Malwarebytes-Scan-20160820

Hey, not a member of Up2Share yet? Sign up, it unlocks many cool features!
View raw file
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 20/8/16
Scan Time: 12:49 PM
Logfile: Malwarebytes-Scan-20160820.txt
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.08.20.03
Rootkit Database: v2016.08.15.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 10
CPU: x64
File System: NTFS
User: USER

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 316988
Time Elapsed: 4 min, 31 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 24
PUP.Optional.Wajam, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\4164462efde48482cad7c683546e44ee, Quarantined, [193a7ecf5743181ef9d32c96fe06c23e], 
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Quarantined, [460d35189109f442b71d2c6b9072be42], 
PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Quarantined, [173cde6f5d3d52e42ba9762115ed06fa], 
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, Quarantined, [173c6de09efc33038054613623dff20e], 
PUP.Optional.Elex.SHHKRST, HKLM\SOFTWARE\CLASSES\CLSID\{6710C780-E20E-4C49-A87D-321850ED3D7C}, Quarantined, [173c71dcf3a77cba4ebf5a77689c44bc], 
PUP.Optional.BrowserAir, HKLM\SOFTWARE\BrowserAir, Quarantined, [f55ee16ca7f3d46230d9489010f2fa06], 
PUP.Optional.Social2Search, HKLM\SOFTWARE\Social2Se Browser Enhancer, Quarantined, [c291cd8014863ef829cd0ebd689c1ee2], 
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C46E85AD-C43F-4FE1-9FBB-6934E5845B44}, Delete-on-Reboot, [252e79d46e2cc076ce3d5d93be45a25e], 
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C5E7618D-2C33-4B07-AE9D-1064EC7EE23B}, Delete-on-Reboot, [2330b994d6c43006b52fea0dcc371ae6], 
PUP.Optional.MyBrowser, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E1257B42-CC90-413F-8450-7074A7E7517C}, Delete-on-Reboot, [b89bbc91cdcd94a210e75e91030040c0], 
PUP.Optional.MyBrowser, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FF39E735-C37C-4F12-A54D-9B584407CEA2}, Delete-on-Reboot, [183b2e1f8e0cba7cc82e40affd06629e], 
PUP.Optional.MyBrowser, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\IBUpd, Delete-on-Reboot, [411299b4bdddfb3b8d2e6b5524dff010], 
PUP.Optional.MyBrowser, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\IBUpd2, Delete-on-Reboot, [500385c8a6f469cde0e65d882dd605fb], 
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SMW_P, Delete-on-Reboot, [fa590c41930753e3d114a55252b13cc4], 
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SMW_UpdateTask_Time_333732363137363438322d37785545412a503457324a57, Delete-on-Reboot, [c09384c973276fc7f43feeebf40e6997], 
PUP.Optional.Youndoo, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, Quarantined, [e76c301d2f6b4ee8a47af9d148ba748c], 
PUP.Optional.Goobzo, HKLM\SOFTWARE\SEARCHMODULE\INFO, Quarantined, [b89bd875643623134b426c548d7630d0], 
PUP.Optional.Goobzo, HKLM\SOFTWARE\SEARCHMODULE\SMUPD, Quarantined, [7ad9f459aceeb48297ba10949a6938c8], 
