Thank you so much, our computer is working again! Here is the log file
Malwarebytes' Anti-Malware 1.44
Database version: 3537
Windows 5.1.2600 Service Pack 2
Internet Explorer 7.0.5730.13
1/10/2010 3:04:42 PM
mbam-log-2010-01-10 (15-04-42).txt
Scan type: Quick Scan
Objects scanned: 129042
Time elapsed: 22 minute(s), 53 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 2
Registry Data Items Infected: 3
Folders Infected: 7
Files Infected: 20
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jvm.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\AvScan (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\idid (Trojan.Sasfix) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\oledll (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dojvcxqo (Trojan.FakeAlert.N) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe rundll32.exe fimp.elo pufxcp) Good: (Explorer.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
Folders Infected:
C:\Program Files\STC (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\STC\QA65 (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\STC\QA65\wwwroot (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\STC\QA65\wwwroot\jre (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\STC\QA65\wwwroot\jre\bin (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\STC\QA65\wwwroot\jre\bin\classic (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\STC\QA65\wwwroot\jre\lib (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
Files Infected:
C:\RECYCLER\S-1-5-21-2328200581-3523396507-3994907741-500\Dc187\wmiprvse.exe (Worm.Autorun.
-> Quarantined and deleted successfully.
C:\WINDOWS\system32\fimp.elo (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\pdfupd.exe (Spyware.Passwords) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\20.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\21.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temp\26.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\4XQVLDEB\Flash_Plugin_v10_0_42_34[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\U6QNH0D8\load[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\spool\prtprocs\w32x86\27.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.
C:\Program Files\STC\QA65\wwwroot\cbt.exe (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\STC\QA65\wwwroot\jre\bin\hpi.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\STC\QA65\wwwroot\jre\bin\java.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\STC\QA65\wwwroot\jre\bin\JdbcOdbc.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\STC\QA65\wwwroot\jre\bin\verify.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\STC\QA65\wwwroot\jre\bin\zip.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\STC\QA65\wwwroot\jre\bin\classic\jvm.dll (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\STC\QA65\wwwroot\jre\lib\i18n.jar (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\STC\QA65\wwwroot\jre\lib\rt.jar (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Program Files\STC\QA65\wwwroot\jre\lib\sunrsasign.jar (Fake.Dropped.Malware) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Desktop\explorer.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully.