New
#11
Hi, Shadowed s0ul.
Your MBAM Log:
Malwarebytes' Anti-Malware 1.46
Malwarebytes
Database version: 4640
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
9/17/2010 3:45:20 PM
mbam-log-2010-09-17 (15-45-20).txt
Scan type: Quick scan
Objects scanned: 156722
Time elapsed: 8 minute(s), 21 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{fe4c2c37-edc8-4c00-b864-3c38cf3ba834} (Adware.Adshot) -> No action taken.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cyejicawajuri (Trojan.Agent.U) -> No action taken.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\ProgramData\Update\seupd.exe (Trojan.Agent) -> No action taken.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This time, scan with MBAM again but please do the following
- Launch Malwarebytes' Anti-Malware then click the Update tab and "Check for Updates
- Once the update has been installed and the program has loaded, select [b]Quick scan
- When the scan is complete, click OK, then Show Results to view the results.
- Be sure that everything is checked, EXCEPT items in System Restore as shown in this sample:
- Click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See the Note below)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Please post contents of that file in your next reply.
** Note **
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.