Mbam Log
Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org
Database version: v2012.01.31.06
Windows 7 x64 NTFS
Internet Explorer 8.0.7600.16385
Dawn McGuire :: MCGUIRE [administrator]
Protection: Enabled
31/01/2012 16:34:50
mbam-log-2012-01-31 (16-34-50).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 182450
Time elapsed: 3 minute(s), 25 second(s)
Memory Processes Detected: 2
C:\ProgramData\MNotIPhtsh.exe (Trojan.FakeAV) -> 4456 -> Delete on reboot.
C:\ProgramData\7Frrtmxc1GyD25.exe (Rogue.FakeHDD) -> 5388 -> Delete on reboot.
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 1
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MNotIPhtsh.exe (Trojan.FakeAV) -> Data: C:\ProgramData\MNotIPhtsh.exe -> Quarantined and deleted successfully.
Registry Data Items Detected: 2
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowMyComputer (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced|Start_ShowSearch (PUM.Hijack.StartMenu) -> Bad: (0) Good: (1) -> Quarantined and repaired successfully.
Folders Detected: 0
(No malicious items detected)
Files Detected: 2
C:\ProgramData\MNotIPhtsh.exe (Trojan.FakeAV) -> Delete on reboot.
C:\ProgramData\7Frrtmxc1GyD25.exe (Rogue.FakeHDD) -> Delete on reboot.
(end)