Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.orgDatabase version: 5571
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
1/22/2011 4:10:25 PM
mbam-log-2011-01-22 (16-10-25).txt
Scan type: Full scan (C:\|D:\|E:\|)
Objects scanned: 505406
Time elapsed: 2 hour(s), 55 minute(s), 47 second(s)
Memory Processes Infected: 1
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 2
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 4
Memory Processes Infected:
c:\documents and settings\greg ellis.pc139818592325\application data\microsoft\conhost.exe (Trojan.Agent) -> 18300 -> Unloaded process successfully.
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\conhost (Trojan.Agent) -> Value: conhost -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\load (Trojan.Agent) -> Value: load -> Delete on reboot.
Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Load (Trojan.Agent) -> Bad: (C:\DOCUME~1\GREGEL~1.PC1\LOCALS~1\Temp\csrss.exe) Good: () -> Quarantined and deleted successfully.
Folders Infected:
(No malicious items detected)
Files Infected:
c:\documents and settings\greg ellis\application data\Mozilla\Firefox\Profiles\euby6z0j.default\yoono\yoono_running_commands.log (Trojan.Zbot) -> Quarantined and deleted successfully.
c:\documents and settings\greg ellis.pc139818592325\local settings\Temp\28B.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
c:\documents and settings\greg ellis.pc139818592325\application data\microsoft\conhost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\documents and settings\greg ellis.pc139818592325\local settings\Temp\csrss.exe (Trojan.Agent) -> Delete on reboot.