Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 2015-12-05 Scan Time: 4:20 AM Logfile: Malwarebytes_0.txt Administrator: Yes Version: 2.2.0.1024 Malware Database: v2015.12.04.06 Rootkit Database: v2015.11.26.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 8.1 CPU: x64 File System: NTFS User: dropdown Scan Type: Threat Scan Result: Completed Objects Scanned: 471338 Time Elapsed: 1 hr, 28 min, 3 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 3 PUP.Optional.MediaHint.ChrPRST, C:\Users\dropdown\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofkdgccobndekkdblccplmohgompedfh\0.2.1_0, Quarantined, [0115faa72f5c1c1a1436ffa05ea68977], PUP.Optional.MediaHint.ChrPRST, C:\Users\dropdown\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofkdgccobndekkdblccplmohgompedfh\0.2.1_0\images, Quarantined, [0115faa72f5c1c1a1436ffa05ea68977], PUP.Optional.MediaHint.ChrPRST, C:\Users\dropdown\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofkdgccobndekkdblccplmohgompedfh, Quarantined, [0115faa72f5c1c1a1436ffa05ea68977], Files: 29 PUP.Optional.AdLyrics, C:\Users\dropdown\AppData\Local\Temp\Show-Password_1030-8101.exe, Quarantined, [71a58120aae146f093e0d2d14fb1718f], PUP.Optional.Somoto, C:\Users\dropdown\AppData\Local\Temp\UpdateCheckerSetup.exe, Quarantined, [e82e39682962d95db357b05e3bc5d729], PUP.Optional.Somoto, C:\Users\dropdown\AppData\Local\Temp\bitool.dll, Quarantined, [64b27c25028947efae206a7fa8599c64], PUP.Optional.Somoto, C:\Users\dropdown\AppData\Local\Temp\nsc700C.tmp, Quarantined, [d93ddac7553656e09e33e5217e8627d9], Trojan.FakeMS, C:\Users\dropdown\AppData\Local\Temp\7ZipSfx.001\Dumpper.exe, Quarantined, [62b4722f7b1066d04fc10c17867b03fd], Trojan.FakeMS, C:\Users\dropdown\AppData\Local\Temp\7ZipSfx.002\Dumpper.exe, Quarantined, [9680a4fd117a41f58789e241aa573dc3], PUP.Optional.IEPassViewer, C:\Users\dropdown\Downloads\iepv.zip, Quarantined, [9d79faa7c1ca73c3e70ce839fb05fc04], PUP.Optional.InstallCore, C:\Users\dropdown\Downloads\camstudio.exe, Quarantined, [0c0ab2effb9075c1061a4c4b4cb8669a], Trojan.FakeMS, C:\Users\dropdown\Desktop\tool\wireless\Dumpper v.70.1.rar, Quarantined, [e82edfc2afdc4ee815fb79aa7d84e31d], Trojan.FakeMS, C:\Users\dropdown\Desktop\tool\wireless\Dumpper v70.1 English\Dumpper70.1_En_by_SinFu1.exe, Quarantined, [6da9e1c0d7b4ec4ac44cf330b64ba55b], Trojan.Downloader.ZTGen, C:\Users\dropdown\AppData\Local\Temp\ztmp\tmp12164.bat, Quarantined, [be58bae7305b979fcb7fa9bc2dd69d63], Trojan.Downloader.ZTGen, C:\Users\dropdown\AppData\Local\Temp\ztmp\tmp14464.exe, Quarantined, [080eb6eba3e8da5c2921d88d32d1639d], Trojan.Downloader.ZTGen, C:\Users\dropdown\AppData\Local\Temp\ztmp\tmp46274.exe, Quarantined, [be58b6ebbbd0a88e4a007fe6857eb64a], Trojan.Downloader.ZTGen, C:\Users\dropdown\AppData\Local\Temp\ztmp\tmp46424.bat, Quarantined, [c452a7fa4c3fc96d0644a4c1af54669a], Trojan.Downloader.ZTGen, C:\Users\dropdown\AppData\Local\Temp\ztmp\tmp46554.exe, Quarantined, [a76f1c85276451e576d46005a360dc24], Trojan.Downloader.ZTGen, C:\Users\dropdown\AppData\Local\Temp\ztmp\tmp66134.bat, Quarantined, [8195633e5f2c053109412c39f3104db3], Trojan.Downloader.ZTGen, C:\Users\dropdown\AppData\Local\Temp\ztmp\tmp69974.bat, Quarantined, [20f66d34682362d49bafc99c37ccae52], Trojan.Downloader.ZTGen, C:\Users\dropdown\AppData\Local\Temp\ztmp\tmp70104.exe, Quarantined, [34e2bce53853fb3b4a00ea7bb35024dc], Trojan.Downloader.ZTGen, C:\Users\dropdown\AppData\Local\Temp\ztmp\tmp74674.bat, Quarantined, [0e081f825239b2841d2dd590a95af010], Trojan.Downloader.ZTGen, C:\Users\dropdown\AppData\Local\Temp\ztmp\tmp75164.exe, Quarantined, [68aea7fa4c3f8da9ad9dc79ec83b59a7], Trojan.Downloader.ZTGen, C:\Users\dropdown\AppData\Local\Temp\ztmp\tmp88634.bat, Quarantined, [ce484c5552395adca8a2d09517ec44bc], Trojan.Downloader.ZTGen, C:\Users\dropdown\AppData\Local\Temp\ztmp\tmp88764.exe, Quarantined, [6aace3be206b53e3d872c89d5da6be42], PUP.Optional.MediaHint.ChrPRST, C:\Users\dropdown\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofkdgccobndekkdblccplmohgompedfh\0.2.1_0\manifest.json, Quarantined, [0115faa72f5c1c1a1436ffa05ea68977], PUP.Optional.MediaHint.ChrPRST, C:\Users\dropdown\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofkdgccobndekkdblccplmohgompedfh\0.2.1_0\app.js, Quarantined, [0115faa72f5c1c1a1436ffa05ea68977], PUP.Optional.MediaHint.ChrPRST, C:\Users\dropdown\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofkdgccobndekkdblccplmohgompedfh\0.2.1_0\chrome.pac, Quarantined, [0115faa72f5c1c1a1436ffa05ea68977], PUP.Optional.MediaHint.ChrPRST, C:\Users\dropdown\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofkdgccobndekkdblccplmohgompedfh\0.2.1_0\default.pac, Quarantined, [0115faa72f5c1c1a1436ffa05ea68977], PUP.Optional.MediaHint.ChrPRST, C:\Users\dropdown\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofkdgccobndekkdblccplmohgompedfh\0.2.1_0\icon_128.png, Quarantined, [0115faa72f5c1c1a1436ffa05ea68977], PUP.Optional.MediaHint.ChrPRST, C:\Users\dropdown\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofkdgccobndekkdblccplmohgompedfh\0.2.1_0\images\off_32.png, Quarantined, [0115faa72f5c1c1a1436ffa05ea68977], PUP.Optional.MediaHint.ChrPRST, C:\Users\dropdown\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofkdgccobndekkdblccplmohgompedfh\0.2.1_0\images\on_32.png, Quarantined, [0115faa72f5c1c1a1436ffa05ea68977], Physical Sectors: 0 (No malicious items detected) (end)