Malwarebytes' Anti-Malware 1.46
www.malwarebytes.orgDatabase version: 4086
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
5/10/2010 12:08:54 PM
mbam-log-2010-05-10 (12-08-54).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 238688
Time elapsed: 1 hour(s), 12 minute(s), 56 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 11
Registry Values Infected: 2
Registry Data Items Infected: 2
Folders Infected: 4
Files Infected: 37
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
C:\Program Files\Mozilla Firefox\extensions\{70c5e1a1-98ea-81af-6392-2961d9559a08}\components\fe_Z-00B63.dll (Adware.BHO) -> Delete on reboot.
Registry Keys Infected:
HKEY_CLASSES_ROOT\CLSID\{eca3e63b-2d45-2cad-efb1-65fd6c346935} (Adware.LoudMo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\search toolbar (Adware.Zugo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\flv direct player (Adware.FLVPlayer) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\a-qlgf_qnkxkni (Adware.LoudMo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AppDataLow\HavingFunOnline (Adware.BHO.FL) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8c508522-2c39-bc0a-1c9b-9e5fb0277a1f} (Adware.AdRotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8c508522-2c39-bc0a-1c9b-9e5fb0277a1f} (Adware.AdRotator) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sctdtvvw (Rogue.AntiSpywareSoft) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sctdtvvw (Rogue.AntiSpywareSoft) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (
http://bing.zugo.com/?cfg=2-76-0-UEOP) Good: (
http://www.google.com) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 93.188.164.231,93.188.161.72 -> Quarantined and deleted successfully.
Folders Infected:
C:\Program Files\FLV Direct Player (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\FLV Direct Player (Adware.FLVPlayer) -> Quarantined and deleted successfully.
Files Infected:
C:\Program Files\Mozilla Firefox\extensions\{70c5e1a1-98ea-81af-6392-2961d9559a08}\components\fe_Z-00B63.dll (Adware.BHO) -> Delete on reboot.
C:\Documents and Settings\DJ\Local Settings\Application Data\epcxflmqw\mgstwgptssd.exe (Rogue.AntiSpywareSoft) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\Toolbar4\{0C8413C1-FAD1-446C-8584-BE50576F863E}\SearchToolbarUninstall.exe (Adware.Zugo) -> Quarantined and deleted successfully.
C:\Documents and Settings\DJ\Desktop\DC stuff\Magic DVD Ripper\Magic DVD Ripper v3.3 Setup.exe (Adware.UCMore) -> Quarantined and deleted successfully.
C:\Documents and Settings\DJ\Local Settings\temp\Component Update 126 (Adware.LoudMo) -> Quarantined and deleted successfully.
C:\Documents and Settings\DJ\Local Settings\temp\Component Update 157 (Adware.LoudMo) -> Quarantined and deleted successfully.
C:\Documents and Settings\DJ\Local Settings\temp\Component Update 407 (Adware.LoudMo) -> Quarantined and deleted successfully.
C:\Documents and Settings\DJ\Local Settings\temp\Component Update 563 (Adware.LoudMo) -> Quarantined and deleted successfully.
C:\Documents and Settings\DJ\Local Settings\temp\mPDa.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DJ\Local Settings\temp\Qjut.exe (Rogue.AntiSpywareSoft) -> Quarantined and deleted successfully.
C:\Documents and Settings\DJ\Local Settings\temp\Ybxl.exe (Rogue.AntiSpywareSoft) -> Quarantined and deleted successfully.
C:\Documents and Settings\DJ\Local Settings\Temporary Internet Files\Content.IE5\5D234UN5\n002102318801r0409J0d000601R4631da79W1656a78dXc4654120Y8f86b05bZ03003f360[1] (Rogue.AntiSpywareSoft) -> Quarantined and deleted successfully.
C:\Documents and Settings\DJ\Local Settings\Temporary Internet Files\Content.IE5\5D234UN5\n002102801r0409J0d000601R4631da79Xc465412fY8f86b05bZ03003f3630dP000501080[1] (Rogue.AntiSpywareSoft) -> Quarantined and deleted successfully.
C:\Documents and Settings\DJ\Local Settings\Temporary Internet Files\Content.IE5\5D234UN5\eHad747fe4V03007f35002Rb49ca91b102Te60e1844Q0000004c901801F0016000aJ0d000601l0409K428a9f513180[1] (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DJ\My Documents\Downloads\FLVDirect.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files\Search Toolbar\SearchToolbarUninstall.exe (Adware.Zugo) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\uninstall.exe (Adware.FLVPlayer) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C1FDE112-7F2E-44A7-87E2-2E0265CC1B0B}\RP116\A0030301.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C1FDE112-7F2E-44A7-87E2-2E0265CC1B0B}\RP116\A0030427.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C1FDE112-7F2E-44A7-87E2-2E0265CC1B0B}\RP176\A0045562.dll (Adware.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C1FDE112-7F2E-44A7-87E2-2E0265CC1B0B}\RP176\A0045582.dll (Adware.BHO) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{C1FDE112-7F2E-44A7-87E2-2E0265CC1B0B}\RP177\A0045625.exe (Adware.Zugo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\A-QlgF_qNkXKni.exe (Adware.LoudMo) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\downloading.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\FLVPlayer.exe (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\player.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\preload.swf (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\Button.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\Logo.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\skin.xml (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\SysCloseButton.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\SysMaxButton.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\SysMinButton.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Program Files\FLV Direct Player\Skin\DirectFLV\Window.bmp (Adware.BHO.FL) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\FLV Direct Player\FLV Direct Player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Start Menu\Programs\FLV Direct Player\Uninstall FLV Direct Player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\--_7_sR0LH_AiE.dll (Adware.AdRotator) -> Quarantined and deleted successfully.