Malwarebytes' Anti-Malware 1.31
Database version: 1512
Windows 5.1.2600 Service Pack 3
18/12/2008 01:26:50
mbam-log-2008-12-18 (01-26-50).txt
Scan type: Quick Scan
Objects scanned: 67976
Time elapsed: 54 minute(s), 43 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 8
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 4
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{af2e62b6-f9e1-4d4f-a10a-9dc8e6dcbcc0} (Adware.VideoEgg) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c6039e6c-bde9-4de5-bb40-768caa584fdc} (Trojan.Vundo) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3ba4271e-5c1e-48e2-b432-d8bf420dd31d} (Rogue.DeusCleaner) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e596df5f-4239-4d40-8367-ebadf0165917} (Rogue.Installer) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a26f07f-0d60-4835-91cf-1e1766a0ec56} (Trojan.Agent) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09f1adac-76d8-4d0f-99a5-5c907dadb988} (Rogue.Multiple) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{85589b5d-d53d-4237-a677-46b82ea275f3} (Unknown.Malware) -> Not selected for removal.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2d2bee6e-3c9a-4d58-b9ec-458edb28d0f6} (Rogue.DriveCleaner) -> Not selected for removal.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
E:\Documents and Settings\mike\Local Settings\Application Data\yogqw_navps.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
E:\Documents and Settings\mike\Local Settings\Application Data\yogqw_nav.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
E:\Documents and Settings\mike\Local Settings\Application Data\yogqw.dat (Adware.Navipromo.H) -> Quarantined and deleted successfully.
E:\Documents and Settings\mike\Local Settings\Application Data\yogqw.exe (Adware.Navipromo.H) -> Quarantined and deleted successfully.
As you can see from this I decided not to remove the infected Registry Keys as I was unsure whether or not it was safe to do this using MBAM. Would just like to know if it is safe to go ahead with this. Thank you very much in advance.
Edited by Orange Blossom, 17 December 2008 - 10:32 PM.
Move from XP forum to Am I Infected. ~ OB