asking for help
i am sorry if this is the wrong place for this but i would like somebody to take a look at this:Code:Malwarebytes' Anti-Malware 1.37 Database version: 2182 Windows 5.1.2600 Service Pack 3 5/27/2009 6:30:59 PM mbam-log-2009-05-27 (18-30-59).txt Scan type: Quick Scan Objects scanned: 76620 Time elapsed: 3 minute(s), 6 second(s) Memory Processes Infected: 3 Memory Modules Infected: 0 Registry Keys Infected: 24 Registry Values Infected: 2 Registry Data Items Infected: 14 Folders Infected: 4 Files Infected: 25 Memory Processes Infected: C:\WINDOWS\system32\508.exe (Trojan.Agent) -> Unloaded process successfully. C:\WINDOWS\msa.exe (Trojan.Agent) -> Unloaded process successfully. C:\Documents and Settings\Default\Application Data\Microsoft\svchost.exe (Backdoor.Bot) -> Unloaded process successfully. Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ipfw (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ipfw (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ipfw (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\dnscache.dnscacheobj (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{1fd79a59-37b1-459b-9097-09f9fab8a523} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{b97f9125-71a1-48d0-b920-f140ef8de809} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{376892ae-1825-4e5f-9f85-23f9640051cc} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{376892ae-1825-4e5f-9f85-23f9640051cc} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{376892ae-1825-4e5f-9f85-23f9640051cc} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\dnscache.dnscacheobj.1 (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{b6ae55bf-4617-93ef-6ea4-4e52199ca591} (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\ip_fw (Trojan.Backdoor) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\ip_fw (Trojan.Backdoor) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ip_fw (Trojan.Backdoor) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Cognac (Rogue.Multiple) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\urlsearchhook.toolbarurlsearchhook.1 (Trojan.BHO) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\ColdWare (Malware.Trace) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Cognac (Trojan.FakeAlert) -> Quarantined and deleted successfully. Registry Data Items Infected: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.136,85.255.112.145 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1fb524b4-0e60-429e-a9d6-7adaf84b1993}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.136,85.255.112.145 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{aa4c4521-3ca8-4fef-bae3-df8ab94bc0e2}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.136,85.255.112.145 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{aa4c4521-3ca8-4fef-bae3-df8ab94bc0e2}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.136,85.255.112.145 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{c47c525a-6736-4d12-a1f4-9981118d0e3f}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.136,85.255.112.145 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.136,85.255.112.145 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{1fb524b4-0e60-429e-a9d6-7adaf84b1993}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.136,85.255.112.145 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{aa4c4521-3ca8-4fef-bae3-df8ab94bc0e2}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.136,85.255.112.145 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{aa4c4521-3ca8-4fef-bae3-df8ab94bc0e2}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.136,85.255.112.145 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{c47c525a-6736-4d12-a1f4-9981118d0e3f}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.136,85.255.112.145 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{1fb524b4-0e60-429e-a9d6-7adaf84b1993}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.136,85.255.112.145 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{aa4c4521-3ca8-4fef-bae3-df8ab94bc0e2}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.136,85.255.112.145 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{aa4c4521-3ca8-4fef-bae3-df8ab94bc0e2}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.136,85.255.112.145 -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\Tcpip\Parameters\Interfaces\{c47c525a-6736-4d12-a1f4-9981118d0e3f}\NameServer (Trojan.DNSChanger) -> Data: 85.255.112.136,85.255.112.145 -> Quarantined and deleted successfully. Folders Infected: c:\documents and settings\Default\Application Data\Privacy components (Rogue.PrivacyComponents) -> Quarantined and deleted successfully. c:\documents and settings\Default\application data\privacy components\dbases (Rogue.PrivacyComponents) -> Quarantined and deleted successfully. c:\documents and settings\Default\application data\privacy components\keys (Rogue.PrivacyComponents) -> Quarantined and deleted successfully. c:\documents and settings\Default\application data\privacy components\temp (Rogue.PrivacyComponents) -> Quarantined and deleted successfully. Files Infected: C:\WINDOWS\system32\508.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\avicodecpl.dll (Trojan.BHO) -> Quarantined and deleted successfully. C:\WINDOWS\system32\msxml71.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\WINDOWS\system32\7664.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\drivers\ip_fw.sys (Trojan.Backdoor) -> Quarantined and deleted successfully. c:\documents and settings\Default\application data\privacy components\dbases\cg.dat (Rogue.PrivacyComponents) -> Quarantined and deleted successfully. c:\documents and settings\Default\application data\privacy components\dbases\mw.dat (Rogue.PrivacyComponents) -> Quarantined and deleted successfully. c:\documents and settings\Default\application data\privacy components\dbases\rd.dat (Rogue.PrivacyComponents) -> Quarantined and deleted successfully. c:\documents and settings\Default\application data\privacy components\dbases\sc.dat (Rogue.PrivacyComponents) -> Quarantined and deleted successfully. c:\documents and settings\Default\application data\privacy components\dbases\sm.dat (Rogue.PrivacyComponents) -> Quarantined and deleted successfully. c:\documents and settings\Default\application data\privacy components\dbases\sp.dat (Rogue.PrivacyComponents) -> Quarantined and deleted successfully. c:\documents and settings\Default\application data\privacy components\keys\cg.key (Rogue.PrivacyComponents) -> Quarantined and deleted successfully. c:\documents and settings\Default\application data\privacy components\keys\rd.key (Rogue.PrivacyComponents) -> Quarantined and deleted successfully. c:\documents and settings\Default\application data\privacy components\keys\sc.key (Rogue.PrivacyComponents) -> Quarantined and deleted successfully. c:\documents and settings\Default\application data\privacy components\keys\sp.key (Rogue.PrivacyComponents) -> Quarantined and deleted successfully. c:\documents and settings\Default\application data\privacy components\temp\settings.ini (Rogue.PrivacyComponents) -> Quarantined and deleted successfully. c:\documents and settings\Default\application data\privacy components\temp\spfilter (Rogue.PrivacyComponents) -> Quarantined and deleted successfully. C:\Documents and Settings\Default\Application Data\Microsoft\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\msa.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job (Trojan.Downloader) -> Quarantined and deleted successfully. C:\WINDOWS\system32\nod64.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully. c:\WINDOWS\system32\gxvxcvuisvqrvuvjyyhipmmcxrnbdixmakeec.dll (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\gxvxcvybxilglmqsnmyspfwrphjkolwgwjyam.dll (Trojan.Agent) -> Quarantined and deleted successfully. c:\WINDOWS\system32\drivers\gxvxccoxejwpjppejupdxoihayijauhwroswl.sys (Trojan.Agent) -> Quarantined and deleted successfully.
