Malwarebytes' Anti-Malware 1.42 Database version: 3410 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 12/22/2009 3:43:38 PM mbam-log-2009-12-22 (15-43-28).txt Scan type: Quick Scan Objects scanned: 119848 Time elapsed: 2 minute(s), 36 second(s) Memory Processes Infected: 3 Memory Modules Infected: 0 Registry Keys Infected: 2 Registry Values Infected: 3 Registry Data Items Infected: 2 Folders Infected: 13 Files Infected: 88 Memory Processes Infected: C:\Users\Diane\AppData\Local\Temp\richtx64.exe (Rogue.Installer) -> No action taken. C:\Users\Diane\AppData\Local\Temp\clspackxq.exe (Rogue.Installer) -> No action taken. C:\Users\Diane\AppData\Local\Temp\wscsvc32.exe (Trojan.FakeAlert) -> No action taken. Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\H8SRT (Rootkit.TDSS) -> No action taken. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\antimalware (Rogue.AntiMalware) -> No action taken. Registry Values Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\richtx64.exe (Rogue.Installer) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\clspackxq.exe (Rogue.Installer) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antimalware (Trojan.FakeAlert) -> No action taken. Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> No action taken. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Good: (1) -> No action taken. Folders Infected: C:\ProgramData\MPK (Refog.Keylogger) -> No action taken. C:\ProgramData\MPK\1 (Refog.Keylogger) -> No action taken. C:\ProgramData\MPK\2 (Refog.Keylogger) -> No action taken. C:\ProgramData\MPK\3 (Refog.Keylogger) -> No action taken. C:\ProgramData\MPK\4 (Refog.Keylogger) -> No action taken. C:\ProgramData\MPK\CPDA (Refog.Keylogger) -> No action taken. C:\ProgramData\MPK\CPDM (Refog.Keylogger) -> No action taken. C:\ProgramData\MPK\REFOG Free Keylogger (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\English (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\Spanish (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Images (Refog.Keylogger) -> No action taken. Files Infected: C:\Users\Diane\AppData\Local\Temp\richtx64.exe (Rogue.Installer) -> No action taken. C:\Users\Diane\AppData\Local\Temp\clspackxq.exe (Rogue.Installer) -> No action taken. C:\Program Files (x86)\AntiMalware\antimalware.exe (Trojan.FakeAlert) -> No action taken. C:\Users\Diane\AppData\Local\Temp\dhdhtrdhdrtr5y (Rogue.Installer) -> No action taken. C:\Users\Diane\AppData\Local\Temp\H8SRTa61a.tmp (Trojan.FakeAlert) -> No action taken. C:\Users\Diane\AppData\Local\Temp\H8SRTb5d3.tmp (Trojan.FakeAlert) -> No action taken. C:\Users\Diane\AppData\Local\Temp\uac94fa.tmp (Trojan.FakeAlert) -> No action taken. C:\Users\Diane\AppData\Local\Temp\uac9661.tmp (Trojan.FakeAlert) -> No action taken. C:\Users\Diane\AppData\Local\Temp\uac97c8.tmp (Trojan.FakeAlert) -> No action taken. C:\Users\Diane\AppData\Local\Temp\wscsvc32.exe (Trojan.FakeAlert) -> No action taken. C:\Users\Lauren\downloads\update_for_media_player_(KB972036).exe (Trojan.Tracur) -> No action taken. C:\ProgramData\MPK\M0000 (Refog.Keylogger) -> No action taken. C:\ProgramData\MPK\S0000 (Refog.Keylogger) -> No action taken. C:\ProgramData\MPK\1\D0000 (Refog.Keylogger) -> No action taken. C:\ProgramData\MPK\1\S0000 (Refog.Keylogger) -> No action taken. C:\ProgramData\MPK\2\D0000 (Refog.Keylogger) -> No action taken. C:\ProgramData\MPK\2\S0000 (Refog.Keylogger) -> No action taken. C:\ProgramData\MPK\3\D0000 (Refog.Keylogger) -> No action taken. C:\ProgramData\MPK\3\S0000 (Refog.Keylogger) -> No action taken. C:\ProgramData\MPK\4\D0000 (Refog.Keylogger) -> No action taken. C:\ProgramData\MPK\4\S0000 (Refog.Keylogger) -> No action taken. C:\ProgramData\MPK\CPDM\cpfm.bin (Refog.Keylogger) -> No action taken. C:\ProgramData\MPK\REFOG Free Keylogger\Get discount!.lnk (Refog.Keylogger) -> No action taken. C:\ProgramData\MPK\REFOG Free Keylogger\Order now!.lnk (Refog.Keylogger) -> No action taken. C:\ProgramData\MPK\REFOG Free Keylogger\REFOG Free Keylogger on the Web.lnk (Refog.Keylogger) -> No action taken. C:\ProgramData\MPK\REFOG Free Keylogger\REFOG Free Keylogger.lnk (Refog.Keylogger) -> No action taken. C:\ProgramData\MPK\REFOG Free Keylogger\Uninstall REFOG Free Keylogger.lnk (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\French.lng (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\German.lng (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\icon_1.ico (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Mpk.dll (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\MPK.exe (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Mpk64.dll (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\MPK64.exe (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\MPKView.exe (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Romanian.lng (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Spanish.lng (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\sqlite3.dll (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\unins000.dat (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\unins000.exe (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\English\alarms.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\English\clipboard.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\English\computer.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\English\delivery.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\English\file.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\English\filters.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\English\imhelp.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\English\internet.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\English\invisible.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\English\keyboard.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\English\logging.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\English\log_size.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\English\need_update_net.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\English\password.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\English\programs.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\English\screenshot.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\English\settings_node.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\English\update.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\English\users_node.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\Spanish\alarms.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\Spanish\clipboard.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\Spanish\computer.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\Spanish\delivery.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\Spanish\filters.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\Spanish\internet.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\Spanish\invisible.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\Spanish\keyboard.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\Spanish\logging.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\Spanish\log_size.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\Spanish\password.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\Spanish\programs.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\Spanish\screenshot.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\Spanish\settings_node.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Help\Spanish\users_node.htm (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Images\english.gif (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Images\german.gif (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Images\russian.gif (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Images\vista_hide.bmp (Refog.Keylogger) -> No action taken. C:\Windows\System32\MPK\Images\xp_hide.bmp (Refog.Keylogger) -> No action taken. C:\ProgramData\Partner\partner.dll (Trojan.BHO) -> No action taken. C:\Program Files (x86)\AntiMalware\help.ico (Rogue.AntiMalware) -> No action taken. C:\Program Files (x86)\AntiMalware\malw.db (Rogue.AntiMalware) -> No action taken. C:\Program Files (x86)\AntiMalware\Uninstall.exe (Rogue.AntiMalware) -> No action taken. C:\Users\Diane\Desktop\AntiMalware Support.lnk (Rogue.AntiMalware) -> No action taken. C:\Users\Diane_2\Desktop\AntiMalware Support.lnk (Rogue.AntiMalware) -> No action taken. C:\Users\Lauren\Desktop\AntiMalware Support.lnk (Rogue.AntiMalware) -> No action taken. C:\Users\Tony\Desktop\AntiMalware Support.lnk (Rogue.AntiMalware) -> No action taken. C:\Program Files (x86)\AntiMalware\amext.dll (Rogue.AntiMalware) -> No action taken.