Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 24/11/2014 Scan Time: 16:45:36 Logfile: MBAM_Scanlog.txt Administrator: Yes Version: 2.00.3.1025 Malware Database: v2014.11.24.06 Rootkit Database: v2014.11.22.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Steven Scan Type: Custom Scan Result: Completed Objects Scanned: 895041 Time Elapsed: 4 hr, 53 min, 58 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 12 PUP.Optional.Snapdo.T, HKU\S-1-5-21-3828895511-1117663807-856057220-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, Quarantined, [9c39a19d8af2ae88e0cb18e39b67ef11], PUP.Optional.Snapdo.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, Quarantined, [9c39a19d8af2ae88e0cb18e39b67ef11], PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\istartsurfSoftware, Quarantined, [19bc6ed0087453e365050b41fe05867a], PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, Quarantined, [409549f5681474c20d3b248c7d8721df], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\supWPM, Quarantined, [389de45a88f4cd693a7a71d930d30ff1], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP, Quarantined, [cb0a94aad4a893a31c667dcd04ff956b], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, Quarantined, [3b9a2e100f6da88ef8bb4dfd679cb848], PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, Quarantined, [5d78aa9416667fb7942c2a15798a728e], PUP.Optional.WebSearches.A, HKU\S-1-5-21-3828895511-1117663807-856057220-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupHpUISoft, Quarantined, [5f76ef4f33493303b2b20d3f8a79c23e], PUP.Optional.ReMarkit.A, HKU\S-1-5-21-3828895511-1117663807-856057220-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Re-markit, Quarantined, [0acbef4fa3d9d066aedfd96b8380e917], PUP.Optional.FastStart.A, HKU\S-1-5-21-3828895511-1117663807-856057220-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS, Quarantined, [be172e10d6a6a591487aa3a43ac9d22e], PUP.Optional.SnapDo.A, HKU\S-1-5-21-3828895511-1117663807-856057220-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR, Quarantined, [e3f281bd611bad89b0579fdb887bca36], Registry Values: 4 PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP|dir, C:\Program Files (x86)\SupTab, Quarantined, [cb0a94aad4a893a31c667dcd04ff956b] PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, amt, Quarantined, [3b9a2e100f6da88ef8bb4dfd679cb848] PUP.Optional.FastStart.A, HKU\S-1-5-21-3828895511-1117663807-856057220-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, Quarantined, [be172e10d6a6a591487aa3a43ac9d22e] PUP.Optional.SnapDo.A, HKU\S-1-5-21-3828895511-1117663807-856057220-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SMARTBAR|publisher, SnapdoWebsite, Quarantined, [e3f281bd611bad89b0579fdb887bca36] Registry Data: 2 PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[b71e19253448d462cb2b3a19c63f17e9] PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[fadb97a7d3a9989ecb2bb69d15f001ff] Folders: 0 (No malicious items detected) Files: 21 PUP.RiskwareTool.CK, C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\amtlib.dll, Quarantined, [c0152f0f007c0036461651127e84d927], Trojan.Agent.BVBGen, C:\School\IPO1\dvdrom080\ugslicensing040\Windows\winsxs\refn04mk.ve6\mfc80DEU.dll, Quarantined, [b81dd36bb7c50135ca311ec7bf4243bd], PUP.Optional.OneClickDownloader.A, C:\Users\Steven\Downloads\How_I_Met_Your_Mother_Season_8_[Complete]_[Episode_1_23].exe, Quarantined, [a035ed51d1ab5adc22bb37f5e51cfa06], PUP.Optional.Amonetize, C:\Users\Steven\Downloads\SimCity5KeygenToolSetup__6196_il13957.exe, Quarantined, [02d3a797d8a4270f55799829c63b0cf4], PUP.RiskwareTool.CK, C:\Users\Steven\Downloads\Adobe Indesign CS6\DLL FILE\32bit\amtlib.dll, Quarantined, [25b0bd8179032c0a95c6560d03ff60a0], PUP.RiskwareTool.CK, C:\Users\Steven\Downloads\Adobe Indesign CS6\DLL FILE\64bit\amtlib.dll, Quarantined, [666f122c4636c76f441870f3976b28d8], PUP.RiskwareTool.CK, C:\Users\Steven\Downloads\Adobe Indesign CS6\DLL FILE\Original - 32bit\Indesign\amtlib.dll, Quarantined, [b81d99a5f6865adca1ba69fa956d0df3], PUP.RiskwareTool.CK, C:\Users\Steven\Downloads\Adobe Indesign CS6\DLL FILE\Original - 64bit\Adobe Media Encoder CS6\amtlib.dll, Quarantined, [5c79eb53710bbe7847153e25af53ae52], PUP.RiskwareTool.CK, C:\Users\Steven\Downloads\Adobe Photoshop CS6 Full Version [English] + Crack\[Crack] Photoshop CS6 amtlib.dll.rar, Quarantined, [d7fe1925c1bb88ae78e3cf94738f758b], PUP.Optional.Conduit, C:\zoek_backup\C_Users_Steven_Downloads_bsplayer266.1075.exe.vir, Quarantined, [f3e296a81666af87c4d93946a4615ca4], PUP.Optional.Softonic.A, C:\zoek_backup\C_Users_Steven_Downloads_SoftonicDownloader_for_vlc-media-player.exe.vir, Quarantined, [dff6f549d0ac63d3a146ea5089785ca4], PUP.Optional.Skytech.A, C:\zoek_backup\C_PROGRA~2_SupTab\DpInterface32.dll, Quarantined, [5a7b87b7295343f3feefb2ee36cb8b75], PUP.Optional.Skytech.A, C:\zoek_backup\C_PROGRA~2_SupTab\DpInterface64.dll, Quarantined, [bf161a2485f79b9ba944415fd1300000], PUP.Optional.SearchProtect, C:\zoek_backup\C_PROGRA~2_SupTab\Loader64.exe, Quarantined, [4e8766d8ccb03204bb49875931d0a060], PUP.Optional.IEPluginService.A, C:\zoek_backup\C_PROGRA~2_SupTab\RSHP.exe, Quarantined, [6d682717205cbc7abf29ceb57a8704fc], PUP.Optional.Skytech.A, C:\zoek_backup\C_PROGRA~2_SupTab\SearchProtect32.dll, Quarantined, [f7deba84106cc37349a4b3edf9084eb2], PUP.Optional.Skytech.A, C:\zoek_backup\C_PROGRA~2_SupTab\SearchProtect64.dll, Quarantined, [15c0201e542877bf816c9b05f30e6898], PUP.Optional.IePluginService.A, C:\zoek_backup\C_PROGRA~2_SupTab\SupIePluginServiceUpdate.exe, Quarantined, [7e57ab93700c5adc819cbeb31de4eb15], PUP.Optional.SupTab.A, C:\zoek_backup\C_PROGRA~2_SupTab\SupTab.dll, Quarantined, [31a494aac5b7092d40565dd8907040c0], PUP.Optional.IePluginService.A, C:\zoek_backup\C_PROGRA~3_IePluginServices\PluginService.exe, Quarantined, [19bc75c998e4b680b06d670ab24fa35d], PUP.Optional.IStartSurf.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\istartsurf.xml, Quarantined, [a62f0a34c6b680b67f176de0b1529c64], Physical Sectors: 0 (No malicious items detected) (end)