Hi, to all readers,
"Windows XP home edition"I immeditely disabled my internet connection.Browswer MS ver 7.0
Before, I explain, what happened,I request all readers to curse these computer criminals, who create malicious viruses and criminally enter into your computer for malicious purposes.Just curse them in your heart.
While browsing,I felt my computer was suddenly paused for a moment and next two warning windows from microsoft “Help And Support Center” appear warning “Unknown Win32/Trojan”,alert level “serve”.Registery access,Task manager access immediately disabled by the virus or by these Microsoft alert windows.
“Avast” as usual was on deep sleep.No action taken by “Avast” antispyware software living and enjoying my computer company.After running MalwareBytes anti spyware software the following was found and removed.
Log file is as follows.
"Malwarebytes’ Anti-Malware 1.46
www.malwarebytes.org
Database version: 4719
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
11/15/2010 2:08:03 PM
mbam-log-2010-11-15 (14-08-03).txt
Scan type: Quick scan
Objects scanned: 138600
Time elapsed: 26 minute(s), 36 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Trojan.Agent) → Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\Documents and Settings\Owner\Application Data\hotfix.exe (Trojan.Agent.Gen) → Quarantined and deleted successfully.
C:\Documents and Settings\Owner\Local Settings\temp\0.9516633254790766.exe (Trojan.Dropper) → Delete on reboot."
I checked My proxy server.It was normal,not activated by virus.
Malicious executable file,size 551k,naming “0.9516633254790766.exe” was found in temp folder.Its icon was large primitive golden colour door lock.I wrote all this to inform public and aware them to be ready and act immeditely from these criminals.
