Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 01/05/2014 Scan Time: 16:52:58 Logfile: Scan malwarebytes.txt Administrator: Yes Version: 2.00.1.1004 Malware Database: v2014.05.01.08 Rootkit Database: v2014.03.27.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Chameleon: Disabled OS: Windows 8.1 CPU: x64 File System: NTFS User: Lucas Scan Type: Threat Scan Result: Completed Objects Scanned: 280888 Time Elapsed: 12 min, 2 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Shuriken: Enabled PUP: Enabled PUM: Enabled Processes: 1 PUP.Optional.Webget.A, C:\Program Files (x86)\webget\updatewebget.exe, 7180, Delete-on-Reboot, [112b3e0e88f351e54c9dc4b0d72a847c] Modules: 0 (No malicious items detected) Registry Keys: 8 PUP.Optional.Webget.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update webget, Quarantined, [112b3e0e88f351e54c9dc4b0d72a847c], PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, Quarantined, [42fa51fb453692a4e7e1fc572ad8e917], PUP.Optional.Webget.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\webget, Quarantined, [0537c38946358fa7fe7b5a1ad131c739], PUP.Optional.Updater, HKU\S-1-5-21-3426690014-121208058-2231362189-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Digital Sites, Quarantined, [74c8aba1e99200360302bfcc54aeef11], PUP.Optional.Webget.A, HKLM\SOFTWARE\WOW6432NODE\webget, Quarantined, [7ac277d58cef67cff784106436cced13], PUP.Optional.PriceMeter.A, HKU\S-1-5-21-3426690014-121208058-2231362189-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\PriceMeter, Quarantined, [310b4b01324989ad59efe29b659d35cb], PUP.Optional.Webget.A, HKU\S-1-5-21-3426690014-121208058-2231362189-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\webget, Quarantined, [7ebe17354338d0660d6ddb99020046ba], PUP.Optional.PriceMeter.A, HKU\S-1-5-21-3426690014-121208058-2231362189-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Price Metar, Quarantined, [89b35defc0bb5adc3f949ad34cb63dc3], Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 7 PUP.Optional.Webget.A, C:\Program Files (x86)\webget, Delete-on-Reboot, [0537c38946358fa7fe7b5a1ad131c739], PUP.Optional.Updater, C:\Users\Lucas\AppData\Roaming\DigitalSites\UpdateProc, Quarantined, [74c8aba1e99200360302bfcc54aeef11], PUP.Optional.Conduit.A, C:\Users\Lucas\AppData\Local\Temp\CT3319415, Quarantined, [d864bf8d2c4f14221307fc6b8c76a25e], PUP.Optional.PriceMeter.A, C:\Users\Lucas\AppData\Roaming\PriceMeterUpdater, Quarantined, [d3699daf285349ed606fe489a35fe51b], PUP.Optional.PriceMeter.A, C:\Users\Lucas\AppData\Roaming\PriceMeterUpdater\UpdateProc, Quarantined, [d3699daf285349ed606fe489a35fe51b], PUP.Optional.PriceMeter.A, C:\Users\Lucas\AppData\Local\PriceMeter, Quarantined, [89b35defc0bb5adc3f949ad34cb63dc3], PUP.Optional.PriceMeter.A, C:\Users\Lucas\AppData\Local\PriceMeter\TEMP, Quarantined, [89b35defc0bb5adc3f949ad34cb63dc3], Files: 35 PUP.Optional.Webget.A, C:\Program Files (x86)\webget\updatewebget.exe, Delete-on-Reboot, [112b3e0e88f351e54c9dc4b0d72a847c], PUP.Optional.InstallCore, C:\Users\Lucas\AppData\Local\Temp\ICReinstall_UltimateCodec.exe, Quarantined, [27150a42cdae2313414ccb60cc38cc34], PUP.Optional.SearchProtect.A, C:\Users\Lucas\AppData\Local\Temp\nsk5B6C.exe, Quarantined, [68d4d379b5c60c2a9fafd84e33ce29d7], PUP.Optional.SearchProtect.A, C:\Users\Lucas\AppData\Local\Temp\nsq5D13.exe, Quarantined, [2715c7850d6ee254212d36f0c43d3ac6], PUP.Optional.SearchProtect.A, C:\Users\Lucas\AppData\Local\Temp\nsu3F36.exe, Quarantined, [97a5a7a5453616200b439096d8298878], PUP.Optional.SearchProtect.A, C:\Users\Lucas\AppData\Local\Temp\nsz40DC.exe, Quarantined, [4eee55f728531422c48a0323cf3226da], PUP.Optional.Conduit.A, C:\Users\Lucas\AppData\Local\Temp\nse260F\SpSetup.exe, Quarantined, [3c00d07c700