taskman virus

Malwarebytes' Anti-Malware 1.39
Database version: 2523
Windows 5.1.2600 Dodatek Service Pack 2

2009-08-11 14:05:06
mbam-log-2009-08-11 (14-05-06).txt

Scan type: Quick Scan
Objects scanned: 75090
Time elapsed: 3 minute(s), 20 second(s)

Memory Processes Infected: 4
Memory Modules Infected: 0
Registry Keys Infected: 12
Registry Values Infected: 4
Registry Data Items Infected: 0
Folders Infected: 2
Files Infected: 15

Memory Processes Infected:
C:\WINDOWS\system32\net.net (Trojan.Downloader) -> Unloaded process successfully.
C:\Documents and Settings\Olek\Ustawienia lokalne\Temp\osnwmarexc.tmp (Trojan.TDSS) -> Unloaded process successfully.
C:\Documents and Settings\Olek\Ustawienia lokalne\Temp\rasvsnet.tmp (Trojan.TDSS) -> Unloaded process successfully.
C:\WINDOWS\msa.exe (Trojan.Agent) -> Unloaded process successfully.

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\xml.xml (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{500bca15-57a7-4eaf-8143-8c619470b13d} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\xml.xml.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{e24211b3-a78a-c6a9-d317-70979ace5058} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\net (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Monopod (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\AV Care (Rogue.AVCare) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AV Care (Rogue.AVCare) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\NordBull (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\net (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\av care (Rogue.AVCare) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Monopod (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Documents and Settings\Olek\Menu Start\Programy\AV Care (Rogue.AVCare) -> Quarantined and deleted successfully.
C:\Program Files\AV Care (Rogue.AVCare) -> Quarantined and deleted successfully.

Files Infected:
C:\WINDOWS\system32\net.net (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Olek\Ustawienia lokalne\Temp\osnwmarexc.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\Documents and Settings\Olek\Ustawienia lokalne\Temp\rasvsnet.tmp (Trojan.TDSS) -> Quarantined and deleted successfully.
C:\Program Files\AV Care\AVCare.exe (Rogue.AVCare) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\msxml71.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\documents and settings\Olek\menu start\Programy\AV Care\AV Care.lnk (Rogue.AVCare) -> Quarantined and deleted successfully.
c:\program files\AV Care\avc.ico (Rogue.AVCare) -> Quarantined and deleted successfully.
c:\program files\AV Care\AVCare.ini (Rogue.AVCare) -> Quarantined and deleted successfully.
c:\program files\AV Care\PP.exe (Rogue.AVCare) -> Quarantined and deleted successfully.
c:\program files\AV Care\Uninstall.exe (Rogue.AVCare) -> Quarantined and deleted successfully.
C:\WINDOWS\msa.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\{BB65B0FB-5712-401b-B616-E69AC55E2757}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Olek\Ustawienia lokalne\Temp\b.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Olek\Pulpit\AV Care.lnk (Rogue.AVCare) -> Quarantined and deleted successfully.
C:\WINDOWS\Tasks\{7B02EF0B-A410-4938-8480-9BA26420A627}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

Malwarebytes' Anti-Malware 1.39
Database version: 2523
Windows 5.1.2600 Dodatek Service Pack 2

2009-08-11 14:08:28
mbam-log-2009-08-11 (14-08-28).txt

Scan type: Quick Scan
Objects scanned: 74678
Time elapsed: 1 minute(s), 34 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\taskman (Backdoor.Bot) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)