Malwarebytes' Anti-Malware 1.32
Wersja bazy definicji: 1616
Windows 5.1.2600
2009-01-11 16:31:23
mbam-log-2009-01-11 (16-31-23).txt
Typ skanowania: Pełne skanowanie (C:\|D:\|)
Przeskanowane obiekty: 102828
Upłynęło: 53 minute(s), 7 second(s)
Zainfekowane procesy w pamięci: 0
Zainfekowane moduły pamięci: 2
Zainfekowane klucze rejestru: 10
Zainfekowane wartości rejestru: 1
Zainfekowane pliki rejestru: 2
Zainfekowane foldery: 0
Zainfekowane pliki: 7
Zainfekowane procesy w pamięci:
(Nie wykryto groźnych plików)
Zainfekowane moduły pamięci:
C:\WINDOWS\system32\vtUonmMG.dll (Trojan.Vundo.H)

Delete on reboot.
C:\WINDOWS\system32\wvUoLcab.dll (Trojan.Vundo.H)

Delete on reboot.
Zainfekowane klucze rejestru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38e072db-1aeb-4d94-824b-7b266dafe5a6} (Trojan.Vundo.H)

Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{38e072db-1aeb-4d94-824b-7b266dafe5a6} (Trojan.Vundo.H)

Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H)

Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wvuolcab (Trojan.Vundo.H)

Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H)

Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a6d58fbc-aef6-4cba-b902-9508889d64ba} (Trojan.Vundo.H)

Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a6d58fbc-aef6-4cba-b902-9508889d64ba} (Trojan.Vundo.H)

Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo)

Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo)

Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo)

Quarantined and deleted successfully.
Zainfekowane wartości rejestru:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H)

Quarantined and deleted successfully.
Zainfekowane pliki rejestru:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Security Packages (Trojan.Vundo.H)

Data: c:\windows\system32\vtuonmmg

Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H)

Data: c:\windows\system32\vtuonmmg

Delete on reboot.
Zainfekowane foldery:
(Nie wykryto groźnych plików)
Zainfekowane pliki:
C:\WINDOWS\system32\vtUonmMG.dll (Trojan.Vundo.H)

Delete on reboot.
C:\WINDOWS\system32\GMmnoUtv.ini (Trojan.Vundo.H)

Quarantined and deleted successfully.
C:\WINDOWS\system32\GMmnoUtv.ini2 (Trojan.Vundo.H)

Quarantined and deleted successfully.
C:\WINDOWS\system32\wvUoLcab.dll (Trojan.Vundo.H)

Delete on reboot.
C:\WINDOWS\System32\irlssj.dll (Trojan.Vundo.H)

Quarantined and deleted successfully.
C:\WINDOWS\Help\KEYGEN.EXE (Adware.Agent)

Quarantined and deleted successfully.
C:\WINDOWS\system32\opnopMcB.dll (Trojan.Vundo)

Quarantined and deleted successfully.