Malwarebytes Anti-Malware (Trial) 1.75.0.1300
http://www.malwarebytes.orgDatabase version: v2013.10.04.11
Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16688
suzanne :: SUZLENOVO [administrator]
Protection: Enabled
10/4/2013 3:51:08 PM
mbam-log-2013-10-04 (15-51-08).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 224134
Time elapsed: 3 minute(s), 42 second(s)
Memory Processes Detected: 3
C:\Users\suzanne\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe (PUP.Optional.DefaultTab.A) -> 1612 -> Delete on reboot.
C:\Program Files (x86)\SaltarSmart\updateSaltarSmart.exe (PUP.Optional.SaltarSmart.A) -> 1640 -> Delete on reboot.
C:\Program Files (x86)\SaltarSmart\bin\utilSaltarSmart.exe (PUP.Optional.SaltarSmart.A) -> 2124 -> Delete on reboot.
Memory Modules Detected: 1
C:\Program Files (x86)\SaltarSmart\bin\sqlite3.dll (PUP.Optional.SaltarSmart.A) -> Delete on reboot.
Registry Keys Detected: 30
HKLM\SYSTEM\CurrentControlSet\Services\DefaultTabUpdate (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{d99a4ec9-00bd-4fe4-85a5-4db018351265} (PUP.Optional.SaltarSmart.A) -> Quarantined and deleted successfully.
HKCR\TypeLib\{4f0c4513-1dcb-4975-b4f0-f98c18e17265} (PUP.Optional.SaltarSmart.A) -> Quarantined and deleted successfully.
HKCR\Interface\{5B725BC8-C263-4783-BE79-D3A812FBB42B} (PUP.Optional.SaltarSmart.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D99A4EC9-00BD-4FE4-85A5-4DB018351265} (PUP.Optional.SaltarSmart.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D99A4EC9-00BD-4FE4-85A5-4DB018351265} (PUP.Optional.SaltarSmart.A) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D99A4EC9-00BD-4FE4-85A5-4DB018351265} (PUP.Optional.SaltarSmart.A) -> Quarantined and deleted successfully.
HKCR\AppID\{38495740-0035-4471-851E-F5BBB86AB085} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} (PUP.Optional.BrowseFox.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} (PUP.Optional.BrowseFox.A) -> Quarantined and deleted successfully.
HKCR\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCR\TypeLib\{FEB62B15-CC00-4736-AAEC-BA046C9DFF73} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCR\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCR\DefaultTabBHO.DefaultTabBrowser.1 (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCR\DefaultTabBHO.DefaultTabBrowser (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01} (PUP.Optional.DefaultTab) -> Quarantined and deleted successfully.
HKCR\CLSID\{A1E28287-1A31-4b0f-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\DefaultTabBHO.DefaultTabBrowserActiveX.1 (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKCR\DefaultTabBHO.DefaultTabBrowserActiveX (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2D33ED6-EBBD-467C-BF6F-F175D9B51363} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BAD84EE2-624D-4e7c-A8BB-41EFD720FD77} (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\Update SaltarSmart (PUP.Optional.SaltarSmart.A) -> Quarantined and deleted successfully.
HKLM\SYSTEM\CurrentControlSet\Services\Util SaltarSmart (PUP.Optional.SaltarSmart.A) -> Quarantined and deleted successfully.
HKCR\AppID\DefaultTabBHO.DLL (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\SaltarSmart (PUP.Optional.SaltarSmart.A) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\DEFAULT TAB (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
Registry Values Detected: 1
HKLM\SOFTWARE\Default Tab|Version (PUP.Optional.DefaultTab.A) -> Data: 2.2.23.0 -> Quarantined and deleted successfully.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 16
C:\Program Files (x86)\SaltarSmart (PUP.Optional.SaltarSmart.A) -> Delete on reboot.
C:\Program Files (x86)\SaltarSmart\bin (PUP.Optional.SaltarSmart.A) -> Delete on reboot.
C:\Program Files (x86)\SaltarSmart\bin\plugins (PUP.Optional.SaltarSmart.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SaltarSmart\update (PUP.Optional.SaltarSmart.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\installdt.tmp (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\installdt.tmp\XPI (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\installdt.tmp\XPI\defaulttab (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\installdt.tmp\XPI\defaulttab\components (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\installdt.tmp\XPI\defaulttab\locale (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\installdt.tmp\XPI\defaulttab\locale\en-US (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Roaming\DefaultTab\DefaultTab (PUP.Optional.DefaultTab.A) -> Delete on reboot.
C:\Users\suzanne\AppData\Local\Temp\ct3303000 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\ct3303000\xpi (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\ct3303000\xpi\defaults (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\ct3303000\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\ProgramData\Conduit\IE (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
Files Detected: 47
C:\Users\suzanne\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe (PUP.Optional.DefaultTab.A) -> Delete on reboot.
