102974
Time elapsed: 43 minute(s), 24 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 6
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{19127ad2-394b-70f5-c650-b97867baa1f7} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{43bf8cd1-c5d5-2230-7bb2-98f22c2b7dc6} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{494e6cec-7483-a4ee-0938-895519a84bc7} (Backdoor.Bot) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
-
This topic is locked
Back to top
#2
Posted 10 October 2009 - 12:54 AM
-
- Experts
-
- 1,088 posts
Elite Member
- Gender:Male
Hello and welcome to Malwarebytes.
I Apologize for the late response.
If you still require assistance, we would like to see the latest state of your system. So, please post a New Hijackthis log. In your reply, I would also like to know any symptoms you may still have and how your computer is running at the moment.
Take a read in this thread on instructions on how to post a Hijackthis log and other further instructions:
http://www.malwareby...?showtopic=9573
Please note that the forum is very busy and if I don’t hear from you in five days this thread will be closed.
With Regards,
Extremeboy
I Apologize for the late response.
If you still require assistance, we would like to see the latest state of your system. So, please post a New Hijackthis log. In your reply, I would also like to know any symptoms you may still have and how your computer is running at the moment.
Take a read in this thread on instructions on how to post a Hijackthis log and other further instructions:
http://www.malwareby...?showtopic=9573
Please note that the forum is very busy and if I don’t hear from you in five days this thread will be closed.
With Regards,
Extremeboy
If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED!
The help you receive here from me is free but if you wish to show your appreciation, you may wish to
.
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED!
The help you receive here from me is free but if you wish to show your appreciation, you may wish to
.
#3
Posted 12 October 2009 - 02:59 PM
-
- Experts
-
- 1,088 posts
Elite Member
- Gender:Male
Hello.
Due to Lack of feedback, this topic is now Closed.
If you need this topic reopened, please Send Me a Message. In your message please include the address of this thread in your request.
This applies only to the original topic starter.
Everyone else please start a new topic.
With Regards,
Extremeboy
Due to Lack of feedback, this topic is now Closed.
If you need this topic reopened, please Send Me a Message. In your message please include the address of this thread in your request.
This applies only to the original topic starter.
Everyone else please start a new topic.
With Regards,
Extremeboy
If I'm helping you and I don't reply within 48 hours please feel free to send me a PM.
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED!
The help you receive here from me is free but if you wish to show your appreciation, you may wish to.
Note: Please do not PM me asking for help, instead please post it in the correct forum requesting for help. HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED!
The help you receive here from me is free but if you wish to show your appreciation, you may wish to
.
1 user(s) are reading this topic
0 members, 1 guests, 0 anonymous users
