mbar-log-2014-11-16 (17-07-34)
Malwarebytes Anti-Rootkit BETA 1.08.1.1001
www.malwarebytes.org
Database version: v2014.11.16.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17420
Waffles :: WAFFLES-PC [administrator]
11/16/2014 5:07:34 PM
mbar-log-2014-11-16 (17-07-34).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 363559
Time elapsed: 31 minute(s), 20 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 2
HKU\S-1-5-21-4207845676-4101714623-4093240210-1001_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5} (Trojan.Poweliks.B) -> Delete on reboot. [3d3afe3ec2ba191dfb9a0101c33d659b]
HKU\S-1-5-21-4207845676-4101714623-4093240210-1001_Classes\CLSID\{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}\LOCALSERVER32\^ (Trojan.Poweliks) -> Delete on reboot. [c3b496a684f8d06699ff40c211efd42c]
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 20
C:\$Recycle.Bin\S-1-5-18\$3b99f81f31d5dbab1bcf87d0107a285a\U (Trojan.Siredef.C) -> Delete on reboot. [0a6df844522afc3a63caf809cc343ac6]
C:\$Recycle.Bin\S-1-5-21-4207845676-4101714623-4093240210-1001\$3b99f81f31d5dbab1bcf87d0107a285a\U (Trojan.Siredef.C) -> Delete on reboot. [03749aa288f4989ec667e0217b8539c7]
C:\$Recycle.Bin\S-1-5-18\$3b99f81f31d5dbab1bcf87d0107a285a\L (Trojan.Siredef.C) -> Delete on reboot. [bdba4bf192ea4de9cf6046bb02fe7e82]
C:\$Recycle.Bin\S-1-5-21-4207845676-4101714623-4093240210-1001\$3b99f81f31d5dbab1bcf87d0107a285a\L (Trojan.Siredef.C) -> Delete on reboot. [6e09b08c65177eb8d25df8099c640000]
C:\$Recycle.Bin\S-1-5-18\$3b99f81f31d5dbab1bcf87d0107a285a (Trojan.Siredef.C) -> Delete on reboot. [e790e7554c30e25444ece41d5ba529d7]
C:\$Recycle.Bin\S-1-5-21-4207845676-4101714623-4093240210-1001\$3b99f81f31d5dbab1bcf87d0107a285a (Trojan.Siredef.C) -> Delete on reboot. [3d3aa3994a321521b87819e8cb3559a7]
C:\Users\Waffles\AppData\Local\Google\Desktop\Install\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\❤≸⋙ (Trojan.0Access) -> Delete on reboot. [90e70735c7b582b4c9c1eb178a7653ad]
C:\Users\Waffles\AppData\Local\Google\Desktop\Install\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\❤≸⋙\Ⱒ☠⍨ (Trojan.0Access) -> Delete on reboot. [90e70735c7b582b4c9c1eb178a7653ad]
C:\Users\Waffles\AppData\Local\Google\Desktop\Install\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\❤≸⋙\Ⱒ☠⍨\ﯹ๛ (Trojan.0Access) -> Delete on reboot. [90e70735c7b582b4c9c1eb178a7653ad]
C:\Users\Waffles\AppData\Local\Google\Desktop\Install\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\❤≸⋙\Ⱒ☠⍨\ﯹ๛\{3b99f81f-31d5-dbab-1bcf-87d0107a285a} (Trojan.0Access) -> Delete on reboot. [90e70735c7b582b4c9c1eb178a7653ad]
C:\Users\Waffles\AppData\Local\Google\Desktop\Install\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\❤≸⋙\Ⱒ☠⍨\ﯹ๛\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\L (Trojan.0Access) -> Delete on reboot. [90e70735c7b582b4c9c1eb178a7653ad]
C:\Users\Waffles\AppData\Local\Google\Desktop\Install\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\❤≸⋙\Ⱒ☠⍨\ﯹ๛\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\U (Trojan.0Access) -> Delete on reboot. [90e70735c7b582b4c9c1eb178a7653ad]
C:\Users\Waffles\AppData\Local\Google\Desktop\Install\{3b99f81f-31d5-dbab-1bcf-87d0107a285a} (Trojan.0Access) -> Delete on reboot. [1265fa4223590036ed9e02006f917d83]
c:\program files (x86)\google\desktop\install\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\ (Trojan.0Access) -> Delete on reboot. [0b6c96a66a12f73f47450ff351afe51b]
c:\program files (x86)\google\desktop\install\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\ \... (Trojan.0Access) -> Delete on reboot. [0b6c96a66a12f73f47450ff351afe51b]
c:\program files (x86)\google\desktop\install\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\ \...\ﯹ๛ (Trojan.0Access) -> Delete on reboot. [0b6c96a66a12f73f47450ff351afe51b]
c:\program files (x86)\google\desktop\install\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\ \...\ﯹ๛\{3b99f81f-31d5-dbab-1bcf-87d0107a285a} (Trojan.0Access) -> Delete on reboot. [0b6c96a66a12f73f47450ff351afe51b]
