no.1

Malwarebytes’ Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 6459

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

28/04/2011 01:17:29
mbam-log-2011-04-28 (01-17-29).txt

Scan type: Full scan (C:|D:|F:|)
Objects scanned: 331498
Time elapsed: 1 hour(s), 40 minute(s), 37 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 8
Registry Values Infected: 3
Registry Data Items Infected: 3
Folders Infected: 2
Files Infected: 7

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) → Quarantined and deleted successfully.
HKEY_USERS.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer{19127AD2-394B-70F5-C650-B97867BAA1F7} (Backdoor.Bot) → Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer{19127AD2-394B-70F5-C650-B97867BAA1F7} (Backdoor.Bot) → Quarantined and deleted successfully.
HKEY_USERS.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6} (Backdoor.Bot) → Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer{43BF8CD1-C5D5-2230-7BB2-98F22C2B7DC6} (Backdoor.Bot) → Quarantined and deleted successfully.
HKEY_USERS.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer{494E6CEC-7483-A4EE-0938-895519A84BC7} (Backdoor.Bot) → Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer{494E6CEC-7483-A4EE-0938-895519A84BC7} (Backdoor.Bot) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\net (Trojan.Agent) → Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run{A31421F1-598E-668D-E99F-9349AD022D52} (Trojan.ZbotR.Gen) → Value: {A31421F1-598E-668D-E99F-9349AD022D52} → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) → Value: UID → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\net (Trojan.Agent) → Value: net → Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) → Bad: (1) Good: (0) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) → Bad: (1) Good: (0) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\UserInit (Hijack.UserInit) → Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\sdra64.exe,) Good: (userinit.exe) → Quarantined and deleted successfully.

Folders Infected:
c:\winntse.bin (Trojan.SpyEyes) → Delete on reboot.
c:\WINDOWS\system32\lowsec (Stolen.data) → Quarantined and deleted successfully.

Files Infected:
c:\documents and settings\Joe\local settings\Temp\jar_cache52198.tmp (Trojan.FakeAlert) → Quarantined and deleted successfully.
c:\documents and settings\Joe\local settings\Temp\jar_cache9633.tmp (Spyware.Passwords.XGen) → Quarantined and deleted successfully.
c:\system volume information_restore{202550a8-7a33-4bca-9586-051d24ddbf8f}\rp363\a0055898.exe (Spyware.Passwords.XGen) → Quarantined and deleted successfully.
c:\winntse.bin\winntse.bin.exe (Spyware.Passwords.XGen) → Quarantined and deleted successfully.
c:\winntse.bin\config.bin (Trojan.SpyEyes) → Quarantined and deleted successfully.
c:\WINDOWS\system32\lowsec\local.ds (Stolen.data) → Quarantined and deleted successfully.
c:\WINDOWS\system32\lowsec\user.ds (Stolen.data) → Quarantined and deleted successfully.