be74fa19c8a91b34e21df], PUP.Optional.PriceMeter.A, C:\Users\Lucas\AppData\Local\Temp\is357113909\285087_stp\pm.exe, Quarantined, [6ad277d56318f24406ee3141639ed030], PUP.Optional.Conduit.A, C:\Users\Lucas\Downloads\01net_Quick_Zip.exe, Quarantined, [0735400c0972a096f87371cc32ce43bd], PUP.Optional.InstallCore, C:\Users\Lucas\Downloads\UltimateCodec.exe, Quarantined, [d666e9635922999d4c412704a06426da], PUP.Optional.PriceMeter.A, C:\Users\Lucas\AppData\Local\PriceMeter\pricemeterd.exe, Quarantined, [2814c7857cffc27496df96d389787b85], PUP.Optional.PriceMeter.A, C:\Users\Lucas\AppData\Local\PriceMeter\TEMP\tmp.exe, Quarantined, [34088fbdd4a73ef80372ef7a917039c7], PUP.Optional.Webget.A, C:\Program Files (x86)\webget\webget.ico, Quarantined, [0537c38946358fa7fe7b5a1ad131c739], PUP.Optional.Webget.A, C:\Program Files (x86)\webget\7za.exe, Quarantined, [0537c38946358fa7fe7b5a1ad131c739], PUP.Optional.Webget.A, C:\Program Files (x86)\webget\updatewebget.InstallState, Quarantined, [0537c38946358fa7fe7b5a1ad131c739], PUP.Optional.Webget.A, C:\Program Files (x86)\webget\webget.FirstRun.exe, Quarantined, [0537c38946358fa7fe7b5a1ad131c739], PUP.Optional.Webget.A, C:\Program Files (x86)\webget\webgetUninstall.exe, Quarantined, [0537c38946358fa7fe7b5a1ad131c739], PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, Quarantined, [ae8ebc90215a3402aec7b0d438ca6b95], PUP.Optional.Updater, C:\Users\Lucas\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe, Quarantined, [74c8aba1e99200360302bfcc54aeef11], PUP.Optional.Updater, C:\Users\Lucas\AppData\Roaming\DigitalSites\UpdateProc\config.dat, Quarantined, [74c8aba1e99200360302bfcc54aeef11], PUP.Optional.Updater, C:\Users\Lucas\AppData\Roaming\DigitalSites\UpdateProc\info.dat, Quarantined, [74c8aba1e99200360302bfcc54aeef11], PUP.Optional.Updater, C:\Users\Lucas\AppData\Roaming\DigitalSites\UpdateProc\prod.dat, Quarantined, [74c8aba1e99200360302bfcc54aeef11], PUP.Optional.RegCleanerPro.J, C:\Windows\Tasks\RegClean Pro_UPDATES.job, Delete-on-Reboot, [d765ba927ffc82b42cee127ba55d7e82], PUP.Optional.RegCleanPro.A, C:\Windows\Tasks\RegClean Pro_DEFAULT.job, Delete-on-Reboot, [61db9bb1c1ba1422205c732c06fd38c8], PUP.Optional.Conduit.A, C:\Users\Lucas\AppData\Local\Temp\CT3319415\ddt.csf, Quarantined, [d864bf8d2c4f14221307fc6b8c76a25e], PUP.Optional.PriceMeter.A, C:\Users\Lucas\AppData\Local\PriceMeter\icon.ico, Quarantined, [89b35defc0bb5adc3f949ad34cb63dc3], PUP.Optional.PriceMeter.A, C:\Users\Lucas\AppData\Local\PriceMeter\PriceMeterUpdateVer.exe, Quarantined, [89b35defc0bb5adc3f949ad34cb63dc3], PUP.Optional.PriceMeter.A, C:\Users\Lucas\AppData\Local\PriceMeter\uninst.exe, Quarantined, [89b35defc0bb5adc3f949ad34cb63dc3], PUP.Optional.PriceMeter.A, C:\Users\Lucas\AppData\Local\PriceMeter\TEMP\cfg.dat, Quarantined, [89b35defc0bb5adc3f949ad34cb63dc3], PUP.Optional.PriceMeter.A, C:\Users\Lucas\AppData\Local\PriceMeter\TEMP\chunk_0_V1.1.2.0.dat, Quarantined, [89b35defc0bb5adc3f949ad34cb63dc3], PUP.Optional.PriceMeter.A, C:\Users\Lucas\AppData\Local\PriceMeter\TEMP\chunk_1_V1.1.2.0.dat, Quarantined, [89b35defc0bb5adc3f949ad34cb63dc3], PUP.Optional.PriceMeter.A, C:\Users\Lucas\AppData\Local\PriceMeter\TEMP\chunk_2_V1.1.2.0.dat, Quarantined, [89b35defc0bb5adc3f949ad34cb63dc3], PUP.Optional.PriceMeter.A, C:\Users\Lucas\AppData\Local\PriceMeter\TEMP\chunk_3_V1.1.2.0.dat, Quarantined, [89b35defc0bb5adc3f949ad34cb63dc3], PUP.Optional.PriceMeter.A, C:\Users\Lucas\AppData\Local\PriceMeter\TEMP\chunk_4_V1.1.2.0.dat, Quarantined, [89b35defc0bb5adc3f949ad34cb63dc3], PUP.Optional.PriceMeter.A, C:\Users\Lucas\AppData\Local\PriceMeter\TEMP\chunk_5_V1.1.2.0.dat, Quarantined, [89b35defc0bb5adc3f949ad34cb63dc3], Physical Sectors: 0 (No malicious items detected) (end)