Malwarebytes Anti-Rootkit BETA 1.9.4.1001
www.malwarebytes.org

Database version:
  main:    v2017.04.07.05
  rootkit: v2017.04.02.01

Windows 10 x64 NTFS
Internet Explorer 11.0.15063.0
Sean :: LAPTOP-NMPDR74D [administrator]

4/7/2017 1:18:36 PM
mbar-log-2017-04-07 (13-18-36).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 284048
Time elapsed: 4 minute(s), 17 second(s)

Memory Processes Detected: 1
C:\Program Files (x86)\ntuserlitelist\dataup\dataup.exe (Adware.Yelloader) -> 3364 -> Delete on reboot. [d56cba341d8b37ff4e7fb557c43da858]

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 3
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Dataup (Adware.Yelloader) -> Delete on reboot. [d56cba341d8b37ff4e7fb557c43da858]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\drmkpro64 (Rootkit.Agent.PUA) -> Delete on reboot. [9ca5ffeff3b51a1cebb4dc613ac7ac54]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Dataup (Trojan.Clicker) -> Delete on reboot. [64dd1cd27e2a41f531175cb49968ff01]

Registry Values Detected: 2
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|svcvmx (Trojan.Clicker) -> Data: "C:\Users\Sean\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe" -starup -> Delete on reboot. [f24fa14d00a83cfa6a1731667c847d83]
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DATAUP|ImagePath (Trojan.Clicker) -> Data: C:\Program Files (x86)\ntuserlitelist\dataup\dataup.exe -> Delete on reboot. [5ae7d5193573e74fe6114fc144bdc13f]

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 3
C:\Users\Sean\AppData\Local\llssoft\winvmx (Trojan.Clicker.D) -> Delete on reboot. [142d6c8261476bcb615b32725ea28779]
C:\Users\Sean\AppData\Local\ntuserlitelist (Trojan.Clicker) -> Delete on reboot. [db66cd214b5d191dd7c8f0a9f60ba759]
C:\Program Files (x86)\ntuserlitelist (Trojan.Clicker) -> Delete on reboot. [be83c628f6b20c2a043caff8de232fd1]

Files Detected: 5
C:\Program Files (x86)\ntuserlitelist\dataup\dataup.exe (Adware.Yelloader) -> Delete on reboot. [d56cba341d8b37ff4e7fb557c43da858]
C:\Users\Sean\AppData\Local\ntuserlitelist\winscr\winscr.exe (Adware.Yelloader) -> Delete on reboot. [3b065c922088ff376670f81441c03ec2]
C:\Windows\System32\drivers\SWDUMon.sys (PUP.Optional.DriverUpdate) -> Delete on reboot. []
C:\Users\Sean\AppData\Local\drutkycvq\qdcomsvc.exe (Trojan.Clicker.Generic) -> Delete on reboot. [af9208e680281a1c72b992f4b84853ad]
C:\Users\Sean\AppData\Local\ntuserlitelist\svcvmx\svcvmx.exe (Trojan.Clicker) -> Delete on reboot. [f24fa14d00a83cfa6a1731667c847d83]

Physical Sectors Detected: 0
(No malicious items detected)

(end)