1 reply to this topic

[kylefisher]

Gots the intervalhehehe from cnet winrar...
Anyone able to help? Kind of debilatating =\

Logs:

Malwarebytes' Anti-Malware 1.30
Database version: 1445
Windows 5.1.2600 Service Pack 3

12/2/2008 1:18:16 PM
mbam-log-2008-12-02 (13-18-15).txt

Scan type: Full Scan (C:\|D:\|E:\|)
Objects scanned: 92762
Time elapsed: 32 minute(s), 47 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
C:\WINDOWS\system32\explore.exe (Backdoor.Bot) -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Explore (Trojan.Agent) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Kyle\Desktop\Temp\Sonic Foundry SoundForge v7.0 build 214\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\explore.exe (Trojan.Agent) -> Quarantined and deleted successfully.

________________________________________________________________________________
________________________________________________________

active scan log:

;*******************************************************************************
********************************************************************************
*
*******************
ANALYSIS: 2008-12-02 15:26:51
PROTECTIONS: 1
MALWARE: 13
SUSPECTS: 0
;*******************************************************************************
********************************************************************************
*
*******************
PROTECTIONS
Description Version Active Updated
;===============================================================================
================================================================================
=
===================
CA Anti-Spyware 10.0.0.210 No No
;===============================================================================
================================================================================
=
===================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===============================================================================
================================================================================
=
===================
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Kyle\Cookies\kyle@atdmt[2].txt
00167430 Cookie/myaffiliateprogram TrackingCookie No 0 Yes No C:\Documents and Settings\Kyle\Cookies\kyle@www.myaffiliateprogram[1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Kyle\Cookies\kyle@ad.yieldmanager[2].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Kyle\Cookies\kyle@overture[1].txt
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Kyle\Cookies\kyle@adultfriendfinder[2].txt
00436388 Adware/Zango Adware No 0 Yes No C:\System Volume Information\_restore{C830FA1C-A199-475B-8ECF-A78220BFEF5B}\RP33\A0006714.dll
00436394 Adware/Zango Adware No 0 Yes No C:\System Volume Information\_restore{C830FA1C-A199-475B-8ECF-A78220BFEF5B}\RP33\A0006713.exe
03074964 Trj/CI.A Virus/Trojan No 0 Yes No C:\Documents and Settings\Kyle\Desktop\Temp\QuickTime Pro 7.1.0.210\Keygen.exe
03856024 Generic Malware Virus/Trojan No 0 Yes No C:\Documents and Settings\Kyle\Desktop\programs\Setup.exe
03899118 Generic Malware Virus/Trojan No 0 Yes No C:\Documents and Settings\Kyle\Desktop\programs\Sony.ACID.Pro.v6.0.Incl.Keygen-SSG.tar[Sony.ACID.Pro.v6.0.Incl.Keygen-SSG/Keygen.exe]
04012603 Adware/Zango Adware No 0 Yes No C:\System Volume Information\_restore{C830FA1C-A199-475B-8ECF-A78220BFEF5B}\RP26\A0004852.dll
04123305 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C830FA1C-A199-475B-8ECF-A78220BFEF5B}\RP33\A0006731.dll
04132506 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{C830FA1C-A199-475B-8ECF-A78220BFEF5B}\RP33\A0006701.dll
;===============================================================================
================================================================================
=
===================
SUSPECTS
Sent Location e
;===============================================================================
================================================================================
=
===================
;===============================================================================
================================================================================
=
===================
VULNERABILITIES
Id Severity Description e
;===============================================================================
================================================================================
=
===================
;===============================================================================
================================================================================
=
===================


I want to thank whomever in advance for the help.
Lemme know if im missing anything.

[Raid]

Sorry man, but we have a no-warez policy. In the future, I'd strongly recommend avoiding keygens and the like. Your chances of getting something nasty aren't worth your time or effort. Good luck in your efforts to get your problem resolved.

03074964 Trj/CI.A Virus/Trojan No 0 Yes No C:\Documents and Settings\Kyle\Desktop\Temp\QuickTime Pro 7.1.0.210\Keygen.exe
03856024 Generic Malware Virus/Trojan No 0 Yes No C:\Documents and Settings\Kyle\Desktop\programs\Setup.exe
03899118 Generic Malware Virus/Trojan No 0 Yes No C:\Documents and Settings\Kyle\Desktop\programs\Sony.ACID.Pro.v6.0.Incl.Keygen-SSG.tar[Sony.ACID.Pro.v6.0.Incl.Keygen-SSG/Keygen.exe]