Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 08/07/2015
Scan Time: 11:14:16 p.m.
Logfile: malwarebytes scan.txt
Administrator: Yes
Version: 2.01.6.1022
Malware Database: v2015.07.08.08
Rootkit Database: v2015.07.07.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Emiliano
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 350461
Time Elapsed: 9 min, 47 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 1
Trojan.Agent, C:\Windows\Temp\lsass.exe, 3296, , [5dfb17c838527fb79aef95bc1be91ce4]
Modules: 0
(No malicious items detected)
Registry Keys: 5
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [6cec1dc236540e28acc9d8b4b1538878],
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, , [d58323bc6b1f01358ce9eaa20ef6db25],
PUP.Optional.TweakBit.A, HKLM\SOFTWARE\WOW6432NODE\TWEAKBIT\ATPopups, , [98c0736c5c2e81b53129038dc73d14ec],
PUP.Optional.TweakBit.A, HKLM\SOFTWARE\WOW6432NODE\TWEAKBIT\ATUpdaters, , [64f4954af8923303abaf652be222748c],
PUP.Optional.TweakBit.A, HKLM\SOFTWARE\WOW6432NODE\TWEAKBIT\Google Analytics Package, , [d3858b544f3b81b5f765d2be36ceac54],
Registry Values: 2
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [6cec1dc236540e28acc9d8b4b1538878]
PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [d58323bc6b1f01358ce9eaa20ef6db25]
Registry Data: 0
(No malicious items detected)
Folders: 5
PUP.Optional.MultiPlug.A, C:\Users\Emiliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhihnapmdpedhlihabmbcmkjhglphhch\1.1, , [aaae58875b2f979f678ab1d29c68b14f],
PUP.Optional.MultiPlug.A, C:\Users\Emiliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhihnapmdpedhlihabmbcmkjhglphhch, , [aaae58875b2f979f678ab1d29c68b14f],
PUP.Optional.MultiPlug.A, C:\Users\Emiliano\AppData\Roaming\Mozilla\Firefox\Profiles\z5cv4ozt.default\extensions\TG@0siT28V.com\content, , [12464d926f1bbb7bd02fbfc454b024dc],
PUP.Optional.MultiPlug.A, C:\Users\Emiliano\AppData\Roaming\Mozilla\Firefox\Profiles\z5cv4ozt.default\extensions\TG@0siT28V.com, , [12464d926f1bbb7bd02fbfc454b024dc],
PUP.Optional.BlockTheAds.A, C:\ProgramData\Block The Ads, , [ce8a8956d0ba6bcb193cb33ec63c21df],
Files: 13
PUP.Optional.MultiPlug.Uns, C:\ProgramData\Block The Ads\Block The Ads.exe, , [1741d50afd8d4bebf409db97cf33c23e],
Trojan.BitcoinMiner, C:\Windows\Temp\svchost.exe, , [e276ffe01c6ecc6ab084257bfb096997],
PUP.Optional.AppDataFR.A, C:\Users\Emiliano\AppData\Roaming\appdataFr3.bin, , [b7a1f2edacde44f2d78104fac83a718f],
Trojan.Agent, C:\Windows\Temp\lsass.exe, , [5dfb17c838527fb79aef95bc1be91ce4],
PUP.Optional.MultiPlug.A, C:\Users\Emiliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhihnapmdpedhlihabmbcmkjhglphhch\1.1\lsdb.js, , [aaae58875b2f979f678ab1d29c68b14f],
PUP.Optional.MultiPlug.A, C:\Users\Emiliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhihnapmdpedhlihabmbcmkjhglphhch\1.1\background.html, , [aaae58875b2f979f678ab1d29c68b14f],
PUP.Optional.MultiPlug.A, C:\Users\Emiliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhihnapmdpedhlihabmbcmkjhglphhch\1.1\content.js, , [aaae58875b2f979f678ab1d29c68b14f],
PUP.Optional.MultiPlug.A, C:\Users\Emiliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhihnapmdpedhlihabmbcmkjhglphhch\1.1\icjNfJTA.js, , [aaae58875b2f979f678ab1d29c68b14f],
PUP.Optional.MultiPlug.A, C:\Users\Emiliano\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhihnapmdpedhlihabmbcmkjhglphhch\1.1\manifest.json, , [aaae58875b2f979f678ab1d29c68b14f],
PUP.Optional.MultiPlug.A, C:\Users\Emiliano\AppData\Roaming\Mozilla\Firefox\Profiles\z5cv4ozt.default\extensions\TG@0siT28V.com\content\bg.js, , [12464d926f1bbb7bd02fbfc454b024dc],
PUP.Optional.MultiPlug.A, C:\Users\Emiliano\AppData\Roaming\Mozilla\Firefox\Profiles\z5cv4ozt.default\extensions\TG@0siT28V.com\bootstrap.js, , [12464d926f1bbb7bd02fbfc454b024dc],
PUP.Optional.MultiPlug.A, C:\Users\Emiliano\AppData\Roaming\Mozilla\Firefox\Profiles\z5cv4ozt.default\extensions\TG@0siT28V.com\chrome.manifest, , [12464d926f1bbb7bd02fbfc454b024dc],
PUP.Optional.MultiPlug.A, C:\Users\Emiliano\AppData\Roaming\Mozilla\Firefox\Profiles\z5cv4ozt.default\extensions\TG@0siT28V.com\install.rdf, , [12464d926f1bbb7bd02fbfc454b024dc],
Physical Sectors: 0
(No malicious items detected)
(end)