Malwarebytes Anti-Rootkit BETA 1.9.3.1001 www.malwarebytes.org Database version: main: v2017.05.04.03 rootkit: v2017.04.02.01 Windows 10 x64 NTFS Internet Explorer 11.187.14393.0 Vaengar :: VENGEANCE-6700 [administrator] 04.05.2017 14:01:53 mbar-log-2017-05-04 (14-01-53).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 313992 Time elapsed: 5 minute(s), 1 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 1 HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SNAREA (Adware.Elex) -> Delete on reboot. [e73c58bcc4e51d19c070cafc15ecd32d] Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 8 C:\Program Files (x86)\Terela (Adware.Elex) -> Delete on reboot. [6db66ba99b0eba7c829b7e8730d0be42] C:\Program Files (x86)\Mokagecerpuly (Adware.Elex) -> Delete on reboot. [8b9839dbd9d0f83e35cf69a89c654ab6] C:\Program Files (x86)\Mokagecerpuly\_ALLOWDEL_25e7953 (Adware.Elex) -> Delete on reboot. [8b9839dbd9d0f83e35cf69a89c654ab6] C:\Program Files (x86)\Mokagecerpuly\_ALLOWDEL_3cb78a9b (Adware.Elex) -> Delete on reboot. [8b9839dbd9d0f83e35cf69a89c654ab6] C:\Program Files (x86)\Mokagecerpuly\_ALLOWDEL_9427d46 (Adware.Elex) -> Delete on reboot. [8b9839dbd9d0f83e35cf69a89c654ab6] C:\Program Files (x86)\Mokagecerpuly\_ALLOWDEL_f97d2cc (Adware.Elex) -> Delete on reboot. [8b9839dbd9d0f83e35cf69a89c654ab6] C:\Users\Vaengar\AppData\Local\Shokerchcoagerk (Adware.Elex) -> Delete on reboot. [6db61ff51396c3732f826fa203feb64a] C:\Users\Vaengar\AppData\Local\SNAREA (Adware.Elex) -> Delete on reboot. [58cbf61e3970fc3acfc2a418b54c8c74] Files Detected: 18 C:\ProgramData\Microsoft\Windows\GameExplorer\Resources.dll (Adware.Elex) -> Delete on reboot. [26fdf81cfcad90a6ce9b35d6af5135cb] C:\ProgramData\Apple\Common\Cloud\WinHelper.dll (Adware.Elex) -> Delete on reboot. [6fb42ce84564b68046bcfe5c0ff205fb] C:\Users\Vaengar\AppData\Local\SNAREA\Snare.dll (Adware.Elex) -> Delete on reboot. [e73c58bcc4e51d19c070cafc15ecd32d] C:\Program Files (x86)\Mokagecerpuly\vlc.exe (Adware.Elex) -> Delete on reboot. [8b9839dbd9d0f83e35cf69a89c654ab6] C:\Program Files (x86)\Mokagecerpuly\xgerjaph.exe (Adware.Elex) -> Delete on reboot. [8b9839dbd9d0f83e35cf69a89c654ab6] C:\Program Files (x86)\Mokagecerpuly\_ALLOWDEL_25e7953\33 (Adware.Elex) -> Delete on reboot. [8b9839dbd9d0f83e35cf69a89c654ab6] C:\Program Files (x86)\Mokagecerpuly\_ALLOWDEL_3cb78a9b\bk.dat (Adware.Elex) -> Delete on reboot. [8b9839dbd9d0f83e35cf69a89c654ab6] C:\Program Files (x86)\Mokagecerpuly\_ALLOWDEL_3cb78a9b\DoDKP.dat (Adware.Elex) -> Delete on reboot. [8b9839dbd9d0f83e35cf69a89c654ab6] C:\Program Files (x86)\Mokagecerpuly\_ALLOWDEL_3cb78a9b\DoDKP64.dat (Adware.Elex) -> Delete on reboot. [8b9839dbd9d0f83e35cf69a89c654ab6] C:\Program Files (x86)\Mokagecerpuly\_ALLOWDEL_3cb78a9b\DV.dat (Adware.Elex) -> Delete on reboot. [8b9839dbd9d0f83e35cf69a89c654ab6] C:\Program Files (x86)\Mokagecerpuly\_ALLOWDEL_3cb78a9b\ppp.dat (Adware.Elex) -> Delete on reboot. [8b9839dbd9d0f83e35cf69a89c654ab6] C:\Program Files (x86)\Mokagecerpuly\_ALLOWDEL_3cb78a9b\simple.dat (Adware.Elex) -> Delete on reboot. [8b9839dbd9d0f83e35cf69a89c654ab6] C:\Program Files (x86)\Mokagecerpuly\_ALLOWDEL_3cb78a9b\ttttt.exe (Adware.Elex) -> Delete on reboot. [8b9839dbd9d0f83e35cf69a89c654ab6] C:\Program Files (x86)\Mokagecerpuly\_ALLOWDEL_3cb78a9b\{5A711AEB-93A1-4F09-9E56-7E6C7FA86266} (Adware.Elex) -> Delete on reboot. [8b9839dbd9d0f83e35cf69a89c654ab6] C:\Program Files (x86)\Mokagecerpuly\_ALLOWDEL_9427d46\MIO.exe (Adware.Elex) -> Delete on reboot. [8b9839dbd9d0f83e35cf69a89c654ab6] C:\Program Files (x86)\Mokagecerpuly\_ALLOWDEL_9427d46\{5A711AEB-93A1-4F09-9E56-7E6C7FA86266} (Adware.Elex) -> Delete on reboot. [8b9839dbd9d0f83e35cf69a89c654ab6] C:\Program Files (x86)\Mokagecerpuly\_ALLOWDEL_f97d2cc\3 (Adware.Elex) -> Delete on reboot. [8b9839dbd9d0f83e35cf69a89c654ab6] C:\Program Files (x86)\Mokagecerpuly\_ALLOWDEL_f97d2cc\4 (Adware.Elex) -> Delete on reboot. [8b9839dbd9d0f83e35cf69a89c654ab6] Physical Sectors Detected: 0 (No malicious items detected) (end)