Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 7/31/2014 Scan Time: 12:43:57 PM Logfile: HP Malware Bites Scan Results.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.03.04.09 Rootkit Database: v2014.02.20.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Douglas M. Stricker Scan Type: Threat Scan Result: Completed Objects Scanned: 299218 Time Elapsed: 8 min, 47 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 4 PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [e26759a6a4d64de9f3dab5d124de946c], PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [e26759a6a4d64de9f3dab5d124de946c], PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [e26759a6a4d64de9f3dab5d124de946c], PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [e26759a6a4d64de9f3dab5d124de946c], Registry Keys: 34 PUP.Optional.Bandoo.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DatamngrCoordinator, , [f455ac533e3c1a1c8540fd64c33e1fe1], PUP.Optional.Bandoo.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\F06DEFF2-5B9C-490D-910F-35D3A9119622, , [90b939c6f98150e6ad180d549968b24e], Trojan.BHO, HKLM\SOFTWARE\CLASSES\APPID\{186E19A3-B909-4F48-B687-BB81EB8BC7CE}, , [193048b7582289ade8149daa2bd7847c], Trojan.BHO, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{186E19A3-B909-4F48-B687-BB81EB8BC7CE}, , [193048b7582289ade8149daa2bd7847c], PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\CLASSES\APPID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}, , [4801d32c44363ef86bce45fc29d9a060], PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}, , [4801d32c44363ef86bce45fc29d9a060], PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}, , [91b859a62852fa3c00e5b1c39d65629e], PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}, , [91b859a62852fa3c00e5b1c39d65629e], PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}, , [91b859a62852fa3c00e5b1c39d65629e], PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}, , [91b859a62852fa3c00e5b1c39d65629e], PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\SearchQUIEHelper.DNSGuard, , [91b859a62852fa3c00e5b1c39d65629e], PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\SearchQUIEHelper.DNSGuard.1, , [91b859a62852fa3c00e5b1c39d65629e], PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SearchQUIEHelper.DNSGuard, , [91b859a62852fa3c00e5b1c39d65629e], PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SearchQUIEHelper.DNSGuard.1, , [91b859a62852fa3c00e5b1c39d65629e], PUP.Optional.Datamngr.A, HKU\S-1-5-21-2233565722-3301942672-1123445448-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}, , [91b859a62852fa3c00e5b1c39d65629e], PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}, , [91b859a62852fa3c00e5b1c39d65629e], PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}, , [91b859a62852fa3c00e5b1c39d65629e], PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}, , [91b859a62852fa3c00e5b1c39d65629e], PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}, , [91b859a62852fa3c00e5b1c39d65629e], PUP.Optional.DefaultTab.A, HKU\S-1-5-21-2233565722-3301942672-1123445448-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}, , [d376976895e5a3938caede6353af04fc], Adware.Adurr, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{625F420E-A4A9-4B40-BC23-716C1C43893A}, , [4405f20dc4b60a2cb12577d1e71bae52], Adware.Adurr, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{625F420E-A4A9-4B40-BC23-716C1C43893A}, , [4405f20dc4b60a2cb12577d1e71bae52], Adware.Adurr, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{625F420E-A4A9-4B40-BC23-716C1C43893A}, , [4405f20dc4b60a2cb12577d1e71bae52], Adware.Adurr, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{625F420E-A4A9-4B40-BC23-716C1C43893A}, , [4405f20dc4b60a2cb12577d1e71bae52], PUP.Optional.MoviesToolbar.A, HKLM\SOFTWARE\WOW6432NODE\DATAMNGR, , [9cadfe01bebc91a5ff4f7324a75b10f0], PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\DEFAULT TAB, , [67e205fac2b89e980e6f2e6951b16898], PUP.Optional.FCTPlugin, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\kincjchfokkeneeofpeefomkikfkiedl, , [d079e31c1a60f046ce03a7a80300e21e], PUP.Optional.DataMngr.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Datamngr, , [b099926d4f2bea4ca8ffc3e7a162d927], PUP.Optional.DataMngr.A, HKU\S-1-5-21-2233565722-3301942672-1123445448-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Datamngr, , [f4559c63b2c865d12483dbcf4cb7d62a], PUP.Optional.MoviesToolBar.A, HKU\S-1-5-21-2233565722-3301942672-1123445448-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ilividmoviestoolbardla, , [bb8ef708f981e254eb5fbed706fcfb05], PUP.Optional.CrossRider.A, HKU\S-1-5-21-2233565722-3301942672-1123445448-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [c5845ba48feb52e41462a7186d96b749], PUP.Optional.PriceGong.A, HKU\S-1-5-21-2233565722-3301942672-1123445448-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, , [bc8dff0072082b0bb7eac4cabd45d62a], PUP.Optional.DefaultTab.A, HKU\S-1-5-21-2233565722-3301942672-1123445448-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DEFAULT TAB, , [7dccc13e2951cc6aea940097a45e847c], PUP.Optional.MoviesToolbar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ilividmoviestoolbardlaGC, , [e26759a6a4d64de9f3dab5d124de946c], Registry Values: 4 PUP.Optional.MoviesToolbar.A, HKLM\SOFTWARE\WOW6432NODE\DATAMNGR|uninstallstring, C:\Program Files (x86)\Movies Toolbar\Datamngr\uninstall.exe, , [9cadfe01bebc91a5ff4f7324a75b10f0] PUP.Optional.DefaultTab.A, HKLM\SOFTWARE\WOW6432NODE\DEFAULT TAB|Version, 2.0.13.0, , [67e205fac2b89e980e6f2e6951b16898] PUP.Optional.MoviesToolbar.