Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 1/11/2015
Scan Time: 7:56:00 AM
Logfile:
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.01.11.05
Rootkit Database: v2015.01.07.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 8.1
CPU: x64
File System: NTFS
User: William
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 357334
Time Elapsed: 4 min, 37 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 5
PUP.Optional.TopArcadeHits.A, HKU\S-1-5-21-1328426514-2669664763-694145802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CF190686-9E72-403C-B99D-682ABDB63C5B}, , [150cac4a6b1e7db9ef4a50cf9d66b64a],
PUP.Optional.Highlightly, HKLM\SOFTWARE\WOW6432NODE\Highlightly, , [5ac71adc4247181e82a37c5ed52fe61a],
PUP.Optional.DownloadTerms.A, HKLM\SOFTWARE\WOW6432NODE\DOWNLOADTERMS, , [a37ea5512267a5919311e00b8b7936ca],
PUP.Optional.DealCabby.A, HKU\S-1-5-21-1328426514-2669664763-694145802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DealCabby, , [81a0e90dc4c567cf64c738b4f50fba46],
PUP.Optional.DownloadTerms.A, HKU\S-1-5-21-1328426514-2669664763-694145802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DOWNLOADTERMS, , [a57c28ce5c2d56e07e2713d80103fd03],
Registry Values: 8
Backdoor.Agent.PGen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN|Policies, C:\WINDOWS\system32\directx\diagx.exe, , [de43a5515d2c4cea6be485fbb1533dc3]
PUP.Optional.DownloadTerms.A, HKLM\SOFTWARE\WOW6432NODE\DOWNLOADTERMS|age, 1369540800, , [a37ea5512267a5919311e00b8b7936ca]
Backdoor.Agent.PGen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN|Policies, C:\WINDOWS\system32\directx\diagx.exe, , [e33e7f7771184de9e46bfb857391619f]
PUP.Optional.BrowserManager.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|FUPM Browser, C:\Program Files (x86)\FUPM Browser\BrowserManager.exe, , [0120c4327b0e63d3e45418685ea5817f]
PUP.Optional.BrowserManager.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BrowserManager, C:\Program Files (x86)\FUPM Browser\BrowserManager.exe, , [8d941ed8f693b2841524a2dea65d07f9]
PUP.Optional.DownloadTerms.A, HKU\S-1-5-21-1328426514-2669664763-694145802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DOWNLOADTERMS|age, 1369540800, , [a57c28ce5c2d56e07e2713d80103fd03]
Trojan.Agent.CNS, HKU\S-1-5-21-1328426514-2669664763-694145802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON|Shell, explorer.exe, C:\Users\William\AppData\Roaming\Microsoft\Windows\Templates\diagx.exe, , [e8397383ef9afd390f66c9a64db6ac54]
Backdoor.Agent.PGen, HKU\S-1-5-21-1328426514-2669664763-694145802-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN|Policies, C:\WINDOWS\system32\directx\diagx.exe, , [c35ec135aedb8da97bd3c6badd27fe02]
Registry Data: 0
(No malicious items detected)
Folders: 5
PUP.Optional.DealPly.A, C:\Users\William\AppData\Roaming\DealPly, , [c95853a30386ca6caf40131fa65dff01],
PUP.Optional.DealPly.A, C:\Users\William\AppData\Roaming\DealPly\UpdateProc, , [c95853a30386ca6caf40131fa65dff01],
PUP.Optional.NextLive.A, C:\Users\William\AppData\Roaming\newnext.me, , [e938669097f275c1bdfd66cecd3606fa],
PUP.Optional.NextLive.A, C:\Users\William\AppData\Roaming\newnext.me\cache, , [e938669097f275c1bdfd66cecd3606fa],
PUP.Optional.Updater.A, C:\Users\William\AppData\Roaming\DSite\UpdateProc, , [6ab7a3534841aa8caec19eb211f27a86],
Files: 11
PUP.Optional.OpenCandy, C:\Users\William\AppData\Roaming\DTLite4481-0348.exe, , [e33e41b57b0e191d67ffaf07ee17817f],
PUP.Optional.NextLive.A, C:\Users\William\AppData\Roaming\newnext.me\nengine.dll, , [5fc2af47e1a8ac8aca14b6bf22df5ea2],
PUP.Optional.NextLive.A, C:\Users\William\AppData\Local\genienext\nengine.dll, , [81a041b53e4bf442cf0f6b0af30ef50b],
Backdoor.Agent.E, C:\Windows\SysWOW64\directx\diagx.exe, , [49d8a5510485360072a63876758ed927],
Malware.Trace, C:\Users\William\AppData\Roaming\cglogs.dat, , [a37e4ea8d0b9ad898d1c9d4129da2ad6],
PUP.Optional.PricePeep.A, C:\Users\William\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage, , [cf525a9c8ffac67083e9449e51b342be],
PUP.Optional.DealPly.A, C:\Users\William\AppData\Roaming\DealPly\UpdateProc\config.dat, , [c95853a30386ca6caf40131fa65dff01],
PUP.Optional.NextLive.A, C:\Users\William\AppData\Roaming\newnext.me\nengine.cookie, , [e938669097f275c1bdfd66cecd3606fa],
PUP.Optional.NextLive.A, C:\Users\William\AppData\Roaming\newnext.me\cache\spark.bin, , [e938669097f275c1bdfd66cecd3606fa],
PUP.Optional.Updater.A, C:\Users\William\AppData\Roaming\DSite\UpdateProc\config.dat, , [6ab7a3534841aa8caec19eb211f27a86],
PUP.Optional.Updater.A, C:\Users\William\AppData\Roaming\DSite\UpdateProc\TTL.DAT, , [6ab7a3534841aa8caec19eb211f27a86],
Physical Sectors: 0
(No malicious items detected)
(end)