PUP.Optional.Social2Search, HKLM\SOFTWARE\WOW6432NODE\Social2Se Browser Enhancer, Quarantined, [242ffe4f94066fc77a7c26a507fd45bb], 
PUP.Optional.Youndoo, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, Quarantined, [242f0845465485b165b9458515edea16], 
PUP.Optional.SoEasySvc, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SoEasySvc, Quarantined, [2b2806473664a98d0f90eedca55f1de3], 
PUP.Optional.Wajam, HKU\S-1-5-21-3974427370-3116195899-1950622911-1001\SOFTWARE\WajIEnhance, Quarantined, [c192f756425832040c19605bfe05f907], 
PUP.Optional.BrowserAir, HKU\S-1-5-21-3974427370-3116195899-1950622911-1001\SOFTWARE\CLIENTS\STARTMENUINTERNET\BrowserAir.7X6XNJIPXTMSTPXUOSWBXC3SKA, Quarantined, [64effa5319813006c7dcc4ff20e3e917], 
PUP.Optional.Youndoo, HKU\S-1-5-21-3974427370-3116195899-1950622911-1001\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, Quarantined, [e370ba93019940f65fbd616921e116ea], 

Registry Values: 20
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C46E85AD-C43F-4FE1-9FBB-6934E5845B44}|Path, \SMW_UpdateTask_Time_333732363137363438322d37785545412a503457324a57, Delete-on-Reboot, [252e79d46e2cc076ce3d5d93be45a25e]
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C5E7618D-2C33-4B07-AE9D-1064EC7EE23B}|Path, \SMW_P, Delete-on-Reboot, [2330b994d6c43006b52fea0dcc371ae6]
PUP.Optional.MyBrowser, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{E1257B42-CC90-413F-8450-7074A7E7517C}|Path, \IBUpd, Delete-on-Reboot, [b89bbc91cdcd94a210e75e91030040c0]
PUP.Optional.MyBrowser, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{FF39E735-C37C-4F12-A54D-9B584407CEA2}|Path, \IBUpd2, Delete-on-Reboot, [183b2e1f8e0cba7cc82e40affd06629e]
PUP.Optional.Youndoo, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, http://www.youndoo.com/?z=a090ae14b9b833a732450aeg2z0m6g1ebt9oew8o4o&from=wak&uid=HGSTXHTS721010A9E630_JR10006P2PKRXF2PKRXFX&type=hp&mode=ffsengext, Quarantined, [e76c301d2f6b4ee8a47af9d148ba748c]
PUP.Optional.Youndoo, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, http://www.youndoo.com/?z=a090ae14b9b833a732450aeg2z0m6g1ebt9oew8o4o&from=wak&uid=HGSTXHTS721010A9E630_JR10006P2PKRXF2PKRXFX&type=hp&mode=ffsengext, Quarantined, [c48f5bf25b3f35019f7f9f2b986a15eb]
PUP.Optional.Youndoo, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, http://www.youndoo.com/search/?q={searchTerms}&z=a090ae14b9b833a732450aeg2z0m6g1ebt9oew8o4o&from=wak&uid=HGSTXHTS721010A9E630_JR10006P2PKRXF2PKRXFX&type=sp, Quarantined, [5003fe4f6b2f3006ca5406c4e51d7987]
PUP.Optional.Youndoo, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, http://www.youndoo.com/search/?&z=a090ae14b9b833a732450aeg2z0m6g1ebt9oew8o4o&from=wak&uid=HGSTXHTS721010A9E630_JR10006P2PKRXF2PKRXFX&type=sp&q=, Quarantined, [361d0548c2d82313869845858f73926e]
PUP.Optional.Goobzo, HKLM\SOFTWARE\SEARCHMODULE\INFO|Aff, g8dzamobl11426at,fca22d23-2f7c-4234-b940-17e2fd4afbc8,, Quarantined, [b89bd875643623134b426c548d7630d0]
