|
Re: Infected with brastk.exe, wini10802.exe?
Well, maybe 'eventually' rather than 'shortly' ... took a little longer than I anticipated.
here is the MBAM log:
Malwarebytes' Anti-Malware 1.30
Database version: 1335
Windows 5.1.2600 Service Pack 2
30/10/2008 7:20:45 AM
mbam-log-2008-10-30 (07-20-45).txt
Scan type: Full Scan (C:\|D:\|)
Objects scanned: 183947
Time elapsed: 1 hour(s), 38 minute(s), 39 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 10
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{549b5ca7-4a86-11d7-a4df-000874180bb3} (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\2573318901.CPX (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\25733189012.CPX (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\25733189021.CPX (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\25733189077.CPX (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Prefetch\JUNIPERSETUPAPP.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Prefetch\JUNIPERSETUPSETUP.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\av.dat (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSSnrse.dll (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSSoiqh.dll (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\TDSSosvn.dll (Rootkit.Agent) -> Quarantined and deleted successfully.
RSIT next post.
|