2015/08/09 21:44:24 +0200 mbam-log-2015-08-09 (21-44-21).xml yes

2.1.8.1057 v2015.08.09.05 v2015.08.06.01 free disabled disabled disabled Windows 7 Service Pack 1 x64 Primol NTFS

threat completed 390179 905 1 1 8 11 4 2 23 0

enabled enabled enabled enabled disabled disabled enabled enabled enabled C:\Users\Primol\AppData\Local\Ahbhworks\tmpFDA5.exeTrojan.VBCryptdelete-on-reboot2764a72261a5602b38feef8a982f19e83bc5 C:\Users\Primol\AppData\Local\Ahbhworks\cbdqutnw.dllTrojan.Miuref.THDdelete-on-reboot3d8c6b9b99f2999dff158a0834cd05fb HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\gfilterdrvPUP.Optional.Softonic.SID.Csuccess7e4bce386922ac8adcaf136dd92c31cf HKLM\SOFTWARE\CLASSES\CLSID\{3B5B973C-92A4-4855-9D3F-0F3D23332208}Trojan.Sathurbotsuccess0ebbd234b0db989eaf39507f3ac860a0 HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}PUP.Optional.Aartemis.Asuccess7e4b13f391fab77f7ef8a76c996a4cb4 HKLM\SOFTWARE\WOW6432NODE\Freeze.comPUP.Optional.MyFreeze.Asuccess2c9d887ed0bb9a9c078a7ab3bc4757a9 HKLM\SOFTWARE\WOW6432NODE\supWPMPUP.Optional.SupTab.Asuccessb81162a42f5cc76ffb3227169a699e62 HKLM\SOFTWARE\WOW6432NODE\AARTEMISSOFTWARE\aartemishpPUP.Optional.Aartemis.ShrtClnsuccess7950897d1d6e9f971bdafa67f0134bb5 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}PUP.Optional.Aartemis.Asuccess11b808fec3c866d09bdb47ccdf243ec2 HKU\S-1-5-21-1571191598-4212959213-3768767430-1000\SOFTWARE\InstallCorePUP.Optional.InstallCore.Csuccess3099897d23680b2b571935719d679769 HKU\S-1-5-21-1571191598-4212959213-3768767430-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNAhbhworksTrojan.VBCryptsuccessC:\Users\Primol\AppData\Local\Ahbhworks\tmpFDA5.exea72261a5602b38feef8a982f19e83bc5 HKU\S-1-5-21-1571191598-4212959213-3768767430-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN8371ecbTrojan.LethicsuccessC:\8371ecb6\8371ecb6.exea326b94dec9f78bec419322a16ea15eb HKU\S-1-5-21-1571191598-4212959213-3768767430-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN8371ecb6Trojan.LethicsuccessC:\Users\Primol\AppData\Roaming\8371ecb6.exe4b7e5ea84b40ef4778653527fb05fd03 HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}URLPUP.Optional.Aartemis.Asuccesshttp://www.aartemis.com/web/?type=ds&ts=1387320947&from=cor&uid=SAMSUNGXHD502HJ_S20BJA0B902971&q={searchTerms}7e4b13f391fab77f7ef8a76c996a4cb4 HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN1213429653Trojan.Agent.MSDGensuccessC:\ProgramData\msnusn.exe7554cc3a91fa92a49b5642f6ff048f71 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN1213429653Trojan.Agent.MSDGensuccessC:\ProgramData\msnusn.exe7554cc3a91fa92a49b5642f6ff048f71 HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN1213429653PUP.Optional.PageStarter.AsuccessC:\ProgramData\msnusn.exedced4eb8e8a3ea4c9f5cadf67c887987 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\EXPLORER\RUN1213429653PUP.Optional.PageStarter.AsuccessC:\ProgramData\msnusn.exedced4eb8e8a3ea4c9f5cadf67c887987 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}URLPUP.Optional.Aartemis.Asuccesshttp://www.aartemis.com/web/?type=ds&ts=1387320947&from=cor&uid=SAMSUNGXHD502HJ_S20BJA0B902971&q={searchTerms}11b808fec3c866d09bdb47ccdf243ec2 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN^2831eb03Rootkit.Fileless.MTGensuccess7455bf47d8b39f975346dbc5a65e1de3 HKU\S-1-5-21-1571191598-4212959213-3768767430-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN^2831eb03Rootkit.Fileless.MTGensuccessac1d4bbbd8b3f93d6632efb1e2221ae6 HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMANDPUP.Optional.AartemisreplacedC:\Program Files\Internet Explorer\iexplore.exe http://aartemis.com/?type=sc&ts=1387320947&from=cor&uid=SAMSUNGXHD502HJ_S20BJA0B902971C:\Program Files\Internet Explorer\iexplore.exe http://aartemis.com/?type=sc&ts=1387320947&from=cor&uid=SAMSUNGXHD502HJ_S20BJA0B902971iexplore.exe8b3ef0163a5147ef3df2b19c29dc1de3 HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPESDefaultScopePUP.Optional.Qone8replaced{33BB0A4E-99AF-4226-BDF6-49120163DE86}{33BB0A4E-99AF-4226-BDF6-49120163DE86}{0633EE93-D776-472f-A0FF-E1416B8B2E3A}5277a660b1da4beb1f02fe4f8f76aa56 HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMANDPUP.Optional.AartemisreplacedC:\Program Files\Internet Explorer\iexplore.exe http://aartemis.com/?type=sc&ts=1387320947&from=cor&uid=SAMSUNGXHD502HJ_S20BJA0B902971C:\Program Files\Internet Explorer\iexplore.exe http://aartemis.com/?type=sc&ts=1387320947&from=cor&uid=SAMSUNGXHD502HJ_S20BJA0B902971iexplore.exeb118d72f9cef81b56ac5ef5e59ac5fa1 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPESDefaultScopePUP.Optional.Qone8replaced{33BB0A4E-99AF-4226-BDF6-49120163DE86}{33BB0A4E-99AF-4226-BDF6-49120163DE86}{0633EE93-D776-472f-A0FF-E1416B8B2E3A}3693769026652c0a849dd37a0ef7f50b C:\ProgramData\Microsoft\Performance\MonitorTrojan.Sathurbotdelete-on-reboot8c3d8c7a98f368cec71ce02ecd3617e9 C:\ProgramData\Microsoft\Performance\Monitor\tempTrojan.Sathurbotsuccess8c3d8c7a98f368cec71ce02ecd3617e9 C:\Users\Primol\AppData\Local\Ahbhworks\cbdqutnw.dllTrojan.Miuref.THDdelete-on-reboot3d8c6b9b99f2999dff158a0834cd05fb C:\Users\Primol\AppData\Local\Ahbhworks\tmpFDA5.exeTrojan.VBCryptdelete-on-reboota72261a5602b38feef8a982f19e83bc5 C:\8371ecb6\8371ecb6.exeTrojan.Lethicsuccessa326b94dec9f78bec419322a16ea15eb C:\Users\Primol\AppData\Roaming\8371ecb6.exeTrojan.Lethicsuccess4b7e5ea84b40ef4778653527fb05fd03 C:\Windows\System32\drivers\gfilterdrv.sysPUP.Optional.Softonic.SID.Csuccess7e4bce386922ac8adcaf136dd92c31cf C:\ProgramData\Microsoft\Performance\Monitor\PerformanceMonitor.dllTrojan.Sathurbotdelete-on-reboot0ebbd234b0db989eaf39507f3ac860a0 C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpFDA5.exeTrojan.VBCryptsuccess458458aed5b62610da9f4681ff0227d9 C:\Program Files (x86)\Mobogenie\nengine.dllPUP.Optional.NextLive.Asuccessddeca95d4d3e4ee88130898c58a9ed13 C:\Users\Primol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\8371ecb6.exeTrojan.Lethicsuccessbe0bc0460b8095a1f2ebacb0758b57a9 C:\Users\Primol\AppData\Local\Temp\KB70871722.exeTrojan.Lethicsuccess5e6ba95dd0bbe15536a7500c49b7956b C:\Users\Primol\AppData\Local\Temp\nsvE801.tmpPUP.Optional.Somoto.Csuccess9237d333dead5bdb2d676918966fae52 C:\Users\Primol\AppData\Local\Temp\bd.exe.5364109PUP.Optional.BonanzaDeals.Asuccess3f8a8e78cac10a2c762a8178ab55e719 C:\Users\Primol\AppData\Local\Temp\fullpackage_temp1387320925\QQBrowserFrame.dllPUP.Optional.SkyTech.Asuccess47823bcbb8d385b171e8153f5ea37d83 C:\Users\Primol\AppData\Local\Temp\fullpackage_temp1387320925\tmp\NewGdp.exePUP.Optional.WpManagersuccessb415c14596f5af874b8a74a647ba5ea2 C:\ProgramData\msnusn.exeTrojan.Agent.MSDGendelete-on-reboot7554cc3a91fa92a49b5642f6ff048f71 C:\ProgramData\msnusn.exePUP.Optional.PageStarter.Adelete-on-rebootdced4eb8e8a3ea4c9f5cadf67c887987 C:\ProgramData\Microsoft\Performance\Monitor\SecurityHelper.dllTrojan.Sathurbotsuccess8c3d8c7a98f368cec71ce02ecd3617e9 C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp3727.exeTrojan.Sathurbotsuccess8c3d8c7a98f368cec71ce02ecd3617e9 C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp3727.tmpTrojan.Sathurbotsuccess8c3d8c7a98f368cec71ce02ecd3617e9 C:\ProgramData\Microsoft\Performance\Monitor\temp\tmp710A.tmpTrojan.Sathurbotsuccess8c3d8c7a98f368cec71ce02ecd3617e9 C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpBE65.tmpTrojan.Sathurbotsuccess8c3d8c7a98f368cec71ce02ecd3617e9 C:\ProgramData\Microsoft\Performance\Monitor\temp\tmpFDA5.tmpTrojan.Sathurbotsuccess8c3d8c7a98f368cec71ce02ecd3617e9 C:\ProgramData\Microsoft\Performance\Monitor\temp\{68E1E684-8978-C67D-32BF-C46A4087AE8C}Trojan.Sathurbotsuccess8c3d8c7a98f368cec71ce02ecd3617e9