Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 9/15/19
Scan Time: 10:03 AM
Log File: 9a158906-d7c1-11e9-a7d8-2c59e5a50239.json
-Software Information-
Version: 3.8.3.2965
Components Version: 1.0.625
Update Package Version: 1.0.12485
License: Trial
-System Information-
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Newman-HP-2000\Harvey
-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 230786
Threats Detected: 14
Threats Quarantined: 14
Time Elapsed: 14 min, 59 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 4
PUP.Optional.Jawego, HKLM\SOFTWARE\QXV0by1QQy1DbGVhbmVyMjAxOQ==, Quarantined, [629], [534889],1.0.12485
PUP.Optional.GoodGame, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Goodgame Empire0, Quarantined, [3893], [597957],1.0.12485
PUP.Optional.GoodGame, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Goodgame Empire1, Quarantined, [3893], [597957],1.0.12485
PUP.Optional.GoodGame, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Goodgame Empire2, Quarantined, [3893], [597957],1.0.12485
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 10
Generic.Malware/Suspicious, C:\USERS\HARVEY\DOWNLOADS\HPSET_2017.11.14.02.EXE, Quarantined, [0], [392686],1.0.12485
PUP.Optional.WinZipMalwareProtector, C:\USERS\HARVEY\DOWNLOADS\WZMP_24 (1).EXE, Quarantined, [12885], [627246],1.0.12485
PUP.Optional.DriverReviver, C:\USERS\HARVEY\DOWNLOADS\DRIVERREVIVERSETUP_PPC4 (2).EXE, Quarantined, [4223], [462815],1.0.12485
Generic.Malware/Suspicious, C:\USERS\HARVEY\APPDATA\LOCAL\YAHOO\YSET\WEBEXT_DL.EXE, Quarantined, [0], [392686],1.0.12485
PUP.Optional.MindSpark, C:\USERS\HARVEY\DESKTOP\TRACE, Quarantined, [649], [301125],1.0.12485
PUP.Optional.WinZipMalwareProtector, C:\USERS\HARVEY\DOWNLOADS\WZMP_24.EXE, Quarantined, [12885], [627246],1.0.12485
PUP.Optional.DriverReviver, C:\USERS\HARVEY\DOWNLOADS\DRIVERREVIVERSETUP_PPC4 (3).EXE, Quarantined, [4223], [462815],1.0.12485
Generic.Malware/Suspicious, C:\USERS\HARVEY\DOWNLOADS\HPSET_2018.06.28.01.EXE, Quarantined, [0], [392686],1.0.12485
PUP.Optional.DriverReviver, C:\USERS\HARVEY\DOWNLOADS\DRIVERREVIVERSETUP_PPC4 (1).EXE, Quarantined, [4223], [462815],1.0.12485
PUP.Optional.DriverReviver, C:\USERS\HARVEY\DOWNLOADS\DRIVERREVIVERSETUP_PPC4.EXE, Quarantined, [4223], [462815],1.0.12485
Physical Sector: 0
(No malicious items detected)
WMI: 0
(No malicious items detected)
(end)
9/15/2019 19:41:35 PM
Files scanned: 224895
Infected files: 29
Cleaned threats: 27
Total scan time 01:55:46
Scan status: Finished
C:\AdwCleaner\Quarantine\v1\20190911.204017\25\WinZip Driver Updater\trz2051.tmp#A4472C1BCB3DE19F a variant of Win64/DriverReviver.A potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20190911.204017\38\AUTO-PC-CLEANER2019 FOR NEWMAN-HP-2000\offers\a_p_t.exe#290F1B6600FB1A53 a variant of MSIL/GT32SupportGeeks.O potentially unwanted application cleaned by deleting
C:\AdwCleaner\Quarantine\v1\20190911.204017\54\RelevantKnowledge\rlservice.exe#08C012A6341A81BC a variant of Win32/Adware.RK application cleaned by deleting
C:\FRST\Quarantine\C\Program Files (x86)\DigitalTrailEHF\ie.exe a variant of Win32/Adware.OpenSUpdater.DQ application cleaned by deleting