PUP.Optional.Goobzo, HKLM\SOFTWARE\SEARCHMODULE\SMUPD|Scf,  f|���5 $e��� ��;� �>���HF��q{Oj L.��#8[\� m�)�� G�N�r��<ūZ �Q�� ;�
��; xn@�^\o��, Quarantined, [7ad9f459aceeb48297ba10949a6938c8]
PUP.Optional.Youndoo, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, http://www.youndoo.com/?z=a090ae14b9b833a732450aeg2z0m6g1ebt9oew8o4o&from=wak&uid=HGSTXHTS721010A9E630_JR10006P2PKRXF2PKRXFX&type=hp&mode=ffsengext, Quarantined, [242f0845465485b165b9458515edea16]
PUP.Optional.Youndoo, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, http://www.youndoo.com/?z=a090ae14b9b833a732450aeg2z0m6g1ebt9oew8o4o&from=wak&uid=HGSTXHTS721010A9E630_JR10006P2PKRXF2PKRXFX&type=hp&mode=ffsengext, Quarantined, [a1b288c5930739fd26f87c4ef60c768a]
PUP.Optional.Youndoo, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, http://www.youndoo.com/search/?q={searchTerms}&z=a090ae14b9b833a732450aeg2z0m6g1ebt9oew8o4o&from=wak&uid=HGSTXHTS721010A9E630_JR10006P2PKRXF2PKRXFX&type=sp, Quarantined, [4b0861ecafeb989ebc623a90f70bca36]
PUP.Optional.Youndoo, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, http://www.youndoo.com/search/?&z=a090ae14b9b833a732450aeg2z0m6g1ebt9oew8o4o&from=wak&uid=HGSTXHTS721010A9E630_JR10006P2PKRXF2PKRXFX&type=sp&q=, Quarantined, [8fc43b12c6d41f17ca547d4de51d28d8]
PUM.Optional.LowRiskFileTypes, HKU\S-1-5-21-3974427370-3116195899-1950622911-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\ASSOCIATIONS|LowRiskFileTypes, .avi;.bat;.com;.cmd;.exe;.htm;.html;.lnk;.mpg;.mpeg;.mov;.mp3;.msi;.m3u;.rar;.reg;.txt;.vbs;.wav;.zip;, Quarantined, [7dd66edfd3c70f27e2440dc9de25ea16]
PUP.Optional.Youndoo, HKU\S-1-5-21-3974427370-3116195899-1950622911-1001\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, http://www.youndoo.com/?z=a090ae14b9b833a732450aeg2z0m6g1ebt9oew8o4o&from=wak&uid=HGSTXHTS721010A9E630_JR10006P2PKRXF2PKRXFX&type=hp&mode=ffsengext, Quarantined, [e370ba93019940f65fbd616921e116ea]
PUP.Optional.Youndoo, HKU\S-1-5-21-3974427370-3116195899-1950622911-1001\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, http://www.youndoo.com/?z=a090ae14b9b833a732450aeg2z0m6g1ebt9oew8o4o&from=wak&uid=HGSTXHTS721010A9E630_JR10006P2PKRXF2PKRXFX&type=hp&mode=ffsengext, Quarantined, [e46ff05dd7c3c373e03c81496c967888]
PUP.Optional.Youndoo, HKU\S-1-5-21-3974427370-3116195899-1950622911-1001\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, http://www.youndoo.com/search/?q={searchTerms}&z=a090ae14b9b833a732450aeg2z0m6g1ebt9oew8o4o&from=wak&uid=HGSTXHTS721010A9E630_JR10006P2PKRXF2PKRXFX&type=sp, Quarantined, [79da6de0b1e9e155819b00ca659d37c9]
PUP.Optional.Youndoo, HKU\S-1-5-21-3974427370-3116195899-1950622911-1001\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, http://www.youndoo.com/search/?&z=a090ae14b9b833a732450aeg2z0m6g1ebt9oew8o4o&from=wak&uid=HGSTXHTS721010A9E630_JR10006P2PKRXF2PKRXFX&type=sp&q=, Quarantined, [2231bd90f5a5ff37fd1fb218c9392ad6]
