www.malwarebytes.org

Databaseversie: 4327

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

19-7-2010 23:27:01
mbam-log-2010-07-19 (23-27-01).txt

Scantype: Snelle scan
Objecten gescand: 150739
Verstreken tijd: 38 minuut/minuten, 19 seconde(n)

Geheugenprocessen geīnfecteerd: 1
Geheugenmodulen geīnfecteerd: 0
Registersleutels geīnfecteerd: 14
Registerwaarden geīnfecteerd: 1
Registerdata geīnfecteerd: 1
Mappen geīnfecteerd: 1
Bestanden geīnfecteerd: 3

Geheugenprocessen geīnfecteerd:
C:\Users\Ritesh\AppData\Roaming\0E6194C6214A53BAD5D03262E6439312\070700Setup.exe (Trojan.Agent.Gen) -> Unloaded process successfully.

Geheugenmodulen geīnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geīnfecteerd:
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\sexvid (Trojan.DNSChanger) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registerwaarden geīnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\070700setup.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.

Registerdata geīnfecteerd:
HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> Quarantined and deleted successfully.

Mappen geīnfecteerd:
C:\resycled (Trojan.DNSChanger) -> Quarantined and deleted successfully.

Bestanden geīnfecteerd:
C:\Users\Ritesh\AppData\Roaming\0E6194C6214A53BAD5D03262E6439312\070700Setup.exe (Trojan.Agent.Gen) -> Quarantined and deleted successfully.
C:\Users\Ritesh\AppData\Local\Temp\kt3q2svd5.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\ProgramData\sysReserve.ini (Malware.Trace) -> Quarantined and deleted successfully.