You are on page 1of 5

Malwarebytes

www.malwarebytes.com

-Log Details-
Scan Date: 7/25/17
Scan Time: 5:07 AM
Log File: malware-scan-result-0725.txt
Administrator: Yes

-Software Information-
Version: 3.1.2.1733
Components Version: 1.0.160
Update Package Version: 1.0.2427
License: Free

-System Information-
OS: Windows 10 (Build 15063.483)
CPU: x64
File System: NTFS
User: SHAIM\lenovo

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 405367
Threats Detected: 62
Threats Quarantined: 62
Time Elapsed: 11 min, 55 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 5
PUP.Optional.YeaDesktop,
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Yeadesktop_RASAPI32, Quarantined,
[1592], [409418],1.0.2427
PUP.Optional.YeaDesktop,
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\Yeadesktop_RASMANCS, Quarantined,
[1592], [409418],1.0.2427
PUP.Optional.InstallCore, HKU\S-1-5-21-2493623992-3667621766-2291885300-
1001\SOFTWARE\csastats, Quarantined, [3], [260986],1.0.2427
PUP.Optional.YeaDesktop, HKU\S-1-5-21-2493623992-3667621766-2291885300-
1001\SOFTWARE\YeaDesktop, Quarantined, [1592], [391400],1.0.2427
PUP.Optional.ProductSetup, HKU\S-1-5-21-2493623992-3667621766-2291885300-
1001\SOFTWARE\PRODUCTSETUP, Quarantined, [15164], [242047],1.0.2427
Registry Value: 2
Adware.HPDefender, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|
PANDASTARTER, Quarantined, [21], [391142],1.0.2427
PUP.Optional.ProductSetup, HKU\S-1-5-21-2493623992-3667621766-2291885300-
1001\SOFTWARE\PRODUCTSETUP|TB, Quarantined, [15164], [242047],1.0.2427

