Malwarebytes' Anti-Malware 1.37 Database version: 2182 Windows 5.1.2600 Service Pack 3 5/30/2009 11:26:17 PM mbam-log-2009-05-30 (23-26-17).txt Scan type: Full Scan (C:\|) Objects scanned: 143648 Time elapsed: 35 minute(s), 53 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 9 Registry Values Infected: 1 Registry Data Items Infected: 0 Folders Infected: 1 Files Infected: 21 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CLASSES_ROOT\CLSID\{0ed403e8-470a-4a8a-85a4-d7688cfe39a3} (Adware.Gamevance) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0ed403e8-470a-4a8a-85a4-d7688cfe39a3} (Adware.Gamevance) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f02fabcb-92dd-475a-98af-14217bd50746} (Adware.Gamevance) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ed403e8-470a-4a8a-85a4-d7688cfe39a3} (Adware.Gamevance) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\winmyy32 (Dialer) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSSMGR (Trojan.Downloader) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ctfmon.exe (Security.Hijack) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{08d3b7e5-c2d4-3129-80c8-1116fec38259} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{08d3b7e5-c2d4-3129-80c8-1116fec38259} (Trojan.BHO) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysmstray (Worm.KoobFace) -> Quarantined and deleted successfully. Registry Data Items Infected: (No malicious items detected) Folders Infected: C:\Program Files\websrvx (Trojan.Downloader) -> Quarantined and deleted successfully. Files Infected: c:\system volume information\_restore{51267417-b33c-4783-a2fb-ccfafa2247d8}\RP39\A0012321.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\system volume information\_restore{51267417-b33c-4783-a2fb-ccfafa2247d8}\RP39\A0012323.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\program files\websrvx\upx.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\msmark2.dat (Worm.KoobFace) -> Quarantined and deleted successfully. c:\WINDOWS\t55ft2784f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully. c:\WINDOWS\t55ft2792f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully. c:\WINDOWS\t55ft2803f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully. c:\WINDOWS\t55ft2806f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully. c:\WINDOWS\t55ft2807f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully. c:\WINDOWS\t55ft2808f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully. c:\WINDOWS\t55ft2809f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully. c:\WINDOWS\t55ft2810f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully. c:\WINDOWS\t55ft2829f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully. c:\WINDOWS\t55ft2830f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully. c:\WINDOWS\t55ft3223f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully. c:\WINDOWS\t55ft3518f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\winmyy32.dll (Dialer) -> Quarantined and deleted successfully. c:\WINDOWS\9g2234wesdf3dfgjf23 (Worm.KoobFace) -> Quarantined and deleted successfully. c:\WINDOWS\9g234sdff3d23dfgjf23 (Worm.KoobFace) -> Quarantined and deleted successfully. C:\WINDOWS\f5087.dat (Worm.KoobFace) -> Quarantined and deleted successfully. C:\WINDOWS\f23567.dat (Worm.KoobFace) -> Quarantined and deleted successfully.