Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Databaseversie: 7212

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

20-7-2011 18:42:00
mbam-log-2011-07-20 (18-42-00).txt

Scantype: Snelle scan
Objecten gescand: 182411
Verstreken tijd: 6 minuut/minuten, 3 seconde(n)

Geheugenprocessen geīnfecteerd: 3
Geheugenmodulen geīnfecteerd: 1
Registersleutels geīnfecteerd: 1
Registerwaarden geīnfecteerd: 3
Registerdata geīnfecteerd: 0
Mappen geīnfecteerd: 0
Bestanden geīnfecteerd: 29

Geheugenprocessen geīnfecteerd:
c:\Users\Tim\AppData\Roaming\dwm.exe (Backdoor.Cycbot) -> 4812 -> Unloaded process successfully.
c:\Users\Tim\AppData\Roaming\microsoft\conhost.exe (Trojan.Agent) -> 8096 -> Unloaded process successfully.
c:\Users\Tim\AppData\Local\Temp\csrss.exe (Trojan.Agent) -> 1104 -> Unloaded process successfully.

Geheugenmodulen geīnfecteerd:
c:\Users\Tim\AppData\Local\PIDBDBDU.dll (Trojan.Hiloti) -> Delete on reboot.

Registersleutels geīnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7} (Adware.Softomate) -> Quarantined and deleted successfully.

Registerwaarden geīnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Izidub (Trojan.Hiloti) -> Value: Izidub -> Delete on reboot.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\conhost (Trojan.Agent) -> Value: conhost -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell.Gen) -> Value: Shell -> Quarantined and deleted successfully.

Registerdata geīnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Mappen geīnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Bestanden geīnfecteerd:
c:\Users\Tim\AppData\Roaming\dwm.exe (Backdoor.Cycbot) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Local\PIDBDBDU.dll (Trojan.Hiloti) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Local\Temp\0.3278742217788113.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Local\Temp\CC7D.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Local\Temp\setup1033511136.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Local\Temp\setup1286196496.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Local\Temp\setup1319100144.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Local\Temp\setup1739811344.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Local\Temp\setup1848612752.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Local\Temp\setup1988056128.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Local\Temp\setup2241316304.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Local\Temp\setup2329648960.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Local\Temp\setup2484159648.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Local\Temp\setup2522582192.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Local\Temp\setup3042830496.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Local\Temp\setup3689661696.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Local\Temp\setup4159229696.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Local\Temp\setup719636192.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Local\Temp\setup73106352.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Local\Temp\setup890055664.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Tim\local settings\PIDBDBDU.dll (Trojan.Hiloti) -> Quarantined and deleted successfully.
c:\Users\Tim\local settings\application data\PIDBDBDU.dll (Trojan.Hiloti) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Roaming\microsoft\conhost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Local\Temp\csrss.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Roaming\chkntfs.dat (Malware.Trace) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Roaming\Adobe\shed\thr1.chm (Malware.Trace) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Roaming\Adobe\plugs\mmc179.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Roaming\Adobe\plugs\mmc545441053.txt (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
c:\Users\Tim\AppData\Roaming\Adobe\plugs\mmc57.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.