Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Databaseversjon: 4453

Windows 6.0.6001 Service Pack 1
Internet Explorer 7.0.6001.18000

21.08.2010 21:21:05
mbam-log-2010-08-21 (21-21-05).txt

Skanntype: Hurtigsøk
Objekter skannet: 150429
Tid tilbakelagt: 10 minutt(er), 26 sekund(er)

Minneprosesser infisert: 1
Minnemoduler infisert: 0
Registernøkler infisert: 16
Registerverdier infisert: 3
Registerfiler infisert: 0
Mapper infisert: 2
Filer infisert 24

Minneprosesser infisert:
C:\Users\19010HKMI2\AppData\Roaming\3A56C4F71E99CCA61B0F0B4FCFF2E307\newsecureapp70700.exe (Malware.Packer.Gen) -> Unloaded process successfully.

Minnemoduler infisert:
(Ingen skadelige objekter funnet)

Registernøkler infisert:
HKEY_CLASSES_ROOT\AppID\{84c3c236-f588-4c93-84f4-147b2abbe67b} (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{35a5b43b-cb8a-49ca-a9f4-d3b308d2e3cc} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{aa948c76-9fa6-4c59-aaa7-654ba1887b30} (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{aa948c76-9fa6-4c59-aaa7-654ba1887b30} (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{aa948c76-9fa6-4c59-aaa7-654ba1887b30} (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ca6704fb-6b46-4058-a797-befd9d378576} (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d6bdd1bd-c09f-4844-957b-b97bb3a912c5} (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{d6bdd1bd-c09f-4844-957b-b97bb3a912c5} (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d6bdd1bd-c09f-4844-957b-b97bb3a912c5} (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Antimalware Doctor Inc (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Antimalware Doctor (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Sky-Banners (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Street-Ads (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\$NtUninstallMTF1011$ (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Sky-Banners (Adware.Adrotator) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Street-Ads (Adware.Adrotator) -> Quarantined and deleted successfully.

Registerverdier infisert:
HKEY_CURRENT_USER\Environment\evapp (Rogue.Antivir2010) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Environment\evuninst (Rogue.Antivir2010) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Worm.Palevo) -> Delete on reboot.

Registerfiler infisert:
(Ingen skadelige objekter funnet)

Mapper infisert:
C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811 (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\$NtUninstallMTF1011$ (Adware.Adrotator) -> Quarantined and deleted successfully.

Filer infisert
C:\Users\19010HKMI2\AppData\Roaming\3A56C4F71E99CCA61B0F0B4FCFF2E307\newsecureapp70700.exe (Malware.Packer.Gen) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\vsbntlo.exe (Worm.Autorun.B) -> Quarantined and deleted successfully.
C:\Users\19010HKMI2\AppData\Local\Temp\564304.exe (Backdoor.Agent) -> Quarantined and deleted successfully.
C:\Users\19010HKMI2\AppData\Local\Temp\5E28.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\19010HKMI2\AppData\Local\Temp\5E47.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\19010HKMI2\AppData\Local\Temp\5F31.tmp (Rootkit.Dropper) -> Quarantined and deleted successfully.
C:\Users\19010HKMI2\AppData\Local\Temp\eqhff.exe (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully.
C:\Users\19010HKMI2\AppData\Local\Temp\lqrog.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\19010HKMI2\AppData\Local\Temp\mkcxhunr.exe (Trojan.FakeAlert.Gen) -> Quarantined and deleted successfully.
C:\Users\19010HKMI2\AppData\Local\Temp\nlweuqi.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\19010HKMI2\AppData\Local\Temp\roynhcm.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\19010HKMI2\AppData\Local\Temp\unqo.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Users\19010HKMI2\AppData\Local\Temp\wtpvaae.exe (Adware.Bho) -> Quarantined and deleted successfully.
C:\Users\19010HKMI2\AppData\Local\Temp\xjhjqiu.exe (Adware.Bho) -> Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-0243936033-3052116371-381863308-1811\Desktop.ini (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\$NtUninstallMTF1011$\apUninstall.exe (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\Windows\$NtUninstallMTF1011$\mmduch.dll (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\Windows\$NtUninstallMTF1011$\mmx.dll (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\Windows\$NtUninstallMTF1011$\zrpt.xml (Adware.Adrotator) -> Quarantined and deleted successfully.
C:\Users\19010HKMI2\AppData\Roaming\ohydy.exe (Worm.Palevo) -> Delete on reboot.
C:\Users\19010HKMI2\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
C:\lsass.exe (Trojan.Agent) -> Delete on reboot.
C:\Users\19010HKMI2\AppData\Roaming\Microsoft\Windows\Start Menu\Antimalware Doctor.lnk (Rogue.AntimalwareDoctor) -> Quarantined and deleted successfully.
C:\Users\19010HKMI2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk (Rogue.AntiMalwareDoctor) -> Quarantined and deleted successfully.