Link to home
Start Free TrialLog in
Avatar of oliviajones
oliviajonesFlag for United States of America

asked on

Malbytes finds 6 trojans. what do I do next?

Whilst rying to get rid of a nasty redirect virus I ran Malbytes. It found multiple trojans. Here is the log:

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7854

Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421

10/3/2011 2:33:48 PM
mbam-log-2011-10-03 (14-33-26).txt

Scan type: Full scan (C:\|D:\|E:\|H:\|J:\|)
Objects scanned: 549424
Time elapsed: 1 hour(s), 28 minute(s), 55 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 3

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\.fsharproj (Trojan.BHO) -> No action taken.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Reasonable_Software_House Update (Trojan.Agent) -> Value: Reasonable_Software_House Update -> No action taken.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Reasonable_Software_House Update (Trojan.Agent) -> Value: Reasonable_Software_House Update -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Users\Olivia\AppData\Local\reasonable_software_house\reasonable_software_houseupdate\reasonable_software_houseupdt32.exe (Trojan.Agent) -> No action taken.
c:\Users\Olivia\AppData\Local\reasonable_software_house\reasonable_software_houseupdate\reasonable_software_houseupdt32.dll (Trojan.Agent) -> No action taken.
c:\Users\Olivia\Desktop\rd trouble shoot\rk_quarantine\reasonable_software_houseupdt32.exe.vir (Trojan.Agent) -> No action taken

What should I do now? Thanks.
ASKER CERTIFIED SOLUTION
Avatar of himanshut
himanshut
Flag of Australia image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of David Johnson, CD
David Johnson, CD
Flag of Canada image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Aquatone
Aquatone
In short, backup your data and reinstall Windows. That may seem like the "easy way out", but it is the quickest and most reliable way to get back up and running.
Avatar of oliviajones
oliviajones
Flag of United States of America image

ASKER

I think I still have the option to let malbytes take care of it. I thought maybe it was better to submit logs here first for expert review. just an excess of caution I guess. Reinstalling windows would be a last ditch nightmare for me. should I try to have malbytes take care of it first?
Avatar of David Johnson, CD
David Johnson, CD
Flag of Canada image
yes you should have done it at once.
Avatar of oliviajones
oliviajones
Flag of United States of America image

ASKER

I have removed all threats and rebooted. Should I run Malbytes again?
SOLUTION
Avatar of rpggamergirl
rpggamergirl
Flag of Australia image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of nobus
nobus
Flag of Belgium image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of oliviajones
oliviajones
Flag of United States of America image

ASKER

reran mbam again (quick scan) and BHO  trojan was BACK in the registry. So now I'll start this dance again w/ hijack this, but that's another question...Thanks all