b.exe and trojandownloader in my computer

Archive
1

Hi.

 

It seems that somehow i got the b.exe in my computer, ive been reading some posts, and think that i got it somewhat figured out on how to remove it.. I installed Hijackthis and Malwarebytes and did a full scan with the Malwarebytes and followed the steps to quarantine and delete the things found, im just not sure which files to fix on the HJT. I'm including my logs if anyone could help me and tell me which ones i have to fix and if theres any other programs that i have to dl to fix this.

 

thanks

 

sorry for some reason its not letting me attach the malwarebytes log.

 

Malwarebytes' Anti-Malware 1.39
Database version: 2491
Windows 6.0.6001 Service Pack 1

7/23/2009 7:52:16 PM
mbam-log-2009-07-23 (19-52-16).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 271779
Time elapsed: 1 hour(s), 1 minute(s), 15 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\ColdWare (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Monopod (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Monopod (Trojan.FakeAlert) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
c:\Windows\System32\msxml71.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
c:\Windows\SysWOW64\msxml71.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Windows\msa.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\msb.exe (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job (Trojan.FakeAlert) -> Quarantined and deleted successfully.