C:\Program Files (x86)\SaltarSmart\SaltarSmartBHO.dll (PUP.Optional.SaltarSmart.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\yU0l0OlD.exe.part (PUP.Optional.Domalq) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\ct3303000\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\ct3303000\ffLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\ct3303000\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\ct3303000\spff.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\ct3303000\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\ct3303000\stub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\google-earth.exe\bf32cc0565bf4aa9aff97aa8095b594d\google-earth.exe (PUP.Optional.BundleInstaller.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\google-earth.exe\bf32cc0565bf4aa9aff97aa8095b594d\installer.exe (PUP.Optional.Domalq) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\google-earth.exe\bf32cc0565bf4aa9aff97aa8095b594d\setup__120.exe (PUP.Optional.Amonetize) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\google-earth.exe\bf32cc0565bf4aa9aff97aa8095b594d\software\DefaultTabSetup.exe (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\google-earth.exe\bf32cc0565bf4aa9aff97aa8095b594d\software\SaltarSmart.exe (PUP.Optional.SaltarSmart.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\google-earth.exe\bf32cc0565bf4aa9aff97aa8095b594d\software\swa1_23.exe (PUP.Optional.SevereWeatherAlerts) -> Quarantined and deleted successfully.
C:\Users\suzanne\Downloads\FlashPlayer_V.119329333b.exe (PUP.FakeFlash.Domaiq) -> Quarantined and deleted successfully.
C:\Users\suzanne\Downloads\FlashPlayer_V.119333161b.exe (PUP.FakeFlash.Domaiq) -> Quarantined and deleted successfully.
C:\Users\suzanne\Downloads\FlashPlayer_V.119333385b.exe (PUP.FakeFlash.Domaiq) -> Quarantined and deleted successfully.
C:\Users\suzanne\Downloads\FlashPlayer_V.119333541b.exe (PUP.FakeFlash.Domaiq) -> Quarantined and deleted successfully.
C:\Users\suzanne\Downloads\google-earth.exe (PUP.Optional.Domalq) -> Quarantined and deleted successfully.
C:\Users\suzanne\Downloads\pcspeedup_fd47e95158eb4ce787a13f186a300428_.exe (PUP.Optional.PCSpeedUp.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\Downloads\Setup(2).exe (PUP.Optional.iBryte) -> Quarantined and deleted successfully.
C:\Users\suzanne\Local Settings\Temporary Internet Files\Content.IE5\2J5NN6R1\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\Local Settings\Temporary Internet Files\Content.IE5\8ZLFJ88V\Setup[1].exe (PUP.Optional.SaltarSmart.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\Local Settings\Temporary Internet Files\Content.IE5\8ZLFJ88V\stublogic[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\Local Settings\Temporary Internet Files\Content.IE5\WECHXGO6\checktbexist[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\Local Settings\Temporary Internet Files\Content.IE5\WECHXGO6\Vafmusic7[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SaltarSmart\updateSaltarSmart.InstallState (PUP.Optional.SaltarSmart.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SaltarSmart\Microsoft.Win32.TaskScheduler.dll (PUP.Optional.SaltarSmart.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SaltarSmart\SaltarSmart.Common.dll (PUP.Optional.SaltarSmart.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SaltarSmart\SaltarSmart.ico (PUP.Optional.SaltarSmart.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SaltarSmart\SaltarSmartUninstall.exe (PUP.Optional.SaltarSmart.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SaltarSmart\updateSaltarSmart.exe (PUP.Optional.SaltarSmart.A) -> Delete on reboot.
C:\Program Files (x86)\SaltarSmart\bin\sqlite3.dll (PUP.Optional.SaltarSmart.A) -> Delete on reboot.
C:\Program Files (x86)\SaltarSmart\bin\utilSaltarSmart.exe (PUP.Optional.SaltarSmart.A) -> Delete on reboot.
C:\Program Files (x86)\SaltarSmart\bin\utilSaltarSmart.InstallState (PUP.Optional.SaltarSmart.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SaltarSmart\bin\plugins\SaltarSmart.FFUpdate.dll (PUP.Optional.SaltarSmart.A) -> Quarantined and deleted successfully.
C:\Program Files (x86)\SaltarSmart\update\ucflne3q.s5l.exe (PUP.Optional.SaltarSmart.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\installdt.tmp\DefaultTab.xpi (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\installdt.tmp\XPI\defaulttab\locale\en-US\defaulttab.properties (PUP.Optional.DefaultTab.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\ct3303000\chromeid.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\ct3303000\conduit.xml (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\ct3303000\CT3303000.xpi (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\ct3303000\setup.ini.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\ct3303000\version.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\ct3303000\xpi\install.rdf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
C:\Users\suzanne\AppData\Local\Temp\ct3303000\xpi\defaults\preferences\defaults.js (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.
(end)