Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Databaseversie: 4770

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18943

7-10-2010 20:09:27
mbam-log-2010-10-07 (20-09-27).txt

Scantype: Snelle scan
Objecten gescand: 146557
Verstreken tijd: 9 minuut/minuten, 51 seconde(n)

Geheugenprocessen geīnfecteerd: 11
Geheugenmodulen geīnfecteerd: 2
Registersleutels geīnfecteerd: 2
Registerwaarden geīnfecteerd: 19
Registerdata geīnfecteerd: 0
Mappen geīnfecteerd: 0
Bestanden geīnfecteerd: 27

Geheugenprocessen geīnfecteerd:
C:\Users\Moniek Nouwens\AppData\Roaming\hotfix.exe (Trojan.FakeAlert) -> Unloaded process successfully.
C:\Users\Moniek Nouwens\AppData\Local\Temp\nepafe18qc.exe (Malware.Packer.Gen) -> Unloaded process successfully.
C:\Users\Moniek Nouwens\AppData\Local\Temp\nepafe18qc.exe (Malware.Packer.Gen) -> Unloaded process successfully.
C:\Users\Moniek Nouwens\AppData\Local\Temp\g6kcvhwyws.exe (Malware.Packer.Gen) -> Unloaded process successfully.
C:\Users\Moniek Nouwens\AppData\Local\Temp\system.exe (Trojan.Downloader) -> Unloaded process successfully.
C:\Users\Moniek Nouwens\AppData\Local\Temp\debug.exe (Trojan.Downloader) -> Unloaded process successfully.
C:\Users\Moniek Nouwens\AppData\Local\Temp\win.exe (Trojan.Downloader) -> Unloaded process successfully.
C:\Users\Moniek Nouwens\AppData\Local\Temp\win32.exe (Trojan.Downloader) -> Unloaded process successfully.
C:\Users\Moniek Nouwens\AppData\Local\Temp\csrss.exe (Trojan.Downloader) -> Unloaded process successfully.
C:\Users\Moniek Nouwens\AppData\Local\Temp\lsass.exe (Trojan.Downloader) -> Unloaded process successfully.
C:\Users\Moniek Nouwens\.COMMgr\complmgr.exe (Trojan.Agent) -> Unloaded process successfully.

Geheugenmodulen geīnfecteerd:
C:\Users\Moniek Nouwens\AppData\Local\Temp\gobz0a.dll (Trojan.Downloader) -> Delete on reboot.
C:\Users\Moniek Nouwens\AppData\Local\Temp\rriychr.dll (Trojan.Downloader) -> Delete on reboot.

Registersleutels geīnfecteerd:
HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.

Registerwaarden geīnfecteerd:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvrvpiejlnxo (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvhwqozkfgpnpb (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvrvpiejlzuk (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvhwqozkfgoezf (Malware.Packer.Gen) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvrvpiejlud (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvhwqozkfgrxe (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvrvpiejlhb (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvhwqozkfgnoc (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvrvpiejlqc (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvhwqozkfgsa (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvrvpiejlq+ (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvhwqozkfgspc (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvrvpiejlpe (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvhwqozkfgnyc (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvrvpiejlne (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvhwqozkfgpuc (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\com+ manager (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\shell (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\winid (Malware.Trace) -> Quarantined and deleted successfully.

Registerdata geīnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Mappen geīnfecteerd:
(Geen kwaadaardige objecten gedetecteerd)

Bestanden geīnfecteerd:
C:\Users\Moniek Nouwens\AppData\Roaming\hotfix.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Moniek Nouwens\AppData\Local\Temp\nepafe18qc.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\Moniek Nouwens\AppData\Local\Temp\gobz0a.dll (Trojan.Downloader) -> Delete on reboot.
C:\Users\Moniek Nouwens\AppData\Local\Temp\rriychr.dll (Trojan.Downloader) -> Delete on reboot.
C:\Users\Moniek Nouwens\AppData\Local\Temp\g6kcvhwyws.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\Moniek Nouwens\AppData\Local\Temp\system.exe (Trojan.Downloader) -> Delete on reboot.
C:\Users\Moniek Nouwens\AppData\Local\Temp\debug.exe (Trojan.Downloader) -> Delete on reboot.
C:\Users\Moniek Nouwens\AppData\Local\Temp\win.exe (Trojan.Downloader) -> Delete on reboot.
C:\Users\Moniek Nouwens\AppData\Local\Temp\win32.exe (Trojan.Downloader) -> Delete on reboot.
C:\Users\Moniek Nouwens\AppData\Local\Temp\csrss.exe (Trojan.Downloader) -> Delete on reboot.
C:\Users\Moniek Nouwens\AppData\Local\Temp\lsass.exe (Trojan.Downloader) -> Delete on reboot.
C:\Users\Moniek Nouwens\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\algdyw32.exe (Trojan.DOwnloader) -> Quarantined and deleted successfully.
C:\Users\Public\Documents\Windows\winhelp.exe (Rootkit.Agent.Gen) -> Quarantined and deleted successfully.
C:\Users\Moniek Nouwens\AppData\Local\Temp\dznsxm999q4jxbyn.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Moniek Nouwens\AppData\Local\Temp\gpowe.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\Moniek Nouwens\AppData\Local\Temp\dv1eqad2hs787ob.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\Moniek Nouwens\AppData\Local\Temp\lkhwo.exe (Trojan.DOwnloader) -> Quarantined and deleted successfully.
C:\Users\Moniek Nouwens\AppData\Local\Temp\tuhvc.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\Users\Moniek Nouwens\AppData\Local\Temp\~TM37E.tmp (Trojan.DOwnloader) -> Quarantined and deleted successfully.
C:\Users\Moniek Nouwens\AppData\Local\Temp\ppvijkl.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Users\Moniek Nouwens\AppData\Roaming\avdrn.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\Moniek Nouwens\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
C:\Users\Moniek Nouwens\AppData\Roaming\Microsoft\Windows\Start Menu\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
C:\Users\Public\Documents\Windows\Antimalware Doctor.lnk (Rogue.AntiMalwareDoctor) -> Quarantined and deleted successfully.
C:\Users\Moniek Nouwens\.COMMgr\complmgr.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Public\Documents\Server\admin.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\Users\Public\Documents\Server\server.dat (Malware.Trace) -> Delete on reboot.