Malwarebytes' Anti-Malware 1.31
Database version: 1489
Windows 5.1.2600 Service Pack 3
11/12/2008 16:41:30
mbam-log-2008-12-11 (16-41-30).txt
Scan type: Quick Scan
Objects scanned: 44919
Time elapsed: 3 minute(s), 3 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 1
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 6
Folders Infected: 2
Files Infected: 3
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
C:\Program Files\Mozilla Firefox\components\iamfamous.dll (Spyware.Passwords) -> Delete on reboot.
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\homeview (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\homeview (Trojan.DNSChanger) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.67;85.255.112.90 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1b71f450-a366-47ed-8b19-0c6dbc08effe}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.67;85.255.112.90 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.67;85.255.112.90 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{1b71f450-a366-47ed-8b19-0c6dbc08effe}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.67;85.255.112.90 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.67;85.255.112.90 -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{1b71f450-a366-47ed-8b19-0c6dbc08effe}\NameServer (Trojan.DNSChanger) -> Data: 85.255.116.67;85.255.112.90 -> Quarantined and deleted successfully.
Folders Infected:
C:\resycled (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\Documents and Settings\malcolm\Start Menu\Programs\homeview (Trojan.DNSChanger) -> Quarantined and deleted successfully.
Files Infected:
C:\Program Files\Mozilla Firefox\components\iamfamous.dll (Spyware.Passwords) -> Delete on reboot.
C:\Documents and Settings\malcolm\Start Menu\Programs\homeview\Uninstall.lnk (Trojan.DNSChanger) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\msqpdxpaxtofxh.sys (Trojan.Agent) -> Quarantined and deleted successfully.
Back to top