c:\program files (x86)\google\desktop\install\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\ \...\ﯹ๛\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\l (Trojan.0Access) -> Delete on reboot. [0b6c96a66a12f73f47450ff351afe51b]
c:\program files (x86)\google\desktop\install\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\ \...\ﯹ๛\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\u (Trojan.0Access) -> Delete on reboot. [0b6c96a66a12f73f47450ff351afe51b]
C:\Program Files (x86)\Google\Desktop\Install\{3b99f81f-31d5-dbab-1bcf-87d0107a285a} (Trojan.0Access) -> Delete on reboot. [a2d5f24ad0aca492f19ce91902fe649c]
Files Detected: 18
C:\Users\Waffles\csrss.exe (Trojan.Agent) -> Delete on reboot. [8becb884eb9148eeb50b20ad768d04fc]
C:\Users\Waffles\ctfmon.exe (Trojan.Agent) -> Delete on reboot. [680ff14b4834cc6a7c464786ff04748c]
C:\Users\Waffles\rundll32.exe (Trojan.Dropper) -> Delete on reboot. [4334a9934e2e6bcb8ba9824e6e95b749]
C:\Users\Waffles\spoolsv.exe (Trojan.Agent) -> Delete on reboot. [7ff8b88495e7c571bc92d7542bd98878]
C:\Users\Waffles\AppData\Roaming\$h.bat (Ransom.Trace) -> Delete on reboot. [7502e75517654de9e2f572021ee6728e]
C:\Users\Waffles\conhost.exe (Trojan.Agent) -> Delete on reboot. [e1960c302f4d80b663461c5d52b2d62a]
C:\Users\Waffles\windowsupdate.exe (Trojan.Agent.WUGen) -> Delete on reboot. [284f78c45b213cfaaeac8af83dc71be5]
C:\Users\Waffles\firefox.exe (Trojan.Agent) -> Delete on reboot. [7afd4fed88f4013502d68219010353ad]
C:\$Recycle.Bin\S-1-5-18\$3b99f81f31d5dbab1bcf87d0107a285a\L\00000004.@ (Trojan.Siredef.C) -> Delete on reboot. [bdba4bf192ea4de9cf6046bb02fe7e82]
C:\$Recycle.Bin\S-1-5-18\$3b99f81f31d5dbab1bcf87d0107a285a\L\76603ac3 (Trojan.Siredef.C) -> Delete on reboot. [bdba4bf192ea4de9cf6046bb02fe7e82]
c:\Program Files (x86)\Google\Desktop\Install\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\ \...\ﯹ๛\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\@ (Trojan.0Access) -> Delete on reboot. [0b6c96a66a12f73f47450ff351afe51b]
c:\Program Files (x86)\Google\Desktop\Install\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\ \...\ﯹ๛\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\L\00000004.@ (Trojan.0Access) -> Delete on reboot. [0b6c96a66a12f73f47450ff351afe51b]
c:\Program Files (x86)\Google\Desktop\Install\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\ \...\ﯹ๛\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\U\00000004.@ (Trojan.0Access) -> Delete on reboot. [0b6c96a66a12f73f47450ff351afe51b]
c:\Program Files (x86)\Google\Desktop\Install\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\ \...\ﯹ๛\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\U\00000008.@ (Trojan.0Access) -> Delete on reboot. [0b6c96a66a12f73f47450ff351afe51b]
c:\Program Files (x86)\Google\Desktop\Install\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\ \...\ﯹ๛\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\U\000000cb.@ (Trojan.0Access) -> Delete on reboot. [0b6c96a66a12f73f47450ff351afe51b]
c:\Program Files (x86)\Google\Desktop\Install\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\ \...\ﯹ๛\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\U\80000000.@ (Trojan.0Access) -> Delete on reboot. [0b6c96a66a12f73f47450ff351afe51b]
c:\Program Files (x86)\Google\Desktop\Install\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\ \...\ﯹ๛\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\U\80000032.@ (Trojan.0Access) -> Delete on reboot. [0b6c96a66a12f73f47450ff351afe51b]
c:\Program Files (x86)\Google\Desktop\Install\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\ \...\ﯹ๛\{3b99f81f-31d5-dbab-1bcf-87d0107a285a}\U\80000064.@ (Trojan.0Access) -> Delete on reboot. [0b6c96a66a12f73f47450ff351afe51b]
Physical Sectors Detected: 0
(No malicious items detected)
(end)