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DATAMNGRCOORDINATOR|ImagePath, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe, , [3e0bab5484f6ea4c1e31f5a2ee1423dd] PUP.Optional.DefaultTab.A, HKU\S-1-5-21-2233565722-3301942672-1123445448-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DEFAULT TAB|Version, 2.0.13.0, , [7dccc13e2951cc6aea940097a45e847c] Registry Data: 0 (No malicious items detected) Folders: 5 PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr, , [b8912dd21d5dfd39b245c8e7f60d44bc], PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr, , [e26759a6a4d64de9f3dab5d124de946c], PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1, , [e26759a6a4d64de9f3dab5d124de946c], PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\GC, , [e26759a6a4d64de9f3dab5d124de946c], PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64, , [e26759a6a4d64de9f3dab5d124de946c], Files: 32 PUP.Optional.Bandoo.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe, , [f455ac533e3c1a1c8540fd64c33e1fe1], PUP.Optional.Bandoo.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc1.cfg, , [90b939c6f98150e6ad180d549968b24e], PUP.Optional.Datamngr.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\IEBHO.dll, , [91b859a62852fa3c00e5b1c39d65629e], PUP.Optional.Datamngr.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\IEBHO.dll, , [91b859a62852fa3c00e5b1c39d65629e], PUP.Optional.Bandoo, C:\Users\Douglas M. Stricker\Downloads\iLividSetup-r514-n-bc.exe, , [be8b2ed1ef8b2610edb6ba911ee39a66], RiskWare.Tool.CK, C:\Users\Douglas M. Stricker\Downloads\8044bf9dd8.zip, , [7dccb9461e5c072f0c4c925e1fe29769], PUP.Optional.Firseria, C:\Users\Douglas M. Stricker\Downloads\infrarecorder.exe, , [85c44ab505753ef81a30431012f22bd5], PUP.Optional.Datamngr.A, C:\ProgramData\Wincert\win32cert.dll, , [75d4986732480c2a4b19e6c820e353ad], PUP.Optional.Datamngr.A, C:\ProgramData\Wincert\win64cert.dll, , [3b0ee8179cde71c598cc733b2cd701ff], PUP.Optional.Datamngr.A, C:\ProgramData\Wincert\win32prop.dll, , [40090bf4433772c43d28e6c8e91a22de], PUP.Optional.Datamngr.A, C:\ProgramData\Wincert\win64prop.dll, , [67e244bb75052511382dbbf39a69817f], PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\coordinator.cfg, , [b8912dd21d5dfd39b245c8e7f60d44bc], PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\general.cfg, , [b8912dd21d5dfd39b245c8e7f60d44bc], PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\S-1-5-21-2233565722-3301942672-1123445448-1000.cfg, , [b8912dd21d5dfd39b245c8e7f60d44bc], PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\S-1-5-21-2233565722-3301942672-1123445448-500.cfg, , [b8912dd21d5dfd39b245c8e7f60d44bc], PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [e26759a6a4d64de9f3dab5d124de946c], PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Datamngr.dll, , [e26759a6a4d64de9f3dab5d124de946c], PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe, , [e26759a6a4d64de9f3dab5d124de946c], PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\del_DM_LL_nse9F59.dll, , [e26759a6a4d64de9f3dab5d124de946c], PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\favicon.ico, , [e26759a6a4d64de9f3dab5d124de946c], PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Helper.dll, , [e26759a6a4d64de9f3dab5d124de946c], PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Internet Explorer Settings.exe, , [e26759a6a4d64de9f3dab5d124de946c], PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll, , [e26759a6a4d64de9f3dab5d124de946c], PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\setmgrc1.cfg, , [e26759a6a4d64de9f3dab5d124de946c], PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Uninstall.exe, , [e26759a6a4d64de9f3dab5d124de946c], PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\GC\install.ico, , [e26759a6a4d64de9f3dab5d124de946c], PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\GC\uninstall.exe, , [e26759a6a4d64de9f3dab5d124de946c], PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll, , [e26759a6a4d64de9f3dab5d124de946c], PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\Datamngr.dll, , [e26759a6a4d64de9f3dab5d124de946c], PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\del_DM_LL_nse9F59.dll, , [e26759a6a4d64de9f3dab5d124de946c], PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\Internet Explorer Settings.exe, , [e26759a6a4d64de9f3dab5d124de946c], PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\mgrldr.dll, , [e26759a6a4d64de9f3dab5d124de946c], Physical Sectors: 0 (No malicious items detected) (end)