Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

MBAM log

Started by zarak , Mar 10 2011 12:06 PM

  • Please log in to reply

#1
zarak
Posted 10 March 2011 - 12:06 PM

zarak

    New Member

  • Member
  • Pip
  • 3 posts
For maliprog - again - "THANK YOU" and here is the MBAM log


Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6011

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

3/10/2011 12:43:44 PM
mbam-log-2011-03-10 (12-43-44).txt

Scan type: Quick scan
Objects scanned: 139604
Time elapsed: 5 minute(s), 48 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 47
Registry Values Infected: 3
Registry Data Items Infected: 3
Folders Infected: 14
Files Infected: 58

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2863E737-DD3F-4280-9AF8-E9E79C16F312} (Adware.SkyMediaPack) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{27BA317E-7BBD-4EBE-A06A-47F076D9D6F7} (Adware.SkyMediaPack) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2574231F-9D6F-4B0E-9041-5DD7484564AD} (Adware.SkyMediaPack) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MinBHO.ShowBarObj.1 (Adware.SkyMediaPack) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MinBHO.ShowBarObj (Adware.SkyMediaPack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2863E737-DD3F-4280-9AF8-E9E79C16F312} (Adware.SkyMediaPack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{2863E737-DD3F-4280-9AF8-E9E79C16F312} (Adware.SkyMediaPack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2863E737-DD3F-4280-9AF8-E9E79C16F312} (Adware.SkyMediaPack) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{F334C7B0-8774-4d5b-BD7A-4F448D03A1AE} (Adware.SkyLab) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{70EF8B2A-3A34-4913-AAFC-5A2827E0B1B1} (Adware.SkyLab) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{AD49CE2B-B922-4E2A-AAD9-C1565855C7BC} (Adware.SkyLab) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\KBBar.KBBarBand.1 (Adware.SkyLab) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F334C7B0-8774-4D5B-BD7A-4F448D03A1AE} (Adware.SkyLab) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F334C7B0-8774-4D5B-BD7A-4F448D03A1AE} (Adware.SkyLab) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\SkyMedia (Adware.SkyMedia) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaveTubeVideo_is1 (Adware.SkyLab) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_XMLLookup (Hijacker.XMLLookup) -> Value: bak_XMLLookup -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_Application (Hijacker.Application) -> Value: bak_Application -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\bak_intl (Hijacker.intl) -> Value: bak_intl -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\XMLLookup (Hijacker.XMLLookup) -> Bad: (http://www.helpmeope...app&l=x&ext=%s) Good: (http://shell.windows...angID=x&Ext=%s) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\Application (Hijacker.Application) -> Bad: (http://www.helpmeope...app&l=x&ext=%s) Good: (http://shell.windows...edir.asp?Ext=%s) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations\intl (Hijacker.intl) -> Bad: (http://www.helpmeope...app&l=x&ext=%s) Good: (http://shell.windows...angID=x&Ext=%s) -> Quarantined and deleted successfully.

Folders Infected:
c:\program files\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\save tube video company (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\content (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\locale (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\locale\en-US (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\skin (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\words (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\components (Adware.SkyLab) -> Quarantined and deleted successfully.

Files Infected:
c:\program files\save tube video company\savetubevideo\MinBHO.dll (Adware.SkyMediaPack) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\savetubevideo.dll (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\funwebproducts\screensaver\Images\02A83F05.urr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\browserstartpage.dll (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\Config.dat (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\downloader.exe (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\installhelper.exe (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\toolbarupdate.exe (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\transport_dll.dll (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\unins000.dat (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\unins000.exe (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\update.dat (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\update.dll (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome.manifest (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\install.rdf (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\tmp (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\content\about.xul (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\content\settings.js (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\content\skysearchtoolbar.js (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\content\skysearchtoolbar.xul (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\locale\en-US\skysearchtoolbar.dtd (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\locale\en-US\toolbar.properties (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\skin\about.png (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\skin\aboutDlg.png (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\skin\bigbutton.png (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\skin\gripper.png (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\skin\savevideo.png (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\skin\savevideo2.png (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\skin\search.png (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\skin\settings.png (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\skin\showstatus.png (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\skin\skysearchtoolbar.css (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\words\anti-viruses.txt (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\words\archivators.txt (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\words\auto credit.txt (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\words\auto insurance.txt (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\words\baccarat.txt (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\words\bingo.txt (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\words\body-building.txt (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\words\casino.txt (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\words\credit.txt (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\words\free downloaders.txt (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\words\general health.txt (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\words\health and life.txt (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\words\home.txt (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\words\keno.txt (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\words\men`s health.txt (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\words\mp3 dvd players.txt (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\words\pain relief.txt (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\words\pets.txt (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\words\poker.txt (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\words\weight loss.txt (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\chrome\words\women`s health.txt (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\components\ISwslib.xpt (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\components\nsirdshistoryservice.js (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\components\nsirdshistoryservice.xpt (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\components\rdstb-autocomplete.js (Adware.SkyLab) -> Quarantined and deleted successfully.
c:\program files\save tube video company\savetubevideo\FF\components\swslib.dll (Adware.SkyLab) -> Quarantined and deleted successfully.
  • 0

Advertisements

Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Forum
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP