Logs
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org
Database version: 5195
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
11/26/2010 9:50:57 PM
mbam-log-2010-11-26 (21-50-57).txt
Scan type: Quick scan
Objects scanned: 156256
Time elapsed: 5 minute(s), 22 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 6
Registry Values Infected: 0
Registry Data Items Infected: 2
Folders Infected: 4
Files Infected: 12
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\Software\IEBarProperties (Adware.Mirar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuestBrowser (Adware.QuestBrowser) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\QuestBrowser (Adware.QuestBrowser) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QuestBrowser Service (Adware.QuestBrowser) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{85bc0cb7-e967-4e2c-be92-fedd0a5d0a31} (Adware.Tango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{85bc0cb7-e967-4e2c-be92-fedd0a5d0a31} (Adware.Tango) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Search Bar (Hijack.SearchPage) -> Bad: (
http://www.tangosearch.com/?useie5=1&q=) Good: (
http://www.google.com) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Search Bar (Hijack.SearchPage) -> Bad: (
http://www.tangosearch.com/?useie5=1&q=) Good: (
http://www.google.com) -> Quarantined and deleted successfully.
Folders Infected:
C:\Program Files (x86)\Mozilla Firefox\extensions\{B9B81A55-9C8B-4FD5-B140-714613DED7B6} (Adware.QuestBrowser) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{B9B81A55-9C8B-4FD5-B140-714613DED7B6}\chrome (Adware.QuestBrowser) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{B9B81A55-9C8B-4FD5-B140-714613DED7B6}\defaults (Adware.QuestBrowser) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{B9B81A55-9C8B-4FD5-B140-714613DED7B6}\defaults\preferences (Adware.QuestBrowser) -> Quarantined and deleted successfully.
Files Infected:
C:\Users\Juan Felipe\Desktop\fff-ea208.exe (Trojan.Orsam) -> Quarantined and deleted successfully.
C:\Windows\System32\7b78.dll (Adware.Mirar) -> Quarantined and deleted successfully.
C:\Windows\System32\windpy32.rom (Trojan.Nebuler) -> Quarantined and deleted successfully.
C:\Windows\System32\winplk32.rom (Trojan.Nebuler) -> Quarantined and deleted successfully.
C:\Windows\System32\winvus32.rom (Trojan.Nebuler) -> Quarantined and deleted successfully.
C:\Users\Juan Felipe\downloads\keygen.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{B9B81A55-9C8B-4FD5-B140-714613DED7B6}\chrome.manifest (Adware.QuestBrowser) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{B9B81A55-9C8B-4FD5-B140-714613DED7B6}\install.rdf (Adware.QuestBrowser) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{B9B81A55-9C8B-4FD5-B140-714613DED7B6}\chrome\questbrowser.jar (Adware.QuestBrowser) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{B9B81A55-9C8B-4FD5-B140-714613DED7B6}\defaults\preferences\prefs.js (Adware.QuestBrowser) -> Quarantined and deleted successfully.
C:\Users\Public\Desktop\Streaming Music - MediaPass.lnk (Adware.Trace) -> Quarantined and deleted successfully.
C:\Windows\SysWOW64\7b78.dll (Adware.Tango) -> Quarantined and deleted successfully.