Malwarebytes' Anti-Malware 1.37
Database versie: 2227
Windows 5.1.2600 Service Pack 3

4/06/2009 17:38:32
mbam-log-2009-06-04 (17-38-32).txt

Scan type: Snelle Scan
Objecten gescand: 101313
Verstreken tijd: 11 minute(s), 37 second(s)

Geheugenprocessen geīnfecteerd: 0
Geheugenmodulen geīnfecteerd: 0
Registersleutels geīnfecteerd: 25
Registerwaarden geīnfecteerd: 0
Registerdata bestanden geīnfecteerd: 0
Mappen geīnfecteerd: 5
Bestanden geīnfecteerd: 21

Geheugenprocessen geīnfecteerd:
(Geen kwaadaardige items gevonden)

Geheugenmodulen geīnfecteerd:
(Geen kwaadaardige items gevonden)

Registersleutels geīnfecteerd:
HKEY_CLASSES_ROOT\visualtool.pornpro_bho (Adware.PlayMp3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{829537d5-a960-feb0-c6db-654dda176ea5} (Adware.PlayMp3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{68bf610f-c5cd-c624-6b44-224aee8b95eb} (Adware.PlayMp3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e2ed872c-4118-2d61-a187-6100030472b0} (Adware.PlayMp3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e4424e6e-b629-0171-cd10-959d401754ad} (Adware.PlayMp3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{17c377ba-340c-71d1-650c-e2a7c753f882} (Adware.PlayMp3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3219531d-6532-065a-5a15-fb9116b3ab82} (Adware.PlayMp3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f3a54897-9e68-b11e-a37a-4d1422ce9caa} (Adware.PlayMp3z) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\visualtool.pornpro_bho.1 (Adware.PlayMp3z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f919fbd3-a96b-4679-af26-f551439bb5fd} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2d2bee6e-3c9a-4d58-b9ec-458edb28d0f6} (Rogue.DriveCleaner) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Mirar (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\PlayMP3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fbrowsingadvisor_is1 (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\RelatedPageInstall (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products (Rogue.Multiple) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\bfast.com (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\commission-junction.com (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\fastclick.com (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\fastclick.net (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\kqzyfj.com (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\linksynergy.com (Adware.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\qksrv.net (Adware.BHO) -> Quarantined and deleted successfully.

Registerwaarden geīnfecteerd:
(Geen kwaadaardige items gevonden)

Registerdata bestanden geīnfecteerd:
(Geen kwaadaardige items gevonden)

Mappen geīnfecteerd:
c:\documents and settings\All Users\Application Data\SalesMonitor (Rogue.Multiple) -> Quarantined and deleted successfully.
c:\documents and settings\all users\application data\salesmonitor\Data (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Save (Adware.WhenUSave) -> Quarantined and deleted successfully.
C:\Program Files\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
C:\Program Files\FBrowserAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.

Bestanden geīnfecteerd:
C:\Program Files\VisualTool\VisualTool-1.dll (Adware.PlayMp3z) -> Quarantined and deleted successfully.
c:\documents and settings\johan de jaeger\local settings\Temp\tem61.tmp.exe (Rogue.Installer) -> Quarantined and deleted successfully.
c:\documents and settings\johan de jaeger\local settings\Temp\tem65.tmp.exe (Rogue.Installer) -> Quarantined and deleted successfully.
c:\documents and settings\johan de jaeger\local settings\Temp\tem67.tmp.exe (Rogue.Installer) -> Quarantined and deleted successfully.
c:\documents and settings\johan de jaeger\local settings\Temp\tem6B.tmp.exe (Adware.Mirar) -> Quarantined and deleted successfully.
c:\documents and settings\johan de jaeger\local settings\Temp\tem6D.tmp.exe (Rogue.Installer) -> Quarantined and deleted successfully.
c:\documents and settings\johan de jaeger\local settings\Temp\tem71.tmp.exe (Rogue.Installer) -> Quarantined and deleted successfully.
c:\documents and settings\johan de jaeger\local settings\Temp\tem73.tmp.exe (Rogue.Installer) -> Quarantined and deleted successfully.
c:\documents and settings\johan de jaeger\local settings\Temp\tem77.tmp.exe (Adware.Mirar) -> Quarantined and deleted successfully.
c:\documents and settings\johan de jaeger\local settings\Temp\tem7F.tmp.exe (Rogue.Installer) -> Quarantined and deleted successfully.
c:\documents and settings\johan de jaeger\local settings\Temp\tem83.tmp.exe (Rogue.Installer) -> Quarantined and deleted successfully.
c:\documents and settings\johan de jaeger\local settings\Temp\tem85.tmp.exe (Rogue.Installer) -> Quarantined and deleted successfully.
c:\program files\Save\ffext.mod (Adware.WhenUSave) -> Quarantined and deleted successfully.
c:\program files\fbrowsingadvisor\IXPCOMEvents.xpt (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
c:\program files\fbrowsingadvisor\Logo.png (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
c:\program files\fbrowsingadvisor\main.db (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
c:\program files\fbrowsingadvisor\unins000.dat (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
c:\program files\fbrowsingadvisor\unins000.exe (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
c:\program files\fbrowsingadvisor\XPCOMEvents.dll (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.
c:\program files\visualtool\VisualTool-2.dll (Adware.BHO.BrowserEnhancer) -> Quarantined and deleted successfully.
c:\WINDOWS\Fonts\WaltDisneyScript4.1.zip (Worm.Archive) -> Quarantined and deleted successfully.