Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Databaseversie: 4195

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

13-6-2010 22:52:42
mbam-log-2010-06-13 (22-52-42).txt

Scantype: Snelle scan
Objecten gescand: 134130
Verstreken tijd: 8 minuut/minuten, 41 seconde(n)

Geheugenprocessen geīnfecteerd: 1
Geheugenmodulen geīnfecteerd: 1
Registersleutels geīnfecteerd: 8
Registerwaarden geīnfecteerd: 3
Registerdata geīnfecteerd: 4
Mappen geīnfecteerd: 3
Bestanden geīnfecteerd: 30

Geheugenprocessen geīnfecteerd:
C:\WINDOWS\Qrabeb.exe (Malware.Packer.Gen) -> Unloaded process successfully.

Geheugenmodulen geīnfecteerd:
c:\WINDOWS\system32\sshnas21.dll (Trojan.FakeAlert) -> Delete on reboot.

Registersleutels geīnfecteerd:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sshnas (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\M5T8QL3YW3 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\QZAIB7KITK (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\WEK9EMDHI9 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\YVIBBBHA8C (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{d08d9f98-1c78-4704-87e6-368b0023d831} (Adware.RelevantKnowledge) -> Quarantined and deleted successfully.

Registerwaarden geīnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\host (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\id (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Services\del (Malware.Trace) -> Quarantined and deleted successfully.

Registerdata geīnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Mappen geīnfecteerd:
C:\Program Files\RelevantKnowledge (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Program Files\RelevantKnowledge\components (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Start\Programma's\RelevantKnowledge (Spyware.MarketScore) -> Quarantined and deleted successfully.

Bestanden geīnfecteerd:
C:\WINDOWS\Qrabeb.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\aYayTpdbj.dll (Rogue.VirusProtector) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wbem\grpconv.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hobby\Local Settings\Temp\And.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hobby\Local Settings\Temp\Qxh.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\WINDOWS\services.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\WINDOWS\Ahuvaa.exe (Trojan.FraudPack) -> Quarantined and deleted successfully.
C:\WINDOWS\Qrabea.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Program Files\RelevantKnowledge\chrome.manifest (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Program Files\RelevantKnowledge\install.rdf (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Program Files\RelevantKnowledge\MSVCP71.DLL (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Program Files\RelevantKnowledge\MSVCR71.DLL (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Program Files\RelevantKnowledge\rlls.dll (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Program Files\RelevantKnowledge\rlls64.dll (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Program Files\RelevantKnowledge\rloci.bin (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Program Files\RelevantKnowledge\rlph.dll (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Program Files\RelevantKnowledge\rlservice.exe (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Program Files\RelevantKnowledge\rlvknlg.exe (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Program Files\RelevantKnowledge\rlvknlg64.exe (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Program Files\RelevantKnowledge\rlxf.dll (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Program Files\RelevantKnowledge\components\rlxg.dll (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Start\Programma's\RelevantKnowledge\About RelevantKnowledge.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Start\Programma's\RelevantKnowledge\Privacy Policy and User License Agreement.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Start\Programma's\RelevantKnowledge\Support.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Menu Start\Programma's\RelevantKnowledge\Uninstall Instructions.lnk (Spyware.MarketScore) -> Quarantined and deleted successfully.
C:\Documents and Settings\Hobby\Application Data\wiaservg.log (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\sshnas21.dll (Trojan.FakeAlert) -> Delete on reboot.
C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\{8C3FDD81-7AE0-4605-A46A-2488B179F2A3}.job (Trojan.Downloader) -> Quarantined and deleted successfully.