Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Databaseversie: 4422

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

12/08/2010 18:54:03
mbam-log-2010-08-12 (18-54-03).txt

Scantype: Volledige scan (C:\|)
Objecten gescand: 172877
Verstreken tijd: 1 uur/uren, 14 minuut/minuten, 52 seconde(n)

Geheugenprocessen geīnfecteerd: 0
Geheugenmodulen geīnfecteerd: 0
Registersleutels geīnfecteerd: 19
Registerwaarden geīnfecteerd: 2
Registerdata geīnfecteerd: 0
Mappen geīnfecteerd: 4
Bestanden geīnfecteerd: 33

Geheugenprocessen geīnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geīnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geīnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e3e4b70e-ae2b-d84c-5a45-1286fecb56d6} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e3e4b70e-ae2b-d84c-5a45-1286fecb56d6} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{8b2c7c9d-716d-4e9e-9358-b9c80a81b7ed} (Adware.Adparatus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{a3ed2449-e049-4ab9-a059-dd0f9ba1ba44} (Adware.ShoppingGuard) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8b2c7c9d-716d-4e9e-9358-b9c80a81b7ed} (Adware.Adparatus) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{a3ed2449-e049-4ab9-a059-dd0f9ba1ba44} (Adware.ShoppingGuard) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b67544a0-d1ac-4c74-8d28-1e3421cffb77} (Adware.ShoppingGuard) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e3e4b70e-ae2b-d84c-5a45-1286fecb56d6} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4c93321a-3b77-440a-acd5-b4e15e83eb63} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{4c93321a-3b77-440a-acd5-b4e15e83eb63} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4c93321a-3b77-440a-acd5-b4e15e83eb63} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{4c93321b-3b77-440a-acd5-b4e15e83eb63} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{4c93321b-3b77-440a-acd5-b4e15e83eb63} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4c93321b-3b77-440a-acd5-b4e15e83eb63} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4c93321b-3b77-440a-acd5-b4e15e83eb63} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\esafe.shpsafe (Adware.ShoppingGuard) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\esafe.shpsafe.1 (Adware.ShoppingGuard) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\IEBarProperties (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ESENT\Process\Adparatus (Adware.Adparatus) -> Quarantined and deleted successfully.

Registerwaarden geīnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{4c93321a-3b77-440a-acd5-b4e15e83eb63} (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4c93321a-3b77-440a-acd5-b4e15e83eb63} (Adware.Mirar) -> Quarantined and deleted successfully.

Registerdata geīnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Mappen geīnfecteerd:
C:\Documents and Settings\Computer\Application Data\shoppinguard.com (Adware.ShoppingGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\Computer\Application Data\shoppinguard.com\shoppinguard (Adware.ShoppingGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\Computer\Application Data\shoppinguard.com\shoppinguard\rprt (Adware.ShoppingGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\Computer\Application Data\shoppinguard.com\shoppinguard\wa11 (Adware.ShoppingGuard) -> Quarantined and deleted successfully.

Bestanden geīnfecteerd:
C:\WINDOWS\system32\27bf27ff.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\Documents and Settings\Computer\Local Settings\Temp\1.exe (Adware.GabPath) -> Quarantined and deleted successfully.
C:\Documents and Settings\Computer\Local Settings\Temp\3.exe (Adware.TangoBar) -> Quarantined and deleted successfully.
C:\Documents and Settings\Computer\Local Settings\Temp\shpngrd.exe (Adware.ShoppingGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\Computer\Local Settings\Temp\stub-9945.exe (Adware.Adparatus) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{83C9B32E-4D2A-47AB-B003-F4308D221497}\RP169\A0036194.dll (Adware.SpaceQuery) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{83C9B32E-4D2A-47AB-B003-F4308D221497}\RP169\A0036195.exe (Adware.SpaceQuery) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{83C9B32E-4D2A-47AB-B003-F4308D221497}\RP170\A0037267.exe (Adware.SpaceQuery) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{83C9B32E-4D2A-47AB-B003-F4308D221497}\RP171\A0037274.exe (Adware.SpaceQuery) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{83C9B32E-4D2A-47AB-B003-F4308D221497}\RP174\A0037406.dll (Adware.SpaceQuery) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{83C9B32E-4D2A-47AB-B003-F4308D221497}\RP182\A0037659.exe (Adware.SpaceQuery) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{83C9B32E-4D2A-47AB-B003-F4308D221497}\RP182\A0037672.exe (Adware.SpaceQuery) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{83C9B32E-4D2A-47AB-B003-F4308D221497}\RP186\A0037859.exe (Adware.SpaceQuery) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{83C9B32E-4D2A-47AB-B003-F4308D221497}\RP186\A0037864.exe (Adware.SpaceQuery) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{83C9B32E-4D2A-47AB-B003-F4308D221497}\RP189\A0038074.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{83C9B32E-4D2A-47AB-B003-F4308D221497}\RP190\A0038113.exe (Adware.Adparatus) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{83C9B32E-4D2A-47AB-B003-F4308D221497}\RP190\A0038114.dll (Adware.Adparatus) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{83C9B32E-4D2A-47AB-B003-F4308D221497}\RP190\A0038115.dll (Adware.Adparatus) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{83C9B32E-4D2A-47AB-B003-F4308D221497}\RP190\A0038118.dll (Adware.Adparatus) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{83C9B32E-4D2A-47AB-B003-F4308D221497}\RP190\A0038119.dll (Adware.Adparatus) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{83C9B32E-4D2A-47AB-B003-F4308D221497}\RP192\A0039732.dll (Adware.ShoppingGuard) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{83C9B32E-4D2A-47AB-B003-F4308D221497}\RP192\A0039728.dll (Adware.ShoppingGuard) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{83C9B32E-4D2A-47AB-B003-F4308D221497}\RP192\A0039729.dll (Adware.ShoppingGuard) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{83C9B32E-4D2A-47AB-B003-F4308D221497}\RP192\A0039730.dll (Adware.ShoppingGuard) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{83C9B32E-4D2A-47AB-B003-F4308D221497}\RP192\A0039731.dll (Adware.ShoppingGuard) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{83C9B32E-4D2A-47AB-B003-F4308D221497}\RP192\A0039733.exe (Adware.ShoppingGuard) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{83C9B32E-4D2A-47AB-B003-F4308D221497}\RP192\A0039736.exe (Adware.SpaceQuery) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{83C9B32E-4D2A-47AB-B003-F4308D221497}\RP193\A0039816.exe (Adware.Adparatus) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{83C9B32E-4D2A-47AB-B003-F4308D221497}\RP193\A0039826.exe (Adware.SpaceQuery) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\3a78.dll (Adware.Mirar) -> Quarantined and deleted successfully.
C:\WINDOWS\Temp\SPA2.tmp\upgrade.exe (Adware.Zwangi) -> Quarantined and deleted successfully.
C:\Documents and Settings\Computer\Application Data\shoppinguard.com\shoppinguard\wa11\webAtrbts.tat (Adware.ShoppingGuard) -> Quarantined and deleted successfully.
C:\Documents and Settings\Computer\Application Data\shoppinguard.com\shoppinguard\wa11\webAtrbts.ttr (Adware.ShoppingGuard) -> Quarantined and deleted successfully.