Hello everybody!
I finally removed Spyware Protect 2009 from my computer with Malwarebytes, and just wanted to know if my personal info (banking records, etc..) can be accessed by others on the web. I don't see any TDSS/backdoor.bot, soo... idk, just want to be sure. Any help is appreciated. Here is my log:
Malwarebytes' Anti-Malware 1.33
Database version: 1733
Windows 5.1.2600 Service Pack 2
2/5/2009 8:31:53 PM
mbam-log-2009-02-05 (20-31-53).txt
Scan type: Quick Scan
Objects scanned: 75586
Time elapsed: 19 minute(s), 59 second(s)
Memory Processes Infected: 1
Memory Modules Infected: 1
Registry Keys Infected: 4
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 1
Files Infected: 4
Memory Processes Infected:
C:\WINDOWS\sysguard.exe (Trojan.FakeAlert) -> Unloaded process successfully.
Memory Modules Infected:
C:\WINDOWS\system32\iehelper.dll (Trojan.Vundo.H) -> Delete on reboot.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c9c42510-9b21-41c1-9dcd-8382a2d07c61} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9c42510-9b21-41c1-9dcd-8382a2d07c61} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c9c42510-9b21-41c1-9dcd-8382a2d07c61} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\explorer.exe (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysguard (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Program Files\Microsoft Common (Trojan.Agent) -> Quarantined and deleted successfully.
Files Infected:
C:\WINDOWS\system32\iehelper.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\sysguard.exe (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
C:\Program Files\Microsoft Common\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\A9installer_880808.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.