MWBlog1

1. Malwarebytes Anti-Malware
2. www.malwarebytes.org
3.  
4. Scan Date: 2017-01-23
5. Scan Time: 1:38 PM
6. Logfile:
7. Administrator: Yes
8.  
9. Version: 2.2.1.1043
10. Malware Database: v2017.01.23.08
11. Rootkit Database: v2016.11.20.01
12. License: Free
13. Malware Protection: Disabled
14. Malicious Website Protection: Disabled
15. Self-protection: Disabled
16.  
17. OS: Windows 10
18. CPU: x64
19. File System: NTFS
20. User: Sam
21.  
22. Scan Type: Threat Scan
23. Result: Completed
24. Objects Scanned: 406106
25. Time Elapsed: 10 min, 2 sec
26.  
27. Memory: Enabled
28. Startup: Enabled
29. Filesystem: Enabled
30. Archives: Enabled
31. Rootkits: Enabled
32. Heuristics: Enabled
33. PUP: Enabled
34. PUM: Enabled
35.  
36. Processes: 0
37. (No malicious items detected)
38.  
39. Modules: 0
40. (No malicious items detected)
41.  
42. Registry Keys: 3
43. PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, , [a2b23f4006a21a1c70219b0ce122847c],
44. PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E, , [64f0d2ad6c3cf64097faa8ff3bc84eb2],
45. PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{696F9EA6}, , [470d0c73a5035adc7b1841666c9751af],
46.  
47. Registry Values: 5
48. PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{696f9ea6}|1, 1485151720, , [470d0c73a5035adc7b1841666c9751af]
49. Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{0fc1fa8b-1752-40c1-9ce7-a442ee2cf411}|NameServer, 82.163.143.176 82.163.142.178, , [c98b4738e8c0d561d5b04d5a4cb705fb]
50. Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{43d331de-7487-40c1-8c5b-021567ee0f52}|NameServer, 82.163.143.176 82.163.142.178, , [292bb5ca7c2c69cdb0d55c4b30d37090]
51. Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{4f2a5d3b-46c8-4cd5-afd5-a5c54051cd69}|NameServer, 82.163.143.176 82.163.142.178, , [163ed1ae6f3989ad6a1b0d9a897ace32]
52. Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\INTERFACES\{8674c361-0c70-4623-82a6-15808048bc0b}|NameServer, 82.163.143.176 82.163.142.178, , [55ff1669feaaa78ffe87bee943c025db]
53.  
54. Registry Data: 1
55. Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, 82.163.143.176 82.163.142.178, Good: (8.8.8.8), Bad: (82.163.143.176 82.163.142.178),,[dc78631c307846f0e3c045b42cd7b34d]
56.  
57. Folders: 2
58. Adware.Agent.Generic, C:\ProgramData\{827A0A96-35D1-BD3D-8986-D097FD1F46B2}, , [c490314e5e4a979fd4f32e3aa957857b],
59. Adware.Agent.Generic, C:\ProgramData\{87652564-30CE-92CF-D787-73B08C8D2CE0}, , [c09493ec7731c96de2e50f59cf316a96],
60.  
61. Files: 8
62. PUP.Optional.Yontoo, C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.coupontime00.coupontime.co_0.localstorage, , [1d37ef90684086b059a8f70a6799ec14],
63. PUP.Optional.Yontoo, C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.coupontime00.coupontime.co_0.localstorage-journal, , [34204f3071375cda8d747a87926e02fe],
64. Adware.Agent.Generic, C:\ProgramData\{827A0A96-35D1-BD3D-8986-D097FD1F46B2}\56866277-E12D-D5DC-3F29-E624E1905B37.exe, , [c490314e5e4a979fd4f32e3aa957857b],
65. Adware.Agent.Generic, C:\ProgramData\{87652564-30CE-92CF-D787-73B08C8D2CE0}\9DFC8814-2A57-3FBF-8963-5A6C2B41A4A2.exe, , [c09493ec7731c96de2e50f59cf316a96],
66. PUP.Optional.CrossRider, C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage, , [5cf8dfa0297ff04606f3217a847f4bb5],
67. PUP.Optional.CrossRider, C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal, , [480c255aa1073ff7b24705968f7453ad],
68. PUP.Optional.ReMarkIt.PrxySvrRST, C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.re-markit00.re-markit.co_0.localstorage, , [4e064738d4d42a0cc52cbbe45ea58e72],
69. PUP.Optional.ReMarkIt.PrxySvrRST, C:\Users\Sam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.re-markit00.re-markit.co_0.localstorage-journal, , [62f2dea1a503e0563cb5e9b66c97b54b],
70.  
71. Physical Sectors: 0
72. (No malicious items detected)
73.  
74.  
75. (end)