C:\Program Files\AVAST Software\Avast\setup\aswOfferTool.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application error while deleting (Access denied)
C:\Program Files\AVAST Software\Avast\setup\offertool_x64_ais-954.vpx Win32/Bundled.Toolbar.Google.D potentially unsafe application error while deleting (Access denied)
C:\Program Files (x86)\Internet Explorer\00003467.tmp a variant of Win32/RiskWare.PEMalform.I application cleaned by deleting
C:\Program Files (x86)\Internet Explorer\00021963.tmp a variant of Win32/RiskWare.PEMalform.I application cleaned by deleting
C:\Program Files (x86)\Internet Explorer\00025953.tmp a variant of Win32/RiskWare.PEMalform.I application cleaned by deleting
C:\Users\Harvey\AppData\Local\Facebook\Games\00000805.tmp a variant of Win32/RiskWare.PEMalform.I application cleaned by deleting
C:\Users\Harvey\AppData\Local\Facebook\Games\00001313.tmp a variant of Win32/RiskWare.PEMalform.I application cleaned by deleting
C:\Users\Harvey\AppData\Local\Facebook\Games\00004801.tmp a variant of Win32/RiskWare.PEMalform.I application cleaned by deleting
C:\Users\Harvey\AppData\Local\Facebook\Games\00005824.tmp a variant of Win32/RiskWare.PEMalform.I application cleaned by deleting
C:\Users\Harvey\AppData\Local\Facebook\Games\00007022.tmp a variant of Win32/RiskWare.PEMalform.I application cleaned by deleting
C:\Users\Harvey\AppData\Local\Facebook\Games\00008516.tmp a variant of Win32/RiskWare.PEMalform.I application cleaned by deleting
C:\Users\Harvey\AppData\Local\Facebook\Games\00010943.tmp a variant of Win32/RiskWare.PEMalform.I application cleaned by deleting
C:\Users\Harvey\AppData\Local\Facebook\Games\00015911.tmp a variant of Win32/RiskWare.PEMalform.I application cleaned by deleting
C:\Users\Harvey\AppData\Local\Facebook\Games\00017444.tmp a variant of Win32/RiskWare.PEMalform.I application cleaned by deleting
C:\Users\Harvey\AppData\Local\Facebook\Games\00018643.tmp a variant of Win32/RiskWare.PEMalform.I application cleaned by deleting
C:\Users\Harvey\AppData\Local\Facebook\Games\00018701.tmp a variant of Win32/RiskWare.PEMalform.I application cleaned by deleting
C:\Users\Harvey\AppData\Local\Facebook\Games\00018721.tmp a variant of Win32/RiskWare.PEMalform.I application cleaned by deleting
C:\Users\Harvey\AppData\Local\Facebook\Games\00018853.tmp a variant of Win32/RiskWare.PEMalform.I application cleaned by deleting
C:\Users\Harvey\AppData\Local\Facebook\Games\00020228.tmp a variant of Win32/RiskWare.PEMalform.I application cleaned by deleting
C:\Users\Harvey\AppData\Local\Facebook\Games\00020670.tmp a variant of Win32/RiskWare.PEMalform.I application cleaned by deleting
C:\Users\Harvey\AppData\Local\Facebook\Games\00026114.tmp a variant of Win32/RiskWare.PEMalform.I application cleaned by deleting
C:\Users\Harvey\AppData\Local\Facebook\Games\00027537.tmp a variant of Win32/RiskWare.PEMalform.I application cleaned by deleting
C:\Users\Harvey\AppData\Local\Facebook\Games\00028251.tmp a variant of Win32/RiskWare.PEMalform.I application cleaned by deleting
C:\Users\Harvey\AppData\Local\Yahoo\yset\YSearchUtil.dll a variant of Win32/YahooSearch.C potentially unwanted application cleaned by deleting
C:\Users\Harvey\Downloads\hpset_2017.09.01.01.exe a variant of Win32/YahooSearch.C potentially unwanted application cleaned by deleting