Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4052 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 7/10/2010 8:58:20 mbam-log-2010-10-07 (08-58-20).txt Scan type: Full scan (C:\|) Objects scanned: 186937 Time elapsed: 37 minute(s), 54 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 6 Registry Values Infected: 1 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 3 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7977e3ed-fff3-85bb-6ef4-0e3ed0059c8e} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{7977e3ed-fff3-85bb-6ef4-0e3ed0059c8e} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\da8a95d (Adware.Adrotator) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7977e3ed-fff3-85bb-6ef4-0e3ed0059c8e} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54ccf2f7-3689-70f6-63f1-61faec320439} (Adware.AdRotator) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{54ccf2f7-3689-70f6-63f1-61faec320439} (Adware.AdRotator) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fluzigqcll (Trojan.Agent) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\WINDOWS\system32\f691dd9f.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. C:\WINDOWS\system32\da8a95d.exe (Adware.Adrotator) -> Quarantined and deleted successfully. C:\WINDOWS\system32\amojpcvcmovqw.dll (Trojan.Agent) -> Quarantined and deleted successfully.