Malwarebytes' Anti-Malware 1.51.2.1300
Database version: 7622
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
17/02/2012 12:21:01 ص
mbam-log-2012-02-17 (00-21-01).txt
Scan type: Full scan (C:\|D:\|)
Objects scanned: 248803
Time elapsed: 37 minute(s), 4 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 1
Files Infected: 7
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\idid (Trojan.Sasfix) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe rundll32.exe tftp.nfo beforegllav) Good: (Explorer.exe) -> Quarantined and deleted successfully.
Folders Infected:
c:\documents and settings\all users\application data\47224827 (Rogue.Multiple) -> Quarantined and deleted successfully.
Files Infected:
c:\documents and settings\rora al watoha\Desktop\removewga.exe (PUP.RemoveWGA) -> Not selected for removal.
c:\program files\NoAdware\nutilities.dll (Rogue.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\ABF8A5\cnvpe.fne (Worm.Autorun) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\ABF8A5\dp1.fne (Worm.Autorun) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\ABF8A5\HtmlView.fne (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\ABF8A5\internet.fne (HackTool.Patcher) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\ABF8A5\RegEx.fnr (Worm.AutoRun) -> Quarantined and deleted successfully.
