Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Database version: 3930 Windows 5.1.2600 Service Pack 2 (Safe Mode) Internet Explorer 6.0.2900.2180 4/25/2010 4:58:31 PM mbam-log-2010-04-25 (16-58-31).txt Scan type: Full scan (C:\|D:\|H:\|) Objects scanned: 316472 Time elapsed: 1 hour(s), 11 minute(s), 4 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 3 Registry Values Infected: 1 Registry Data Items Infected: 1 Folders Infected: 0 Files Infected: 10 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Paladin Antivirus (Rogue.PaladinAntivirus) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Malware Defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\protect (Rootkit.Agent) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\userini (Trojan.Agent) -> Quarantined and deleted successfully. Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr (Hijack.TaskManager) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: C:\Documents and Settings\Fuc-Q\Local Settings\Temp\PRAGMA2c5.tmp (Trojan.Agent) -> Quarantined and deleted successfully. H:\Programs\camtasia\keygen.exe (Malware.Tool) -> Quarantined and deleted successfully. H:\Programs\NOD\ESS_BE_v3.0667+Crack\Patch2050 V2.exe (Trojan.Killav) -> Quarantined and deleted successfully. C:\Documents and Settings\All Users\Application Data\fiosejgfse.dll (Rogue.Trace) -> Quarantined and deleted successfully. C:\Documents and Settings\Fuc-Q\Application Data\wiaservg.log (Malware.Trace) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\str.sys (Rootkit.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\secupdat.dat (Backdoor.Bot) -> Delete on reboot. C:\WINDOWS\Temp\wpv941272104728.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Fuc-Q\secupdat.dat (Worm.Autorun) -> Delete on reboot. C:\WINDOWS\system32\drivers\protect.sys (Rootkit.Agent) -> Quarantined and deleted successfully.