Malwarebytes Anti-Malware 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.14.04 Windows 7 Service Pack 1 x64 NTFS (Safe Mode/Networking) Internet Explorer 9.0.8112.16421 AGGR :: AGGR-PC [administrator] 14/08/2012 17:51:47 mbam-log-2012-08-14 (17-51-47).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 234558 Time elapsed: 3 minute(s), 13 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Live Security Platinum (Trojan.LameShield) -> Quarantined and deleted successfully. Registry Values Detected: 1 HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce|7531CCA90007656902572789F875F002 (Trojan.LameShield) -> Data: C:\ProgramData\7531CCA90007656902572789F875F002\7531CCA90007656902572789F875F002.exe -> Quarantined and deleted successfully. Registry Data Items Detected: 3 HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully. HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully. HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully. Folders Detected: 1 C:\Users\AGGR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum (Rogue.LiveSecurityPlatinum) -> Quarantined and deleted successfully. Files Detected: 5 C:\ProgramData\7531CCA90007656902572789F875F002\7531CCA90007656902572789F875F002.exe (Trojan.LameShield) -> Quarantined and deleted successfully. C:\Users\AGGR\AppData\Roaming\adlgid.dll (Trojan.Midhos) -> Quarantined and deleted successfully. C:\Windows\Installer\{7004b603-e94d-68d7-2b3f-73c0c83db089}\U\00000001.@ (RootKit.0Access.H) -> Quarantined and deleted successfully. C:\Users\AGGR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Live Security Platinum\Live Security Platinum.lnk (Rogue.LiveSecurityPlatinum) -> Quarantined and deleted successfully. C:\Users\AGGR\Downloads\explorer.exe (Heuristics.Reserved.Word.Exploit) -> Quarantined and deleted successfully. (end)