Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 11/8/2015
Scan Time: 7:44 AM
Logfile: mambam report.txt
Administrator: Yes
Version: 2.2.0.1024
Malware Database: v2015.11.08.03
Rootkit Database: v2015.11.04.02
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Mikel
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 460065
Time Elapsed: 2 hr, 27 min, 0 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 10
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\3045035B-3C14-4698-8AC4-ADB18CC42C1E, Quarantined, [7023dba0b5d6330391d3fe35a959e21e],
PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\3045035B-3C14-4698-8AC4-ADB18CC42C1E, Quarantined, [7023dba0b5d6330391d3fe35a959e21e],
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\3045035B-3C14-4698-8AC4-ADB18CC42C1E, Quarantined, [7023dba0b5d6330391d3fe35a959e21e],
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR , Quarantined, [4d4649325d2ef343848a4a49976c34cc],
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{46109D2E-14AB-43DA-9FBC-CEC649DA2C5C}, Quarantined, [9df622595b3064d2f79680fb1ae912ee],
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{59948926-35C9-494A-ADAF-BEF419B1A60E}, Quarantined, [9af9e8939cef1f179bf2fb80d72c6f91],
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C10284B4-91AD-45C2-B818-7DCE51A39234}, Quarantined, [4c476615860526108805e9926e95da26],
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DBDC7D45-F399-43E1-94F8-3F56AFA50636}, Quarantined, [7f14f982bfcc2a0c8904542721e28f71],
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DBF0F9A4-A83E-49DF-A75E-91906163B4C1}, Quarantined, [296a4f2c9bf04aecfd905d1e90738d73],
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F7F23974-E100-42BD-9694-FEBA0F1DF93C}, Quarantined, [96fd83f8345743f3e1ace7942ed5b14f],
Registry Values: 13
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130669234568618530, Quarantined, [43503447adde06303dd0197acf342cd4]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130669234568618530, Quarantined, [464dbac17714989e87866d26946f9967]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130669234568618530, Quarantined, [603328532566da5c9d70771c3bc8b947]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130669234568618530, Quarantined, [1b786912aae1ba7c0c019af916ed7f81]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_removal_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130669234568618530, Quarantined, [157e5427b5d62511010c672ca75cf10f]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_reporter_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130669234568618530, Quarantined, [dcb7d6a53556b77fdf2ec3d028dbef11]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr |{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130669234568618530, Quarantined, [4d4649325d2ef343848a4a49976c34cc]
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{46109d2e-14ab-43da-9fbc-cec649da2c5c}|AppPath, C:\Program Files (x86)\Webfetti_52\bar\1.bin, Quarantined, [9df622595b3064d2f79680fb1ae912ee]
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{59948926-35c9-494a-adaf-bef419b1a60e}|AppPath, C:\Program Files (x86)\Webfetti_52\bar\1.bin, Quarantined, [9af9e8939cef1f179bf2fb80d72c6f91]
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{c10284b4-91ad-45c2-b818-7dce51a39234}|AppPath, C:\Program Files (x86)\Webfetti_52\bar\1.bin, Quarantined, [4c476615860526108805e9926e95da26]
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{dbdc7d45-f399-43e1-94f8-3f56afa50636}|AppPath, C:\Program Files (x86)\Webfetti_52\bar\1.bin, Quarantined, [7f14f982bfcc2a0c8904542721e28f71]
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{dbf0f9a4-a83e-49df-a75e-91906163b4c1}|AppPath, C:\Program Files (x86)\Webfetti_52\bar\1.bin, Quarantined, [296a4f2c9bf04aecfd905d1e90738d73]
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{f7f23974-e100-42bd-9694-feba0f1df93c}|AppPath, C:\Program Files (x86)\Webfetti_52\bar\1.bin, Quarantined, [96fd83f8345743f3e1ace7942ed5b14f]
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 2
PUP.Optional.Dregol, C:\Users\Mikel\AppData\LocalLow\Microsoft\Internet Explorer\Services\Run_Dregol.ico, Quarantined, [aee53b400c7fd561d28710587f8421df],
PUP.Optional.FTDownloader, C:\Users\Mikel\AppData\Roaming\Mozilla\Firefox\Profiles\8zb8mxm6.default\extensions\ftdownloader2@ftdownloader.com.xpi, Quarantined, [395acbb094f7db5b49c808657a892fd1],
Physical Sectors: 0
(No malicious items detected)
(end)