Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org
Database version: 8046
Windows 6.1.7601 Service Pack 1
Internet Explorer 9.0.8112.16421
10/30/2011 9:07:04 AM
mbam-log-2011-10-30 (09-07-04).txt
Scan type: Full scan (C:\|D:\|M:\|)
Objects scanned: 911198
Time elapsed: 2 hour(s), 18 minute(s), 51 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 1
Files Infected: 21
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IEXPLORE.EXE (Trojan.Dropper) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{I855C222-U023-8E46-PQ25-H0SDH8QOY56X} (Backdoor.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{I855C222-U023-8E46-PQ25-H0SDH8QOY56X} (Backdoor.Agent) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies (Backdoor.Agent) -> Value: Policies -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (http://startsear.ch/?aff=3) Good: (http://www.google.com) -> Quarantined and deleted successfully.
Folders Infected:
c:\programdata\192837465 (Rogue.Multiple) -> Quarantined and deleted successfully.
Files Infected:
c:\poker\pbo\iexplore.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\program files (x86)\IObit\game booster\iobit.game.booster.v2.3.0.113-patch.exe (PUP.Hacktool.Patcher) -> Not selected for removal.
c:\program files (x86)\MegaDev\md-trainers\MT-X\mt-experience.exe (Trojan.AVKiller.Gen) -> Quarantined and deleted successfully.
c:\Users\Rick\AppData\Local\Temp\1D7A.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Rick\AppData\Local\Temp\AD2B.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Rick\AppData\Local\Temp\CA7B.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
c:\Users\Rick\Desktop\exclusions\black cipher.exe (Trojan.Agent) -> Not selected for removal.
c:\Users\Rick\Desktop\exclusions\cnc generals zero hour +3 trainer\c&c generals zero hour +3 trainer.exe (HackTool.GamesCheat.Gen) -> Not selected for removal.
c:\Users\Rick\Desktop\exclusions\company of heroes - tales of valor v2.601 + 8 trainer fix\company of heroes - tales of valor v2.601 + 8 trainer fix.exe (HackTool.GamesCheat) -> Not selected for removal.
c:\Users\Rick\Desktop\exclusions\mtw2 trainer\chmed2trn.exe (Malware.Packer.as) -> Not selected for removal.
c:\Users\Rick\Desktop\exclusions\mtw2 traineri 2\chmed2trn.exe (Malware.Packer.as) -> Not selected for removal.
c:\Users\Rick\Desktop\exclusions\rtw trainer\pztrain.exe (Malware.Gen) -> Not selected for removal.
c:\Users\Rick\Desktop\exclusions\skrillexmpgh\Skrillex.dll (Malware.Packer.T) -> Not selected for removal.
c:\Users\Rick\Desktop\exclusions\Trainer\mw2 sp trainer v3 by koen.exe (HackTool.GamesCheat.Gen) -> Not selected for removal.
c:\Users\Rick\Desktop\exclusions\zero hour v1.4 english plus3 trainer\c&c zero hour +3 trainer english v 1.4.exe (PUP.HackTool.HotKeysHook) -> Not selected for removal.
c:\Users\Rick\Desktop\steam cracking\Tools\proxy finder enterprise v2.5\proxyfinderenterprise.exe (Worm.P2P) -> Not selected for removal.
c:\Windows\System32\h4x0r.dll (HackTool.GamesCheat) -> Quarantined and deleted successfully.
c:\Windows\SysWOW64\h4x0r.dll (HackTool.GamesCheat) -> Quarantined and deleted successfully.
c:\Windows\System32\h@tkeysh@@k.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\SysWOW64\h@tkeysh@@k.dll (Trojan.Agent) -> Quarantined and deleted successfully.
c:\Windows\install\winupdate.exe (Backdoor.Agent) -> Quarantined and deleted successfully.