Malwarebytes' Anti-Malware 1.44
Database version: 3631
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
1/25/2010 12:15:32 AM
mbam-log-2010-01-25 (00-15-32).txt
Scan type: Full Scan (C:\|)
Objects scanned: 175686
Time elapsed: 31 minute(s), 25 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: mprvdex3.dll -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\MPRVDex3.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\Program Files\loader\Misc\Suuji.exe (Malware.pacler) -> Quarantined and deleted successfully.
GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-01-26 01:08:30
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\JILLMA~1\LOCALS~1\Temp\kgryyuod.sys
---- System - GMER 1.0.15 ----
SSDT B22BA59E ZwCreateKey
SSDT B22BA594 ZwCreateThread
SSDT B22BA5A3 ZwDeleteKey
SSDT B22BA5AD ZwDeleteValueKey
SSDT B22BA5B2 ZwLoadKey
SSDT B22BA580 ZwOpenProcess
SSDT B22BA585 ZwOpenThread
SSDT B22BA5BC ZwReplaceKey
SSDT B22BA5B7 ZwRestoreKey
SSDT B22BA5A8 ZwSetValueKey
SSDT B22BA58F ZwTerminateProcess
---- Devices - GMER 1.0.15 ----
AttachedDevice \Driver\Ftdisk \Device\HarddiskVolume1 SaibIa32.sys (Disk Filter Driver/Sonic Solutions)
AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation)
---- EOF - GMER 1.0.15 ----