One of my friend’s system got infected and I told him to scan with malwarebytes and the scan is result is here:
Malwarebytes’ Anti-Malware 1.41
Database version: 3174
Windows 5.1.2600 Service Pack 3
11/16/2009 9:56:33 AM
mbam-log-2009-11-16 (09-56-28).txt
Scan type: Quick Scan
Objects scanned: 101309
Time elapsed: 8 minute(s), 24 second(s)
Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 3
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 7
Memory Processes Infected:
C:\WINDOWS\winsvc32.exe (Spyware.Passwords) → No action taken.
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{6fd31ed6-7c94-4bbc-8e95-f927f4d3a949} (Adware.180Solutions) → No action taken.
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\msupdate (Rootkit.Agent) → No action taken.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\OLE\DRam prosessor (Trojan.Agent) → No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\DRam prosessor (Trojan.Agent) → No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\DRam prosessor (Backdoor.Bot) → No action taken.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\winsvc32.exe (Spyware.Passwords) → No action taken.
C:\dj4564.exe (Spyware.Passwords) → No action taken.
C:\dj4q4.exe (Spyware.Passwords) → No action taken.
C:\djkfvdasl.exe (Spyware.Passwords) → No action taken.
C:\trum.exe (Spyware.Passwords) → No action taken.
C:\WINDOWS\system32\winsvc32 .exe (Trojan.Downloader) → No action taken.
C:\WINDOWS\Temp\inlb.tmp (Trojan.Downloader) → No action taken.
Please tell me if it is safe to remove the malware!