Thread: popups in firefox
View Single Post
Join Date: Nov 2008
Posts: 82
Reputation: jazzyjaj is an unknown quantity at this point 
Solved Threads: 0
jazzyjaj jazzyjaj is offline Offline
Junior Poster in Training

Re: popups in firefox

 
0
  #10
Nov 9th, 2008
Yesterday i ran MBA-M, here is the log:

Malwarebytes' Anti-Malware 1.30
Database version: 1343
Windows 5.1.2600 Service Pack 2

11/8/2008 5:18:42 PM
mbam-log-2008-11-08 (17-18-41).txt

Scan type: Full Scan (C:\|D:\|E:\|F:\|)
Objects scanned: 41708
Time elapsed: 55 minute(s), 10 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 3
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 0
Files Infected: 9

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
D:\WINDOWS\system32\wvUkHBUm.dll (Trojan.Vundo.H) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c5b2ca3c-d4cc-48ec-9ac1-c925378dc8ee} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{c5b2ca3c-d4cc-48ec-9ac1-c925378dc8ee} (Trojan.Vundo.H) -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5b2ca3c-d4cc-48ec-9ac1-c925378dc8ee} (Trojan.Vundo.H) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: d:\windows\system32\wvukhbum -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo.H) -> Data: d:\windows\system32\wvukhbum -> Delete on reboot.

Folders Infected:
(No malicious items detected)

Files Infected:
D:\WINDOWS\system32\wvUkHBUm.dll (Trojan.Vundo.H) -> Delete on reboot.
D:\WINDOWS\system32\mUBHkUvw.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\mUBHkUvw.ini2 (Trojan.Vundo.H) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\hxwawvge.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\egvwawxh.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\jgtdehvq.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\qvhedtgj.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\rjxwnyni.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
D:\WINDOWS\system32\inynwxjr.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.

after which today so far there are no popups.

i could not uninstall combofix the way you asked, could i just delete it.
i uninstalled viewpoint. I hope that removes it.
Now i will do the instructions as you asked.
Thank you
Reply With Quote