Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2016.05.01.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.18282 deckx :: DECKX-PC [administrator] 1/05/2016 19:57:12 mbam-log-2016-05-01 (19-57-12).txt Scan type: Full scan (C:\|F:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 616923 Time elapsed: 1 hour(s), 12 minute(s), 36 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 3 HKLM\SOFTWARE\MPC (PUP.Optional.MorePowerfulCleaner) -> Delete on reboot. HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCKPT (PUP.Optional.MorePowerfulCleaner) -> Delete on reboot. HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCPROTECTSERVICE (PUP.Optional.MorePowerfulCleaner) -> Delete on reboot. Registry Values Detected: 3 HKLM\SOFTWARE\MPC|Location (PUP.Optional.MorePowerfulCleaner) -> Data: C:\Program Files (x86)\MPC Cleaner -> Delete on reboot. HKLM\SYSTEM\CurrentControlSet\Services\MPCKpt|Description (PUP.Optional.MorePowerfulCleaner) -> Data: MPC Driver -> Delete on reboot. HKLM\SYSTEM\CurrentControlSet\Services\MPCProtectService|ImagePath (PUP.Optional.MorePowerfulCleaner) -> Data: "C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe" -> Delete on reboot. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 49 C:\zoek_backup\C_windows_SysNative_drivers_MPCKpt.sys.vir (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_Program Files (x86)_MPC Cleaner\BrowserPlugIn.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_Program Files (x86)_MPC Cleaner\Cleaner.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_Program Files (x86)_MPC Cleaner\Database.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_Program Files (x86)_MPC Cleaner\LogReport.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_Program Files (x86)_MPC Cleaner\LpcManager.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_Program Files (x86)_MPC Cleaner\Monitor.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_Program Files (x86)_MPC Cleaner\MPCProtectService.exe (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_Program Files (x86)_MPC Cleaner\MpcSafeDll.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_Program Files (x86)_MPC Cleaner\MpcSafeDll64.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_Program Files (x86)_MPC Cleaner\MPCTray.exe (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_Program Files (x86)_MPC Cleaner\MPCTray64.exe (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_Program Files (x86)_MPC Cleaner\Report.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_Program Files (x86)_MPC Cleaner\SafeNavi.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_Program Files (x86)_MPC Cleaner\SafeNavi64.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_Program Files (x86)_MPC Cleaner\SafeProtect.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_Program Files (x86)_MPC Cleaner\TrayFrame.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_Program Files (x86)_MPC Cleaner\Update.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_Program Files (x86)_MPC Cleaner\Web.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_Program Files (x86)_MPC Cleaner\WinService.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_Program Files (x86)_MPC Cleaner\XBus.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_Program Files (x86)_MPC Cleaner\XProcessBus.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_Program Files (x86)_Tencent\QQPCMgr\11.5.17490.219\Plugin\QQPhoneManager-5.5.1_710201.4892.pa.exe (Backdoor.PcClient) -> Quarantined and deleted successfully. C:\zoek_backup\C_Program Files (x86)_Tencent\QQPCMgr\11.5.17490.219\plugins\QQPCB1AndroidJmp\uninstall.exe (Backdoor.PcClient) -> Quarantined and deleted successfully. C:\zoek_backup\C_Program Files (x86)_Tencent\QQPCMgr\Plugins\PluginsSetupBak\QQPhoneManager-5.5.1_710201.4892.pa.exe (Backdoor.PcClient) -> Quarantined and deleted successfully. C:\zoek_backup\C_PROGRA~2_MPC Cleaner\BrowserPlugIn.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_PROGRA~2_MPC Cleaner\Cleaner.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_PROGRA~2_MPC Cleaner\Database.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_PROGRA~2_MPC Cleaner\LogReport.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_PROGRA~2_MPC Cleaner\LpcManager.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_PROGRA~2_MPC Cleaner\Monitor.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_PROGRA~2_MPC Cleaner\MPCProtectService.exe (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_PROGRA~2_MPC Cleaner\MpcSafeDll.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_PROGRA~2_MPC Cleaner\MpcSafeDll64.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_PROGRA~2_MPC Cleaner\MPCTray.exe (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_PROGRA~2_MPC Cleaner\MPCTray64.exe (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_PROGRA~2_MPC Cleaner\Report.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_PROGRA~2_MPC Cleaner\SafeNavi.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_PROGRA~2_MPC Cleaner\SafeNavi64.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_PROGRA~2_MPC Cleaner\SafeProtect.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_PROGRA~2_MPC Cleaner\TrayFrame.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_PROGRA~2_MPC Cleaner\Update.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_PROGRA~2_MPC Cleaner\Web.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_PROGRA~2_MPC Cleaner\WinService.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_PROGRA~2_MPC Cleaner\XBus.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_PROGRA~2_MPC Cleaner\XProcessBus.dll (PUP.Optional.MorePowerfulCleaner) -> Quarantined and deleted successfully. C:\zoek_backup\C_PROGRA~2_Tencent\QQPCMgr\11.5.17490.219\Plugin\QQPhoneManager-5.5.1_710201.4892.pa.exe (Backdoor.PcClient) -> Quarantined and deleted successfully. C:\zoek_backup\C_PROGRA~2_Tencent\QQPCMgr\11.5.17490.219\plugins\QQPCB1AndroidJmp\uninstall.exe (Backdoor.PcClient) -> Quarantined and deleted successfully. C:\zoek_backup\C_PROGRA~2_Tencent\QQPCMgr\Plugins\PluginsSetupBak\QQPhoneManager-5.5.1_710201.4892.pa.exe (Backdoor.PcClient) -> Quarantined and deleted successfully. (end)