Malwarebytes' Anti-Malware 1.39
Database versie: 2488
Windows 5.1.2600 Service Pack 3

24-7-2009 12:57:44
mbam-log-2009-07-24 (12-57-44).txt

Scan type: Snelle Scan
Objecten gescand: 84025
Verstreken tijd: 2 minute(s), 46 second(s)

Geheugenprocessen geīnfecteerd: 2
Geheugenmodulen geīnfecteerd: 0
Registersleutels geīnfecteerd: 4
Registerwaarden geīnfecteerd: 4
Registerdata bestanden geīnfecteerd: 0
Mappen geīnfecteerd: 0
Bestanden geīnfecteerd: 19

Geheugenprocessen geīnfecteerd:
c:\WINDOWS\pp10.exe (Worm.KoobFace) -> Unloaded process successfully.
c:\WINDOWS\ld12.exe (Worm.KoobFace) -> Unloaded process successfully.

Geheugenmodulen geīnfecteerd:
(Geen kwaadaardige items gevonden)

Registersleutels geīnfecteerd:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\glaide32 (Rootkit.Rustok) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sfx (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sfx (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\sfxdrv (Rootkit.Agent) -> Quarantined and deleted successfully.

Registerwaarden geīnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\pp (Worm.KoobFace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sysldtray (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\sfx (Rootkit.Agent) -> Quarantined and deleted successfully.

Registerdata bestanden geīnfecteerd:
(Geen kwaadaardige items gevonden)

Mappen geīnfecteerd:
(Geen kwaadaardige items gevonden)

Bestanden geīnfecteerd:
c:\WINDOWS\pp10.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\svdbh.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\smits\local settings\temporary internet files\Content.IE5\6T1NAXX2\foyzdquv[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\smits\local settings\temporary internet files\Content.IE5\6T1NAXX2\vssxkxogg[2].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\smits\local settings\temporary internet files\Content.IE5\HNPHI032\eaobp[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\smits\local settings\temporary internet files\Content.IE5\HNPHI032\pp.10[1].exe (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\documents and settings\smits\local settings\temporary internet files\Content.IE5\HNPHI032\tzmna[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\smits\local settings\temporary internet files\Content.IE5\HNPHI032\vfsgxkbpt[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\smits\local settings\temporary internet files\Content.IE5\OC1NGG9Z\aasuper0[1].htm (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\documents and settings\smits\local settings\temporary internet files\Content.IE5\OC1NGG9Z\aasuper2[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\smits\local settings\temporary internet files\Content.IE5\RS7TNFT2\pdrv[1].exe (Worm.Koobface) -> Quarantined and deleted successfully.
c:\documents and settings\smits\local settings\temporary internet files\Content.IE5\RS7TNFT2\yvsfjx[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\glaide32.sys (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\ld12.exe (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\010112010146118114.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
c:\WINDOWS\0101120101464849.dat (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Program Files\sFX\sfX.sYs (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\sFX\SfX.DlL (Trojan.Agent) -> Quarantined and deleted successfully.
c:\WINDOWS\934fdfg34fgjf23 (Worm.KoobFace) -> Quarantined and deleted successfully.