Malwarebytes' Anti-Malware 1.31
Database versie: 1563
Windows 5.1.2600 Service Pack 2

28-12-2008 15:47:14
mbam-log-2008-12-28 (15-47-14).txt

Scan type: Snelle Scan
Objecten gescand: 55978
Verstreken tijd: 9 minute(s), 10 second(s)

Geheugenprocessen geīnfecteerd: 0
Geheugenmodulen geīnfecteerd: 7
Registersleutels geīnfecteerd: 11
Registerwaarden geīnfecteerd: 4
Registerdata bestanden geīnfecteerd: 7
Mappen geīnfecteerd: 0
Bestanden geīnfecteerd: 20

Geheugenprocessen geīnfecteerd:
(Geen kwaadaardige items gevonden)

Geheugenmodulen geīnfecteerd:
C:\WINDOWS\system32\bowagina.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\nonomaso.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\pebudeba.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\WINDOWS\system32\yisusasi.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\WINDOWS\system32\firovopa.dll (Trojan.Vundo) -> Delete on reboot.
c:\WINDOWS\system32\gefuvura.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\layepezo.dll (Trojan.Vundo) -> Delete on reboot.

Registersleutels geīnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f7c20329-7e6b-4554-b146-3effc51840e9} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{f7c20329-7e6b-4554-b146-3effc51840e9} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{f7c20329-7e6b-4554-b146-3effc51840e9} (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\browsingsoftware.pornpro_bho (Adware.PlayMP3Z-biz) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\browsingsoftware.pornpro_bho.1 (Adware.PlayMP3Z-biz) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b886c1f4-d1d3-45f5-f45e-75eb024320ac} (Adware.PlayMP3Z-biz) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.

Registerwaarden geīnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpma3d38e5d (Trojan.Vundo.H) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kuzojizuvi (Trojan.Vundo.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo) -> Delete on reboot.

Registerdata bestanden geīnfecteerd:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\bowagina.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\bowagina.dll  -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\bowagina.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\yisusasi.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\yisusasi.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo) -> Data: c:\windows\system32\firovopa.dll -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo) -> Data: system32\firovopa.dll -> Delete on reboot.

Mappen geīnfecteerd:
(Geen kwaadaardige items gevonden)

Bestanden geīnfecteerd:
C:\WINDOWS\system32\layepezo.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\ozepeyal.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yapafeju.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ujefapay.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yegusaso.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\osasugey.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
c:\WINDOWS\system32\yisusasi.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\nonomaso.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\pebudeba.dll (Trojan.Vundo.H) -> Delete on reboot.
C:\WINDOWS\system32\bowagina.dll (Trojan.Vundo.H) -> Delete on reboot.
c:\WINDOWS\system32\firovopa.dll (Trojan.Vundo) -> Delete on reboot.
c:\WINDOWS\system32\gefuvura.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\labesina.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\lofuwogi.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\misehebo.dll.tmp (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wimesabi.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\wipidahe.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\yotenodo.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Cookies\MM2048.DAT (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Cookies\MM256.DAT (Trojan.Agent) -> Quarantined and deleted successfully.