Hi there ! In our network we had a breakout of a trojan, this malware downloaded some keyloggers and fake virus programs, we were not amused We cleaned this up with a combination of MBAM and Miscrosoft Security Essentials. All strange warnings are gone again. However MBAM keeps reporting a infection on multiple computers, located in c:\documents and settings\all users\local settings\palladium.exe MBAM tries to delete te file during the next reboot, but fails. These Are WinXP Pro clients and one Win2003 Terminal Server. I tried the following to delete te file: -Enabled hidden en system files, i cant find the folder "c:\documents and settings\all users\local settings" -Tried to find the folder in safe mode, i cant find the folder "ac:\documents and settings\all users\local settings -Started the computer with a Linux Live CD, mounted the local harddisk, still no folder "c:\documents and settings\all users\local settings" -Created a folder named "local settings" in "c:\documents and settings\all users", worked fine no errors that it already existed. So im thinking that this folder doesnt exist, But why is MBAM reporting this file ? I scanned the pc's with AVG and Secury Essentials and they both say everythings is clean. Is it possible that MBAM is wrong about the file location ?, or is this folder so secret i cant even open in if i boot in a different OS :S