Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Database version: 8046 Windows 6.1.7601 Service Pack 1 Internet Explorer 9.0.8112.16421 10/30/2011 9:07:04 AM mbam-log-2011-10-30 (09-07-04).txt Scan type: Full scan (C:\|D:\|M:\|) Objects scanned: 911198 Time elapsed: 2 hour(s), 18 minute(s), 51 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 3 Registry Values Infected: 1 Registry Data Items Infected: 1 Folders Infected: 1 Files Infected: 21 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\IEXPLORE.EXE (Trojan.Dropper) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{I855C222-U023-8E46-PQ25-H0SDH8QOY56X} (Backdoor.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{I855C222-U023-8E46-PQ25-H0SDH8QOY56X} (Backdoor.Agent) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Policies (Backdoor.Agent) -> Value: Policies -> Quarantined and deleted successfully. Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (http://startsear.ch/?aff=3) Good: (http://www.google.com) -> Quarantined and deleted successfully. Folders Infected: c:\programdata\192837465 (Rogue.Multiple) -> Quarantined and deleted successfully. Files Infected: c:\poker\pbo\iexplore.exe (Trojan.Dropper) -> Quarantined and deleted successfully. c:\program files (x86)\IObit\game booster\iobit.game.booster.v2.3.0.113-patch.exe (PUP.Hacktool.Patcher) -> Not selected for removal. c:\program files (x86)\MegaDev\md-trainers\MT-X\mt-experience.exe (Trojan.AVKiller.Gen) -> Quarantined and deleted successfully. c:\Users\Rick\AppData\Local\Temp\1D7A.tmp (Trojan.Dropper) -> Quarantined and deleted successfully. c:\Users\Rick\AppData\Local\Temp\AD2B.tmp (Trojan.Dropper) -> Quarantined and deleted successfully. c:\Users\Rick\AppData\Local\Temp\CA7B.tmp (Trojan.Dropper) -> Quarantined and deleted successfully. c:\Users\Rick\Desktop\exclusions\black cipher.exe (Trojan.Agent) -> Not selected for removal. c:\Users\Rick\Desktop\exclusions\cnc generals zero hour +3 trainer\c&c generals zero hour +3 trainer.exe (HackTool.GamesCheat.Gen) -> Not selected for removal. c:\Users\Rick\Desktop\exclusions\company of heroes - tales of valor v2.601 + 8 trainer fix\company of heroes - tales of valor v2.601 + 8 trainer fix.exe (HackTool.GamesCheat) -> Not selected for removal. c:\Users\Rick\Desktop\exclusions\mtw2 trainer\chmed2trn.exe (Malware.Packer.as) -> Not selected for removal. c:\Users\Rick\Desktop\exclusions\mtw2 traineri 2\chmed2trn.exe (Malware.Packer.as) -> Not selected for removal. c:\Users\Rick\Desktop\exclusions\rtw trainer\pztrain.exe (Malware.Gen) -> Not selected for removal. c:\Users\Rick\Desktop\exclusions\skrillexmpgh\Skrillex.dll (Malware.Packer.T) -> Not selected for removal. c:\Users\Rick\Desktop\exclusions\Trainer\mw2 sp trainer v3 by koen.exe (HackTool.GamesCheat.Gen) -> Not selected for removal. c:\Users\Rick\Desktop\exclusions\zero hour v1.4 english plus3 trainer\c&c zero hour +3 trainer english v 1.4.exe (PUP.HackTool.HotKeysHook) -> Not selected for removal. c:\Users\Rick\Desktop\steam cracking\Tools\proxy finder enterprise v2.5\proxyfinderenterprise.exe (Worm.P2P) -> Not selected for removal. c:\Windows\System32\h4x0r.dll (HackTool.GamesCheat) -> Quarantined and deleted successfully. c:\Windows\SysWOW64\h4x0r.dll (HackTool.GamesCheat) -> Quarantined and deleted successfully. c:\Windows\System32\h@tkeysh@@k.dll (Trojan.Agent) -> Quarantined and deleted successfully. c:\Windows\SysWOW64\h@tkeysh@@k.dll (Trojan.Agent) -> Quarantined and deleted successfully. c:\Windows\install\winupdate.exe (Backdoor.Agent) -> Quarantined and deleted successfully.