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 15
PUP.Optional.Elex.ClnShrt,
C:\USERS\LENOVO\APPDATA\LOCAL\kemgadeojglibflomicgnfeopkdfflnk, Quarantined,
[1412], [328066],1.0.2427
PUP.Optional.FastSearch,
C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5cf1k0n0.default\extension
s\amcontextmenu@loucypher\META-INF, Quarantined, [1193], [329326],1.0.2427
PUP.Optional.FastSearch,
C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5cf1k0n0.default\extension
s\amcontextmenu@loucypher\content, Quarantined, [1193], [329326],1.0.2427
PUP.Optional.FastSearch,
C:\USERS\LENOVO\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\5CF1K0N0.DEFAULT\EXTENSION
S\AMCONTEXTMENU@LOUCYPHER, Quarantined, [1193], [329326],1.0.2427
PUP.Optional.Spigot.Generic, C:\Users\lenovo\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce\2.4_0\_locales\en,
Quarantined, [2085], [362981],1.0.2427
PUP.Optional.Spigot.Generic, C:\Users\lenovo\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce\2.4_0\html\popup,
Quarantined, [2085], [362981],1.0.2427
PUP.Optional.Spigot.Generic, C:\Users\lenovo\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce\2.4_0\_metadata,
Quarantined, [2085], [362981],1.0.2427
PUP.Optional.Spigot.Generic, C:\Users\lenovo\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce\2.4_0\js\popup,
Quarantined, [2085], [362981],1.0.2427
PUP.Optional.Spigot.Generic, C:\Users\lenovo\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce\2.4_0\_locales,
Quarantined, [2085], [362981],1.0.2427
PUP.Optional.Spigot.Generic, C:\Users\lenovo\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce\2.4_0\newtab, Quarantined,
[2085], [362981],1.0.2427
PUP.Optional.Spigot.Generic, C:\Users\lenovo\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce\2.4_0\html, Quarantined,
[2085], [362981],1.0.2427
PUP.Optional.Spigot.Generic, C:\Users\lenovo\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce\2.4_0\css, Quarantined,
[2085], [362981],1.0.2427
PUP.Optional.Spigot.Generic, C:\Users\lenovo\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce\2.4_0\js, Quarantined,
[2085], [362981],1.0.2427
PUP.Optional.Spigot.Generic, C:\Users\lenovo\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce\2.4_0, Quarantined,
[2085], [362981],1.0.2427
PUP.Optional.Spigot.Generic, C:\USERS\LENOVO\APPDATA\LOCAL\GOOGLE\CHROME\USER
DATA\DEFAULT\EXTENSIONS\JLHPIJOLPCIMADHJINGADNBCJNCMJDCE, Quarantined, [2085],
[362981],1.0.2427
File: 40
PUP.Optional.Elex.ClnShrt,
C:\Users\lenovo\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\close_white.png,
Quarantined, [1412], [328066],1.0.2427
PUP.Optional.Elex.ClnShrt,
C:\Users\lenovo\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\content_script.js,
Quarantined, [1412], [328066],1.0.2427
PUP.Optional.Elex.ClnShrt,
C:\Users\lenovo\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\icon.png,
Quarantined, [1412], [328066],1.0.2427
PUP.Optional.Elex.ClnShrt,
C:\Users\lenovo\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\jquery-1.8.3.min.js,
Quarantined, [1412], [328066],1.0.2427
PUP.Optional.Elex.ClnShrt,
C:\Users\lenovo\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\jquery.js,
Quarantined, [1412], [328066],1.0.2427
PUP.Optional.Elex.ClnShrt,
C:\Users\lenovo\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\manifest.json,
Quarantined, [1412], [328066],1.0.2427
PUP.Optional.Elex.ClnShrt,
C:\Users\lenovo\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\popup.html,
Quarantined, [1412], [328066],1.0.2427
PUP.Optional.Elex.ClnShrt,
C:\Users\lenovo\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk\popup.js,
Quarantined, [1412], [328066],1.0.2427
PUP.Optional.FastSearch,
C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5cf1k0n0.default\extension
s\amcontextmenu@loucypher\content\browser.xul, Quarantined, [1193],
[329326],1.0.2427
PUP.Optional.FastSearch,
C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5cf1k0n0.default\extension
s\amcontextmenu@loucypher\content\content.js, Quarantined, [1193],
[329326],1.0.2427
PUP.Optional.FastSearch,
C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5cf1k0n0.default\extension
s\amcontextmenu@loucypher\content\icon-48.png, Quarantined, [1193],
[329326],1.0.2427
PUP.Optional.FastSearch,
C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5cf1k0n0.default\extension
s\amcontextmenu@loucypher\content\icon-64.png, Quarantined, [1193],
[329326],1.0.2427
