Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Databaseversie: 4084

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

9-5-2010 21:08:00
mbam-log-2010-05-09 (21-08-00).txt

Scantype: Snelle scan
Objecten gescand: 132203
Verstreken tijd: 12 minuut/minuten, 21 seconde(n)

Geheugenprocessen geīnfecteerd: 1
Geheugenmodulen geīnfecteerd: 0
Registersleutels geīnfecteerd: 27
Registerwaarden geīnfecteerd: 2
Registerdata geīnfecteerd: 2
Mappen geīnfecteerd: 13
Bestanden geīnfecteerd: 78

Geheugenprocessen geīnfecteerd:
C:\Documents and Settings\Carla\Local Settings\Temp\149.exe (Trojan.Dropper) -> Unloaded process successfully.

Geheugenmodulen geīnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geīnfecteerd:
HKEY_CLASSES_ROOT\cscrptxt.cscrptxt (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cscrptxt.cscrptxt.1.0 (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{38061edc-40bb-4618-a8da-e56353347e6d} (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\{a9722a0d-365f-47d2-b70b-37d046316d99} (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e0ec6fba-f009-3535-95d6-b6390db27da1} (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\M5T8QL3YW3 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Desktop Security 2010 (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Desktop Security 2010 (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ezLife (Adware.EZlife) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ezLife (Adware.EzLife) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\ezLife (Adware.EzLife) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Smart-Ads-Solutions (Adware.SmartAds) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Smart-Ads-Solutions (Adware.SmartAds) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Smart-Ads-Solutions (Adware.SmartAds) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\net (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\idid (Trojan.Sasfix) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\adshothlpr.adshothlpr (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\adshothlpr.adshothlpr.1.0 (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\adhlpr.adhlpr (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\adhlpr.adhlpr.1.0 (Adware.Adrotator) -> Quarantined and deleted successfully.

Registerwaarden geīnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\12cfg214-k641-12sf-n85p (Worm.Autorun.B) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Trojan.Agent) -> Delete on reboot.

Registerdata geīnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Mappen geīnfecteerd:
C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Smart-Ads-Solutions (Adware.SmartAds) -> Quarantined and deleted successfully.
C:\Program Files\Smart-Ads-Solutions\SmartAds (Adware.SmartAds) -> Quarantined and deleted successfully.
C:\Program Files\Smart-Ads-Solutions\SmartAds\1.5.5.0 (Adware.SmartAds) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Application Data\Smart-Ads-Solutions (Adware.SmartAds) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Application Data\Smart-Ads-Solutions\SmartAds (Adware.SmartAds) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Application Data\ezLife (Adware.EzLife) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Application Data\ezLife\ezLife (Adware.EzLife) -> Quarantined and deleted successfully.
C:\Program Files\ezLife (Adware.EzLife) -> Quarantined and deleted successfully.
C:\Program Files\ezLife\ezLife (Adware.EzLife) -> Quarantined and deleted successfully.
C:\Program Files\ezLife\ezLife\1.5.5.0 (Adware.EzLife) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Menu Start\Programma's\Desktop Security 2010 (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Application Data\Desktop Security 2010 (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully.

Bestanden geīnfecteerd:
C:\Documents and Settings\Carla\Local Settings\Temp\149.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
C:\lsass.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-0746173586-2682570833-887195671-7281\mgrls32.exe (Worm.Autorun.B) -> Delete on reboot.
C:\WINDOWS\system32\regedit.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\hsnsd.sys (Rootkit.Agent) -> Delete on reboot.
C:\Documents and Settings\Carla\Local Settings\Temp\nrktcvy.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\odyot.exe (Rogue.AntispywareSoft) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\Ywb.exe (Trojan.Fraudpack) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\tyysqcc .exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\396.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\423.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\472.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\473.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\7b99a034.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\813.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\879.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\925.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\530.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\621.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\690.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\mcillbuu .exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\065.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\151.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\199.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\278.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\320.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\asxwemcnro.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\awkvrft.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\imiyus.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\khvcol .exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temporary Internet Files\Content.IE5\21LPLX2G\rvqxfn[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temporary Internet Files\Content.IE5\784LWO59\msall[1].data (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temporary Internet Files\Content.IE5\784LWO59\rvqxfn[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temporary Internet Files\Content.IE5\784LWO59\loaderadv600[1].exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temporary Internet Files\Content.IE5\CSFX9ZHD\fjnvpk[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temporary Internet Files\Content.IE5\FCYWHKDQ\gotnewupdate000[1].exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temporary Internet Files\Content.IE5\FCYWHKDQ\pr3xy[1].data (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temporary Internet Files\Content.IE5\FCYWHKDQ\loaderadv600[1].exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temporary Internet Files\Content.IE5\FTD15L90\fwevpovto[1].htm (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temporary Internet Files\Content.IE5\FTD15L90\imwaic[1].htm (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temporary Internet Files\Content.IE5\FTD15L90\imwaic[2].htm (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temporary Internet Files\Content.IE5\GSKG76SR\pr3xy[1].data (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temporary Internet Files\Content.IE5\GSKG76SR\kkemu[1].htm (Rogue.AntispywareSoft) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temporary Internet Files\Content.IE5\QMA46A1E\hypwhc[2].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temporary Internet Files\Content.IE5\QMA46A1E\pr3xy[2].data (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temporary Internet Files\Content.IE5\QMA46A1E\kkemu[2].htm (Rogue.AntispywareSoft) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temporary Internet Files\Content.IE5\WCD8G90X\hypwhc[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Smart-Ads-Solutions\SmartAds\1.5.5.0\uninstall.exe (Adware.SmartAds) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Application Data\ezLife\ezLife\log.xml (Adware.EzLife) -> Quarantined and deleted successfully.
C:\Program Files\ezLife\ezLife\1.5.5.0\uninstall.exe (Adware.EzLife) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Menu Start\Programma's\Desktop Security 2010\Activate Desktop Security 2010.lnk (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Menu Start\Programma's\Desktop Security 2010\Desktop Security 2010.lnk (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Menu Start\Programma's\Desktop Security 2010\Help Desktop Security 2010.lnk (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Menu Start\Programma's\Desktop Security 2010\How to Activate Desktop Security 2010.lnk (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Application Data\Desktop Security 2010\Desktop Security 2010.exe (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Application Data\Desktop Security 2010\mfc71.dll (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Application Data\Desktop Security 2010\MFC71ENU.DLL (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Application Data\Desktop Security 2010\msvcp71.dll (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Application Data\Desktop Security 2010\msvcr71.dll (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Application Data\Desktop Security 2010\securitycenter.exe (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Application Data\Desktop Security 2010\securityhelper.exe (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Application Data\Desktop Security 2010\taskmgr.dll (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Application Data\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Bureaublad\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Menu Start\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
C:\WINDOWS\cidrive32.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\js.mui (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Menu Start\Programma's\Desktop Security 2010.LNK (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Application Data\Microsoft\Internet Explorer\Quick Launch\Desktop Security 2010.LNK (Rogue.DesktopSecurity2010) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\wrfwe_di.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\wmpscfgs.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Internet Explorer\wmpscfgs.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\test.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\Local Settings\Temp\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Carla\oashdihasidhasuidhiasdhiashdiuasdhasd (Malware.Trace) -> Quarantined and deleted successfully.