PUP.Optional.BrowserAir, HKU\S-1-5-21-3974427370-3116195899-1950622911-1001\SOFTWARE\REGISTEREDAPPLICATIONS|BrowserAir.7X6XNJIPXTMSTPXUOSWBXC3SKA, Software\Clients\StartMenuInternet\BrowserAir.7X6XNJIPXTMSTPXUOSWBXC3SKA\Capabilities, Quarantined, [85ce7fce6a30ef4758763bb5a261af51]

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 16
PUP.Optional.Wajam, C:\Windows\System32\drivers\4164462efde48482cad7c683546e44ee.sys, Delete-on-Reboot, [193a7ecf5743181ef9d32c96fe06c23e], 
Trojan.Script.AutoIt, C:\Users\USER\AppData\Roaming\ZfgTgZcFLQKGHMMDOQEQf.cmd, Quarantined, [81d28dc0d4c669cd0e4f51802cd8ef11], 
Trojan.Addrop, C:\$Recycle.Bin\S-1-5-21-3974427370-3116195899-1950622911-1001\$R05XUNE.exe, Quarantined, [94bf5cf1a9f1fe3889b14279a361b34d], 
Trojan.Addrop, C:\$Recycle.Bin\S-1-5-21-3974427370-3116195899-1950622911-1001\$RXWO9ZC.exe, Quarantined, [044f1b326337fd3942f704b77d87e11f], 
PUP.Optional.Amonetize, C:\$Recycle.Bin\S-1-5-21-3974427370-3116195899-1950622911-1001\$RVY6W4Q.exe, Quarantined, [411299b4eab03600c31a7a5229dbb050], 
PUP.Optional.ConvertAd, C:\$Recycle.Bin\S-1-5-21-3974427370-3116195899-1950622911-1001\$ROO02T3\ic-0.5b463be3888588.exe, Quarantined, [c3909ab35941a78f774608a2d0344fb1], 
PUP.Optional.Wajam, C:\$Recycle.Bin\S-1-5-21-3974427370-3116195899-1950622911-1001\$ROO02T3\ic-0.8291f8362aa04.exe, Quarantined, [ea697dd0207ab6803252804bd0346e92], 
PUP.Optional.YesSearches, C:\$Recycle.Bin\S-1-5-21-3974427370-3116195899-1950622911-1001\$ROO02T3\ic-0.97d47ad4096d7.exe, Quarantined, [5af925288119ae882e3bab2bfe03b848], 
Trojan.Dropper, C:\Users\USER\AppData\Local\Temp\msconfig.exe, Quarantined, [0c4764e9e2b853e36f3bbdfd24e001ff], 
PUP.Optional.Goobzo, C:\Windows\System32\Tasks\SMW_UpdateTask_Time_333732363137363438322d37785545412a503457324a57, Quarantined, [e17272db71295cda4e0d697c2ad83dc3], 
PUP.Optional.SearchModule, C:\Windows\Temp\SM_cache_chrome.exe.cache, Quarantined, [d1820845b5e5c96dfd9b0ca7fe05619f], 
PUP.Optional.SearchModule, C:\Windows\Temp\SM_cache_iexplore.exe.cache, Quarantined, [0c47de6f435793a3f3a5179c10f3f10f], 
PUP.Optional.MyBrowser, C:\Windows\System32\Tasks\IBUpd, Quarantined, [2d26c5885a407bbbc5f48040ff04f808], 
PUP.Optional.FakeIELaunch, C:\Users\USER\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet-Explorer Browser.lnk, Quarantined, [242f1538376349ed37e23d85956e60a0], 
PUP.Optional.MyBrowser, C:\Windows\System32\Tasks\IBUpd2, Quarantined, [d2815af3940671c5cef69e4736cdde22], 
PUP.Optional.Goobzo, C:\Windows\System32\Tasks\SMW_P, Quarantined, [ce8558f5dbbf181e2db5b83f7e85639d], 

Physical Sectors: 0
(No malicious items detected)


(end)
Links
Details
Link to this page
Direct link to this file
Embed (iframe)
See how it looks like
Size	12.3 KiB
Extension	txt
More
0 Comments
Size	12.3 KiB
Extension	txt
MD5	`8dca2ec978b63c04fb749693dc6d6b29`
SHA-1	`da39a3ee5e6b4b0d3255bfef95601890afd80709`
SHA-256	`e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855`