trogens again

Discussion in 'Malware Help (A Specialist Will Reply)' started by falcon1, Mar 22, 2010.

  1. falcon1

    falcon1 Private E-2

    :-o
    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 03/23/2010 at 01:53 AM

    Application Version : 4.34.1000

    Core Rules Database Version : 4705
    Trace Rules Database Version: 2517

    Scan type : Complete Scan
    Total Scan Time : 00:38:07

    Memory items scanned : 267
    Memory threats detected : 0
    Registry items scanned : 6339
    Registry threats detected : 0
    File items scanned : 45321
    File threats detected : 0

    ---------


    Malwarebytes' Anti-Malware 1.44
    Database version: 3851
    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18882

    22/03/2010 8:36:12 PM
    mbam-log-2010-03-22 (20-36-12).txt

    Scan type: Quick Scan
    Objects scanned: 97925
    Time elapsed: 2 minute(s), 58 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 1
    Registry Keys Infected: 5
    Registry Values Infected: 1
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 4

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.

    Registry Keys Infected:
    HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\WEK9EMDHI9 (Trojan.Agent) -> Quarantined and deleted successfully.

    Registry Values Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\canaveral (Trojan.Downloader) -> Quarantined and deleted successfully.

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    C:\Windows\System32\sshnas21.dll (Trojan.Downloader) -> Delete on reboot.
    C:\Users\Shanan Busch\AppData\Local\Temp\sshnas21.dll (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
    C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

    -----------------------------------------------------------------------

    i still cant figure out how to get into logs to just send the things, copy and paste works.
     
    falcon1, Mar 22, 2010
    #1
  2. Kestrel13!

    Kestrel13! Super Malware Fighter - Major Dilemma Staff Member

    We have a very clear & concise guide right here:

    HOW TO: Attach Items To Your Post

    You have been through malware removal procedures here with me before not so very long ago, so you should also know to attach the other requested logs, such as RootRepeal (if you were indeed successful in running it)

    And the other log we requested: C:\Mglogs.zip
     
    Kestrel13!, Mar 23, 2010
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds