Infetto da Trojan.Vundo [era: problema virus]

**sailorjupiter88** · 08-10-2008, 20:47

Malwarebytes' Anti-Malware 1.28
Versione del database: 1134
Windows 5.1.2600 Service Pack 2

08/10/2008 20.45.16
mbam-log-2008-10-08 (20-45-10).txt

Tipo di scansione: Scansione completa (C:\|D:\|E:\|)
Elementi scansionati: 126538
Tempo trascorso: 1 hour(s), 47 minute(s), 3 second(s)

Processi delle memoria infetti: 0
Moduli della memoria infetti: 3
Chiavi di registro infette: 8
Valori di registro infetti: 20
Elementi dato del registro infetti: 2
Cartelle infette: 2
File infetti: 35

Processi delle memoria infetti:
(Nessun elemento malevolo rilevato)

Moduli della memoria infetti:
C:\WINDOWS\system32\mvupfpac.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\xxyvtSlJ.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\vtUlMgDS.dll (Trojan.Vundo) -> No action taken.

Chiavi di registro infette:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{498d8d78-8573-4253-be8c-2ca89b464b8d} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vtulmgds (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{498d8d78-8573-4253-be8c-2ca89b464b8d} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects\{667deb1d-1355-48cd-88dd-3634b229128a} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{667deb1d-1355-48cd-88dd-3634b229128a} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Live_TV (Adware.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.

Valori di registro infetti:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\602eb649 (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks\{498d8d78-8573-4253-be8c-2ca89b464b8d} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\\yur9f.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\\yura0.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\\yura1.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\\yura2.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\\yur2.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\\yur3.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\\yur4.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\\yur5.exe (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\\yurb.exe (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\\yur9f.exe (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\\yura0.exe (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\\yura1.exe (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\\yura2.exe (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\\yur2.exe (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\\yur3.exe (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\\yur4.exe (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\\yur5.exe (Trojan.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\\yurb.exe (Trojan.Agent) -> No action taken.

Elementi dato del registro infetti:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\xxyvtslj -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\xxyvtslj -> No action taken.

Cartelle infette:
C:\Programmi\Live_TV (Adware.Agent) -> No action taken.
C:\Programmi\PCHealthCenter (Trojan.Fakealert) -> No action taken.

File infetti:
C:\WINDOWS\system32\vtUlMgDS.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\xxyvtSlJ.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\JlStvyxx.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\JlStvyxx.ini2 (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\mvupfpac.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\capfpuvm.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\vtUopMGV.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\efcDUooo.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\geBSJBuS.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\geBssTMc.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\jkkLFvwx.dll (Trojan.Vundo) -> No action taken.
C:\Programmi\PCHealthCenter\0.exe (Trojan.Fakealert) -> No action taken.
C:\Programmi\PCHealthCenter\0.gif (Trojan.Fakealert) -> No action taken.
C:\Programmi\PCHealthCenter\1.exe (Trojan.Fakealert) -> No action taken.
C:\Programmi\PCHealthCenter\1.gif (Trojan.Fakealert) -> No action taken.
C:\Programmi\PCHealthCenter\1.ico (Trojan.Fakealert) -> No action taken.
C:\Programmi\PCHealthCenter\2.exe (Trojan.Fakealert) -> No action taken.
C:\Programmi\PCHealthCenter\2.gif (Trojan.Fakealert) -> No action taken.
C:\Programmi\PCHealthCenter\2.ico (Trojan.Fakealert) -> No action taken.
C:\Programmi\PCHealthCenter\3.exe (Trojan.Fakealert) -> No action taken.
C:\Programmi\PCHealthCenter\3.gif (Trojan.Fakealert) -> No action taken.
C:\Programmi\PCHealthCenter\4.exe (Trojan.Fakealert) -> No action taken.
C:\Programmi\PCHealthCenter\5.exe (Trojan.Fakealert) -> No action taken.
C:\Programmi\PCHealthCenter\7.exe (Trojan.Fakealert) -> No action taken.
C:\Programmi\PCHealthCenter\sc.html (Trojan.Fakealert) -> No action taken.
C:\WINDOWS\system32\1.ico (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\2.ico (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\YUR9F.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\YURA0.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\YURA1.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\YURA2.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\YUR2.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\YUR3.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\YUR5.exe (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\YURB.exe (Trojan.Agent) -> No action taken.

Discussione: Infetto da Trojan.Vundo [era: problema virus]

Strumenti discussione

Ricerca discussione

Visualizza

Visualizzazione discussione

Permessi di invio