Malwarebytes' Anti-Malware 1.38
Database versie: 2358
Windows 5.1.2600 Service Pack 3

1/07/2009 20:37:14
mbam-log-2009-07-01 (20-37-14).txt

Scan type: Snelle Scan
Objecten gescand: 116954
Verstreken tijd: 11 minute(s), 39 second(s)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 27
Registerwaarden geïnfecteerd: 4
Registerdata bestanden geïnfecteerd: 2
Mappen geïnfecteerd: 9
Bestanden geïnfecteerd: 86

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registersleutels geïnfecteerd:
HKEY_CLASSES_ROOT\r456.r456mgr (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\r456.r456mgr.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f7d09218-46d7-4d3d-9b7f-315204cd0836} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e63648f7-3933-440e-b4f6-a8584dd7b7eb} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{86227d9c-0efe-4f8a-aa55-30386a3f5686} (Adware.ISTBar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4b18dd50-c996-44fc-ac52-0fecff82ed58} (Spyware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{90b5a95a-afd5-4d11-b9bd-a69d53d22226} (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7b4da536-747f-47ad-9767-2607b90ab2eb} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{dabf362d-d442-4402-9208-ca9ed70dd01e} (Adware.Advantage) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{5ac3a9ef-c0f8-41d4-b4e2-b7cebb794151} (Adware.Advantage) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{862def42-89aa-49fa-ae1f-8a84b1b08a17} (Adware.Advantage) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f6e4845d-1d13-4bc0-942d-b9191524cc48} (Adware.Advantage) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{602d9049-b4ac-4a25-bf75-a9b54d747cba} (Adware.Advantage) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\nfr.sys (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\popcaploader.popcaploaderctrl2.1 (Adware.PopCap) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NFR (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\ControlSet001\Enum\Root\LEGACY_NFR.sys (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\nfr (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\ControlSet001\Services\nfr.sys (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\LEGACY_NFR (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\Root\LEGACY_NFR.sys (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\nfr (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\advantage (Adware.Vomba) -> Quarantined and deleted successfully.

Registerwaarden geïnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4e7bd74f-2b8d-469e-86bd-fd60bb9aae3a} (Adware.OneToolBar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\nfr (Trojan.Agent) -> Quarantined and deleted successfully.

Registerdata bestanden geïnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Mappen geïnfecteerd:
C:\Program Files\InetGet2 (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Program Files\WinPop (Adware.WinPop) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\Application Data\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\NewCfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\Application Data\bfgtoolbar (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\NewCfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
C:\Program Files\Advantage (Adware.Advantage) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\290750 (Trojan.BHO) -> Quarantined and deleted successfully.
C:\Program Files\websrvx (Trojan.Downloader) -> Quarantined and deleted successfully.

Bestanden geïnfecteerd:
c:\documents and settings\nadine\application data\bfgtoolbar\1.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\10.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\2.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\20off.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\3.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\4.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\5.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\6.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\7.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\8.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\9.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\action.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\atlantis.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\bfgtoolbarDLL.zip (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\bfgtoolbartb0500.cfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\bfg_greetings.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\card.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\COMBOSEARCH.acs (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\logo.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\mahjong.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\mygames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\mygamestoolbar.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\new.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\newgames.bmp22560187 (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\puzzle.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\puzzle.bmp20999906 (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\search.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\topten.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\webgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\nadine\application data\bfgtoolbar\word.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\1.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\10.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\2.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\20off.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\3.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\4.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\5.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\6.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\7.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\8.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\9.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\action.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\atlantis.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\bfgtoolbarDLL.zip (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\bfgtoolbartb0500.cfg (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\bfg_greetings.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\card.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\COMBOSEARCH.acs (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\logo.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\mahjong.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\mygames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\mygamestoolbar.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\new.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\newgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\puzzle.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\search.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\topten.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\webgames.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\documents and settings\reneke\application data\bfgtoolbar\word.bmp (Adware.OneToolBar) -> Quarantined and deleted successfully.
c:\program files\advantage\TR.dll (Adware.Advantage) -> Quarantined and deleted successfully.
c:\program files\websrvx\upx.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\msmark2.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\t55ft2631f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\t55ft2783f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\t55ft2788f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\t55ft2789f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\t55ft2790f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\t55ft2799f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\t55ft2800f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\t55ft2806f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\t55ft2807f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\t55ft3223f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\t55ft3508f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\t55ft3533f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\t55ft3928f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\t55ft3949f44.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\nfr.dll.assembly (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\f5087.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\WINDOWS\f23567.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\WINDOWS\b4657.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\sonce122710.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\sonce122713.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\sonce122727.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\sonce122739.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\sonce123198.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\nl10.exe (Trojan.Agent) -> Quarantined and deleted successfully.