Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org
Database version: v2013.03.20.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16618
Song :: SONG-PC [administrator]
25/6/2013 12:01:41 AM
mbam-log-2013-06-25 (00-01-41).txt
Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 409575
Time elapsed: 2 hour(s), 18 minute(s), 52 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 22
HKCR\AppID\{1DD31B76-C57E-49ba-94BC-BF53F0C82CD4} (PUP.Funshion) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1DD31B76-C57E-49ba-94BC-BF53F0C82CD4} (PUP.Funshion) -> Quarantined and deleted successfully.
HKCR\CLSID\{11CC93E4-0BE6-4f8f-82AA-D577FB955B05} (PUP.Funshion) -> Quarantined and deleted successfully.
HKCR\TypeLib\{F9BC0421-BB5C-447D-8547-BB45AFA80A4D} (PUP.Funshion) -> Quarantined and deleted successfully.
HKCR\Interface\{4D89001B-5B5B-4E76-A1F5-638E49DB7A58} (PUP.Funshion) -> Quarantined and deleted successfully.
HKCR\CLSID\{331D51F6-4375-C0EB-FC13-2CC4758E4C62} (PUP.Funshion) -> Quarantined and deleted successfully.
HKCR\331D51F6-4375-C0EB-FC13-2CC4758E4C62.Addr.1 (PUP.Funshion) -> Quarantined and deleted successfully.
HKCR\331D51F6-4375-C0EB-FC13-2CC4758E4C62.Addr (PUP.Funshion) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{331D51F6-4375-C0EB-FC13-2CC4758E4C62} (PUP.Funshion) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{331D51F6-4375-C0EB-FC13-2CC4758E4C62} (PUP.Funshion) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{331D51F6-4375-C0EB-FC13-2CC4758E4C62} (PUP.Funshion) -> Quarantined and deleted successfully.
HKCR\AddressSearch.JsObject.1 (PUP.Funshion) -> Quarantined and deleted successfully.
HKCR\AddressSearch.JsObject (PUP.Funshion) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11CC93E4-0BE6-4F8F-82AA-D577FB955B05} (PUP.Funshion) -> Quarantined and deleted successfully.
HKCR\CLSID\{91878E42-FC03-4785-B513-1F9E613D1027} (PUP.Funshion) -> Quarantined and deleted successfully.
HKCR\TypeLib\{D02E3AB9-7796-40CB-BDFC-20D834FE1F75} (PUP.Funshion) -> Quarantined and deleted successfully.
HKCR\Interface\{FCB380C4-D350-44BE-8791-50216F4747AC} (PUP.Funshion) -> Quarantined and deleted successfully.
HKCR\ASBarBroker.BDBroker.1 (PUP.Funshion) -> Quarantined and deleted successfully.
HKCR\ASBarBroker.BDBroker (PUP.Funshion) -> Quarantined and deleted successfully.
HKCR\CLSID\{FBEDBA6C-44A2-43b9-BD49-20EB6E0C4E86} (PUP.Funshion) -> Quarantined and deleted successfully.
HKCR\AddressSearch.SnavHttpProtocol.1 (PUP.Funshion) -> Quarantined and deleted successfully.
HKCR\AddressSearch.SnavHttpProtocol (PUP.Funshion) -> Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 6
C:\Program Files (x86)\BaiduAddr\{331D51F6-4375-C0EB-FC13-2CC4758E4C62}\AddressBar.dll (PUP.Funshion) -> Quarantined and deleted successfully.
C:\Program Files (x86)\BaiduAddr\{331D51F6-4375-C0EB-FC13-2CC4758E4C62}\ASBarBroker.exe (PUP.Funshion) -> Quarantined and deleted successfully.
C:\cola\Music\9AC0596D90804BA4.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\KwDownload\Temp\3900E478314AF606.exe (Adware.Ebiz.K) -> Quarantined and deleted successfully.
C:\KwDownload\Temp\9AC0596D90804BA4.exe (Trojan.StartPage) -> Quarantined and deleted successfully.
C:\Windows\Installer\{ecf60bac-53c1-5fe2-1250-45251f7a192c}\U\000000cb.@ (Rootkit.0Access) -> Quarantined and deleted successfully.
(end)