Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Databaseversie: 4139

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

24-5-2010 20:54:06
mbam-log-2010-05-24 (20-54-06).txt

Scantype: Snelle scan
Objecten gescand: 132760
Verstreken tijd: 18 minuut/minuten, 25 seconde(n)

Geheugenprocessen geīnfecteerd: 0
Geheugenmodulen geīnfecteerd: 0
Registersleutels geīnfecteerd: 6
Registerwaarden geīnfecteerd: 3
Registerdata geīnfecteerd: 3
Mappen geīnfecteerd: 1
Bestanden geīnfecteerd: 65

Geheugenprocessen geīnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geīnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geīnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.

Registerwaarden geīnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\12cfg214-k641-12sf-n85p (Worm.Autorun.B) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\crntdll (Trojan.Witkinat) -> Delete on reboot.

Registerdata geīnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Mappen geīnfecteerd:
C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811 (Trojan.Agent) -> Quarantined and deleted successfully.

Bestanden geīnfecteerd:
C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Bureaublad\o.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-7269807375-0560219345-953600220-9183\mgrls32.exe (Worm.Autorun.B) -> Delete on reboot.
C:\WINDOWS\system32\wbem\grpconv.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\084.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\husu.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\608.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\610.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\617.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\698.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\770.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\waomsexcnr.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\wgvyd.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\gmfrxpgv.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\lurqjkle.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\mencrwsxoa.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\cwsexrmona.tmp (Trojan.Tracur) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\bohvby.exe (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\~TM27FB4A.TMP (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\~TM65.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\~TMAD.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\118.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\124.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\146.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\153.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\167.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\235.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\316.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\363.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\389.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\862.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\935.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\968.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\wpv041274198865.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\wpv101274465150.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\wpv471274465324.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\wpv971274198865.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temporary Internet Files\Content.IE5\5EBZ0JU8\rvqxfn[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temporary Internet Files\Content.IE5\5EBZ0JU8\rvqxfn[2].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temporary Internet Files\Content.IE5\5EBZ0JU8\yptozgozmu[1].htm (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temporary Internet Files\Content.IE5\5EBZ0JU8\yptozgozmu[2].htm (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temporary Internet Files\Content.IE5\5EBZ0JU8\yptozgozmu[3].htm (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temporary Internet Files\Content.IE5\D29XIMR5\hypwhc[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temporary Internet Files\Content.IE5\D29XIMR5\loaderadv600[2].exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temporary Internet Files\Content.IE5\D29XIMR5\wzdcjrp[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temporary Internet Files\Content.IE5\D29XIMR5\yptozgozmu[1].htm (Worm.KoobFace) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temporary Internet Files\Content.IE5\HO5QWQS8\wzdcjrp[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temporary Internet Files\Content.IE5\HO5QWQS8\hypwhc[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temporary Internet Files\Content.IE5\HO5QWQS8\rvqxfn[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temporary Internet Files\Content.IE5\K0FVDCN1\hypwhc[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temporary Internet Files\Content.IE5\K0FVDCN1\wzdcjrp[1].htm (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temporary Internet Files\Content.IE5\K0FVDCN1\gotnewupdate000[1].exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\nrktcvy.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\lsass.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\BN60.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\BN61.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\BN62.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\BN68.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Niels\Local Settings\Temp\BN69.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\wpv541274713497.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\smss.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\WORK.DAT (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wupd.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\wndrive32.exe (Backdoor.Bot) -> Delete on reboot.