Malwarebytes' Anti-Malware 1.37
Database versie: 2266
Windows 5.1.2600 Service Pack 3

12-6-2009 14:53:13
mbam-log-2009-06-12 (14-53-13).txt

Scan type: Snelle Scan
Objecten gescand: 92328
Verstreken tijd: 5 minute(s), 46 second(s)

Geheugenprocessen geīnfecteerd: 0
Geheugenmodulen geīnfecteerd: 0
Registersleutels geīnfecteerd: 1
Registerwaarden geīnfecteerd: 15
Registerdata bestanden geīnfecteerd: 4
Mappen geīnfecteerd: 5
Bestanden geīnfecteerd: 78

Geheugenprocessen geīnfecteerd:
(Geen kwaadaardige items gevonden)

Geheugenmodulen geīnfecteerd:
(Geen kwaadaardige items gevonden)

Registersleutels geīnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.

Registerwaarden geīnfecteerd:
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{02ffac45-0b10-5633-4296-1801f1a36678} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{f710fa10-2031-3106-8872-93a2b5c5c620} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{02ffac45-0b10-5633-4296-1801f1a36678} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{f710fa10-2031-3106-8872-93a2b5c5c620} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\UpdateWin (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\UpdateWin (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\UpdateWin (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\UpdateWin (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\UpdateWin (Worm.Sdbot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa\UpdateWin (Worm.Sdbot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\UpdateWin (Worm.Sdbot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OLE\UpdateWin (Worm.Sdbot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SYSTEM\CurrentControlSet\Control\Lsa\UpdateWin (Worm.Sdbot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\userinit (Backdoor.Bot) -> Delete on reboot.

Registerdata bestanden geīnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Backdoor.Bot) -> Data: c:\windows\system32\ntos.exe -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\SYSTEM32\Userinit.exe,C:\WINDOWS\system32\ntos.exe,) Good: (userinit.exe) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Mappen geīnfecteerd:
C:\Program Files\dynamic toolbar (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\Cache (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\PBNLV2 (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\PBNLV2\Cache (Adware.2020search) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wsnpoem (Trojan.Agent) -> Delete on reboot.

Bestanden geīnfecteerd:
c:\WINDOWS\tmp1927085.log (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\windows\tmp6727888.log (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\windows\tmp7086813.log (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\windows\tmp7766144.log (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\windows\tmp8523319.log (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\windows\tmp9855525.log (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\documents and settings\jacqueline oudman\local settings\Temp\5_odb.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\documents and settings\jacqueline oudman\local settings\temp\avto.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\documents and settings\jacqueline oudman\local settings\temp\avto1.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\documents and settings\jacqueline oudman\local settings\temp\avto2.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\documents and settings\jacqueline oudman\local settings\temp\avto3.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\documents and settings\jacqueline oudman\local settings\temp\avto4.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\documents and settings\jacqueline oudman\local settings\Temp\teste1_p.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\documents and settings\jacqueline oudman\local settings\Temp\teste3_p.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\documents and settings\jacqueline oudman\local settings\Temp\teste4_p.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\documents and settings\jacqueline oudman\local settings\temp\q2.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\documents and settings\jacqueline oudman\local settings\temp\q3.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\documents and settings\jacqueline oudman\local settings\temp\q5.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\documents and settings\jacqueline oudman\local settings\temp\q6.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\documents and settings\jacqueline oudman\local settings\temp\q7.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\windows\temp\22.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\5_odb.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\avto.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\avto1.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\avto2.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\avto4.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\nopmulti1.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\windows\temp\nopmulti3.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\WINDOWS\Temp\nopmulti5.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\windows\temp\teste1_p.exe (Trojan.Clicker) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\batch.bat (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\unins000.dat (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\unins000.exe (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\Cache\go.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\Cache\home.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\Cache\logo_pb.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\Cache\parent_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\Cache\parent_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\Cache\pbnlv2tb0200.cfg (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\Cache\popup_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\Cache\popup_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\Cache\search.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\Cache\services.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\Cache\skin.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\Cache\skin1.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\Cache\skin2.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\Cache\skin3.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\Cache\skin4.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\Cache\skin5.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\Cache\store.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\Cache\style.css (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\Cache\support.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\Cache\ticker.xml (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\PBNLV2\Cache\go.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\PBNLV2\Cache\home.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\PBNLV2\Cache\logo_pb.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\PBNLV2\Cache\parent_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\PBNLV2\Cache\parent_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\PBNLV2\Cache\pbnlv2tb0200.cfg (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\PBNLV2\Cache\popup_off.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\PBNLV2\Cache\popup_on.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\PBNLV2\Cache\search.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\PBNLV2\Cache\services.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\PBNLV2\Cache\skin.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\PBNLV2\Cache\skin1.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\PBNLV2\Cache\skin2.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\PBNLV2\Cache\skin3.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\PBNLV2\Cache\skin4.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\PBNLV2\Cache\skin5.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\PBNLV2\Cache\store.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\PBNLV2\Cache\style.css (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\PBNLV2\Cache\support.bmp (Adware.2020search) -> Quarantined and deleted successfully.
c:\program files\dynamic toolbar\PBNLV2\Cache\ticker.xml (Adware.2020search) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\wsnpoem\audio.dll (Trojan.Agent) -> Delete on reboot.
c:\WINDOWS\system32\wsnpoem\video.dll (Trojan.Agent) -> Delete on reboot.
c:\documents and settings\jacqueline oudman\local settings\Temp\60325cahp25ca0.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Adobeh.exe (Backdoor.Bot) -> Delete on reboot.
C:\WINDOWS\system32\ntos.exe (Backdoor.Bot) -> Delete on reboot.