Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 5/31/2014 Scan Time: 10:31:50 PM Logfile: scan.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.06.01.01 Rootkit Database: v2014.05.21.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Mario Scan Type: Threat Scan Result: Completed Objects Scanned: 285263 Time Elapsed: 19 min, 49 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 10 Trojan.BHO, HKLM\SOFTWARE\CLASSES\APPID\{186E19A3-B909-4F48-B687-BB81EB8BC7CE}, Quarantined, [cd78274c6714c4724b1d42f9a65cdf21], Trojan.BHO, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{186E19A3-B909-4F48-B687-BB81EB8BC7CE}, Quarantined, [cd78274c6714c4724b1d42f9a65cdf21], PUP.Optional.Incredibar, HKLM\SOFTWARE\CLASSES\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99}, Quarantined, [420384ef7ffcc6705746cd9caf539868], PUP.Optional.WeCare.A, HKLM\SOFTWARE\CLASSES\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}, Quarantined, [a0a5561d196253e36d5297cfb34f0ff1], PUP.Optional.Incredibar, HKLM\SOFTWARE\CLASSES\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77}, Quarantined, [67de492a007bc472d3cb32370002ca36], PUP.Optional.Yontoo.A, HKU\S-1-5-21-2349173154-2153486983-3080027658-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}, Quarantined, [df66c0b3a8d388ae8899fa359270bd43], Trojan.BHO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F90A5A0D-CD98-49CC-9AA7-9CD11C7478BF}, Quarantined, [5fe67ff4eb90013501665ae1db27d22e], Trojan.BHO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{F90A5A0D-CD98-49CC-9AA7-9CD11C7478BF}, Quarantined, [5fe67ff4eb90013501665ae1db27d22e], Trojan.BHO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{F90A5A0D-CD98-49CC-9AA7-9CD11C7478BF}, Quarantined, [5fe67ff4eb90013501665ae1db27d22e], PUP.Optional.Incredibar.A, HKLM\SOFTWARE\IB Updater, Quarantined, [bf8692e1710ab086859a7d1d956dd52b], Registry Values: 0 (No malicious items detected) Registry Data: 1 PUM.Hijack.StartMenu, HKU\S-1-5-21-2349173154-2153486983-3080027658-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\ADVANCED|Start_ShowSearch, 0, Good: (1), Bad: (0),Replaced,[f94cc2b11b60e74fb8945b01a262cc34] Folders: 4 PUP.Optional.Wajam.A, C:\Users\Mario\AppData\Local\Wajam, Quarantined, [ab9ad99a6219e94d867b7509ce349c64], PUP.Optional.Wajam.A, C:\Users\Mario\AppData\Local\Wajam\Chrome, Quarantined, [ab9ad99a6219e94d867b7509ce349c64], PUP.Optional.1ClickDownload.A, C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\OneClickDownload@OneClickDownload.com, Quarantined, [d174195ad5a6e4521bc4116eb151f30d], PUP.Optional.SolidSavings.A, C:\Users\Mario\AppData\Local\Solid Savings, Quarantined, [360ffc777b00b5814cdebad0c53d8977], Files: 8 PUP.Optional.Spigot.A, C:\ProgramData\YouTube Downloader\ytd_installer.exe, Quarantined, [62e3c4af4c2ff04690ef80a623dde51b], PUP.Optional.Spigot.A, C:\ProgramData\YTD YouTube Downloader & Converter\ytd_installer.exe, Quarantined, [92b3c6adf5869d9947386abca7596e92], PUP.Optional.InstallIQ, C:\Users\Mario\Downloads\mediaplayerlitefam_d3759478.exe, Quarantined, [91b4ec870a713afcd0f23be07c85b749], PUP.Optional.InstallIQ.A, C:\Users\Mario\Downloads\mediaplayerlite_d878913.exe, Quarantined, [10352a4902795adc5c29eb2cba477888], PUP.Optional.Amonetize.AS, C:\Users\Mario\Downloads\MediaUpdater__2577_i28268057_il561301.exe, Quarantined, [e75e3a39ed8e0b2bff50e72f07fa7c84], PUP.Optional.IBryte, C:\Users\Mario\Downloads\Word_Setup.exe, Quarantined, [87bed3a0b7c42a0cfee6ba4fca376b95], PUP.Optional.Bundlore, C:\Users\Mario\Downloads\setup (1).exe, Quarantined, [32137003ff7c2e081d2e5dc4768a2fd1], PUP.Optional.Conduit.A, C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://www.outfox.tv/?referid=179", "http://search.conduit.com/?ctid=CT3322287&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP6F418339-4F23-42D1-B503-ADA701136BD9&SSPV=", "http://search.conduit.com/?ctid=CT3322287&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP6F418339-4F23-42D1-B503-ADA701136BD9&SSPV=" ],), Replaced,[8eb7482b5625270ffdc7c4c9729243bd] Physical Sectors: 0 (No malicious items detected) (end)