Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 1/26/17 Scan Time: 3:47 AM Logfile: txx.txt Administrator: Yes -Software Information- Version: 3.0.6.1469 Components Version: 1.0.50 Update Package Version: 1.0.1141 License: Trial -System Information- OS: Windows XP Service Pack 3 CPU: x86 File System: NTFS User: BSMLLA\ahmed -Scan Summary- Scan Type: Threat Scan Result: Completed Objects Scanned: 347016 Time Elapsed: 1 hr, 11 min, 39 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 11 PUP.Optional.FaceMoods, HKU\S-1-5-21-436374069-920026266-1177238915-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0D7562AE-8EF6-416d-A838-AB665251703A}, No Action By User, [4003], [167950],1.0.1141 PUP.Optional.CrossBrowse, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\crossbrowse.exe, No Action By User, [7882], [237106],1.0.1141 PUP.Optional.Amonetize, HKLM\SOFTWARE\MICROSOFT\ESENT\PROCESS\amisetup1694__13312, No Action By User, [13], [255344],1.0.1141 PUP.Optional.CalendarTool, HKLM\SOFTWARE\MICROSOFT\ESENT\PROCESS\CalendarServ, No Action By User, [8593], [252403],1.0.1141 PUP.Optional.CrossBrowse, HKLM\SOFTWARE\MICROSOFT\ESENT\PROCESS\crossbrowse, No Action By User, [7882], [237109],1.0.1141 PUP.Optional.CleanMyPC, HKLM\SOFTWARE\REG\Clean, No Action By User, [2233], [348488],1.0.1141 Adware.AdTools, HKU\S-1-5-21-436374069-920026266-1177238915-1003\SOFTWARE\AdTools, Inc., No Action By User, [15885], [208682],1.0.1141 PUP.Optional.Cinema, HKU\S-1-5-21-436374069-920026266-1177238915-1003\SOFTWARE\CinemaP-1.9cV06.09-nv-ie, No Action By User, [8148], [236453],1.0.1141 PUP.Optional.Cinema, HKU\S-1-5-21-436374069-920026266-1177238915-1003\SOFTWARE\CinemaP-1.9cV18.09-nv-ie, No Action By User, [8148], [236453],1.0.1141 PUP.Optional.RegCleanPro, HKU\S-1-5-21-436374069-920026266-1177238915-1003\SOFTWARE\REG\Clean, No Action By User, [1746], [347493],1.0.1141 PUP.Optional.DeskCut, HKU\S-1-5-21-436374069-920026266-1177238915-1003\SOFTWARE\MOZILLA\EXTENDS, No Action By User, [13994], [237724],1.0.1141 Registry Value: 1 PUP.Optional.DeskCut, HKU\S-1-5-21-436374069-920026266-1177238915-1003\SOFTWARE\MOZILLA\EXTENDS|APPID, No Action By User, [13994], [237724],1.0.1141 Registry Data: 2 PUP.Optional.FaceMoods, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SEARCHASSISTANT, No Action By User, [4003], [293076],1.0.1141 PUP.Optional.OurSurfing.ShrtCln, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\CHROME.EXE\SHELL\OPEN\COMMAND|, No Action By User, [13708], [292984],1.0.1141 Data Stream: 0 (No malicious items detected) Folder: 1 PUP.Optional.Amonetize, C:\DOCUMENTS AND SETTINGS\AHMED\APPLICATION DATA\21942, No Action By User, [13], [235415],1.0.1141 File: 8 PUP.Optional.Amonetize, C:\DOCUMENTS AND SETTINGS\AHMED\APPLICATION DATA\21942\STATUS.CFG, No Action By User, [13], [235415],1.0.1141 PUP.Optional.Amonetize, C:\DOCUMENTS AND SETTINGS\AHMED\APPLICATION DATA\21942\Updater.xml, No Action By User, [13], [235415],1.0.1141 PUP.Optional.SysTweak, C:\WINDOWS\SYSTEM32\ROBOOT.EXE, No Action By User, [321], [107517],1.0.1141 Trojan.Agent.Trace, C:\WINDOWS\MEDIA\FARDOS.TXT, No Action By User, [3244], [248275],1.0.1141 PUP.Optional.NewTabTV, C:\DOCUMENTS AND SETTINGS\AHMED\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_search.newtabtvsearch.com_0.localstorage, No Action By User, [2835], [359410],1.0.1141 PUP.Optional.NewTabTV, C:\DOCUMENTS AND SETTINGS\AHMED\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_search.newtabtvsearch.com_0.localstorage-journal, No Action By User, [2835], [359410],1.0.1141 PUP.Optional.NewTabTV, C:\DOCUMENTS AND SETTINGS\AHMED\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_newtabtv.com_0.localstorage, No Action By User, [2835], [359416],1.0.1141 PUP.Optional.NewTabTV, C:\DOCUMENTS AND SETTINGS\AHMED\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_newtabtv.com_0.localstorage-journal, No Action By User, [2835], [359416],1.0.1141 Physical Sector: 0 (No malicious items detected) (end)