PUP.Optional.FastSearch,
C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5cf1k0n0.default\extension
s\amcontextmenu@loucypher\META-INF\manifest.mf, Quarantined, [1193],
[329326],1.0.2427
PUP.Optional.FastSearch,
C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5cf1k0n0.default\extension
s\amcontextmenu@loucypher\META-INF\mozilla.rsa, Quarantined, [1193],
[329326],1.0.2427
PUP.Optional.FastSearch,
C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5cf1k0n0.default\extension
s\amcontextmenu@loucypher\META-INF\mozilla.sf, Quarantined, [1193],
[329326],1.0.2427
PUP.Optional.FastSearch,
C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5cf1k0n0.default\extension
s\amcontextmenu@loucypher\004f8a2d, Quarantined, [1193], [329326],1.0.2427
PUP.Optional.FastSearch,
C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5cf1k0n0.default\extension
s\amcontextmenu@loucypher\chrome.manifest, Quarantined, [1193], [329326],1.0.2427
PUP.Optional.FastSearch,
C:\Users\lenovo\AppData\Roaming\Mozilla\Firefox\Profiles\5cf1k0n0.default\extension
s\amcontextmenu@loucypher\install.rdf, Quarantined, [1193], [329326],1.0.2427
PUP.Optional.InstallCore, C:\USERS\LENOVO\APPDATA\LOCAL\TEMP\YEADESKTOP.EXE,
Quarantined, [3], [356458],1.0.2427
Hijack.HostFile, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Replaced, [345],
[329328],1.0.2427
Hijack.Host, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Replaced, [30],
[407375],1.0.2427
Hijack.Host, C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS, Replaced, [30],
[407375],1.0.2427
Heuristics.Shuriken,
C:\USERS\LENOVO\APPDATA\LOCAL\TEMP\INSTALLER_CAMPAIGN_1877.EXE, Quarantined,
[1848], [167],1.0.2427
Adware.Tuto4PC, C:\USERS\LENOVO\APPDATA\LOCAL\TEMP\AVBOOST.EXE, Quarantined, [761],
[419355],1.0.2427
PUP.Optional.VideoBox, C:\USERS\LENOVO\APPDATA\LOCAL\TEMP\VBINST.EXE, Quarantined,
[2351], [402806],1.0.2427
Adware.Eszjuxuan, C:\USERS\LENOVO\APPDATA\LOCAL\TEMP\IS-EP5DQ.TMP\SETUP.EXE,
Quarantined, [43], [409327],1.0.2427
PUP.Optional.YeaDesktop, C:\USERS\LENOVO\APPDATA\LOCAL\TEMP\IS-
EP5DQ.TMP\YEADESKTOP3.EXE, Quarantined, [1592], [391393],1.0.2427
PUP.Optional.Spigot.Generic, C:\USERS\LENOVO\APPDATA\LOCAL\GOOGLE\CHROME\USER
DATA\DEFAULT\EXTENSIONS\JLHPIJOLPCIMADHJINGADNBCJNCMJDCE\2.4_0\BACKGROUND.JS,
Quarantined, [2085], [362981],1.0.2427
PUP.Optional.Spigot.Generic, C:\Users\lenovo\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce\2.4_0\css\description.css,
Quarantined, [2085], [362981],1.0.2427
PUP.Optional.Spigot.Generic, C:\Users\lenovo\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce\2.4_0\css\popup.css,
Quarantined, [2085], [362981],1.0.2427
PUP.Optional.Spigot.Generic, C:\Users\lenovo\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce\2.4_0\html\popup\descripti
on.html, Quarantined, [2085], [362981],1.0.2427
PUP.Optional.Spigot.Generic, C:\Users\lenovo\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce\2.4_0\html\popup\popup.htm
l, Quarantined, [2085], [362981],1.0.2427
PUP.Optional.Spigot.Generic, C:\Users\lenovo\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce\2.4_0\js\popup\popup.js,
Quarantined, [2085], [362981],1.0.2427
PUP.Optional.Spigot.Generic, C:\Users\lenovo\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce\2.4_0\js\userNewTab.js,
Quarantined, [2085], [362981],1.0.2427
PUP.Optional.Spigot.Generic, C:\Users\lenovo\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce\2.4_0\newtab\newtab.html,
Quarantined, [2085], [362981],1.0.2427
PUP.Optional.Spigot.Generic, C:\Users\lenovo\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce\2.4_0\_locales\en\messages
.json, Quarantined, [2085], [362981],1.0.2427
PUP.Optional.Spigot.Generic, C:\Users\lenovo\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce\2.4_0\_metadata\verified_c
ontents.json, Quarantined, [2085], [362981],1.0.2427
PUP.Optional.Spigot.Generic, C:\Users\lenovo\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce\2.4_0\contentscript.js,
Quarantined, [2085], [362981],1.0.2427
PUP.Optional.Spigot.Generic, C:\Users\lenovo\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce\2.4_0\icon.png,
Quarantined, [2085], [362981],1.0.2427
PUP.Optional.Spigot.Generic, C:\Users\lenovo\AppData\Local\Google\Chrome\User
Data\Default\Extensions\jlhpijolpcimadhjingadnbcjncmjdce\2.4_0\manifest.json,
Quarantined, [2085], [362981],1.0.2427

Physical Sector: 0
(No malicious items detected)

(end)