Malwarebytes' Anti-Malware 1.46
www.malwarebytes.orgDatabase version: 4281
Windows 5.1.2600 Service Pack 2
Internet Explorer 8.0.6001.18702
7/6/2010 3:46:33 AM
mbam-log-2010-07-06 (03-46-33).txt
Scan type: Quick scan
Objects scanned: 133168
Time elapsed: 8 minute(s), 54 second(s)
Memory Processes Infected: 2
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 4
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2
Memory Processes Infected:
C:\WINDOWS\cndrive32.exe (Backdoor.IRCBot) -> Failed to unload process.
C:\WINDOWS\system32\msvmiode.exe (Backdoor.Bot) -> Unloaded process successfully.
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\msodesnv7 (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\microsoft driver setup (Backdoor.IRCBot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\microsoft driver setup (Backdoor.IRCBot) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Trojan.Agent) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\msvmiode.exe (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
C:\WINDOWS\cndrive32.exe (Backdoor.IRCBot) -> Delete on reboot.