ihaveakeylogger

Malwarebytes Anti-Malware (Trial) 1.61.0.1400 www.malwarebytes.org Database version: v2012.07.01.08 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 myke :: MIKI [administrator] Protection: Enabled 7/1/2012 4:27:54 PM mbam-log-2012-07-01 (16-46-28).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 273097 Time elapsed: 14 minute(s), 49 second(s) Memory Processes Detected: 1 C:\ProgramData\IBUpdaterService\ibsvc.exe (PUP.BundleInstaller.IB) -> 1628 -> No action taken. Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 36 HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.BundleInstaller.IB) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service (PUP.BundleInstaller.IB) -> No action taken. HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> No action taken. HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (Adware.GamePlayLabs) -> No action taken. HKCR\Interface\{55555555-5555-5555-5555-550055225558} (Adware.GamePlayLabs) -> No action taken. HKCR\CrossriderApp0002258.BHO.1 (Adware.GamePlayLabs) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (Adware.GamePlayLabs) -> No action taken. HKCR\CLSID\{22222222-2222-2222-2222-220022222258} (Adware.GamePlayLab) -> No action taken. HKCR\CrossriderApp0002258.Sandbox.1 (Adware.GamePlayLab) -> No action taken. HKCR\CrossriderApp0002258.Sandbox (Adware.GamePlayLab) -> No action taken. HKCR\CLSID\{33333333-3333-3333-3333-330033223358} (Adware.GamePlayLab) -> No action taken. HKCR\CrossriderApp0002258.FBApi.1 (Adware.GamePlayLab) -> No action taken. HKCR\CrossriderApp0002258.FBApi (Adware.GamePlayLab) -> No action taken. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65bcd620-07dd-012f-819f-073cf1b8f7c6} (Adware.GamePlayLab) -> No action taken. HKCR\CrossriderApp0002258.BHO (Adware.GamePlayLab) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This (Adware.GamePlayLab) -> No action taken. HKCR\CrossriderApp0002258.BHO (PUP.CrossFire.Gen) -> No action taken. HKCR\CrossriderApp0002258.BHO.1 (PUP.CrossFire.Gen) -> No action taken. HKCR\CrossriderApp0002258.FBApi (PUP.CrossFire.Gen) -> No action taken. HKCR\CrossriderApp0002258.FBApi.1 (PUP.CrossFire.Gen) -> No action taken. HKCR\CrossriderApp0002258.Sandbox (PUP.CrossFire.Gen) -> No action taken. HKCR\CrossriderApp0002258.Sandbox.1 (PUP.CrossFire.Gen) -> No action taken. HKCU\Software\DC3_FEXEC (Malware.Trace) -> No action taken. HKCU\Software\Cr_Installer\2258 (Adware.GamePlayLab) -> No action taken. HKLM\SOFTWARE\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> No action taken. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mpfapcdfbbledbojijcbcclmlieaoogk (PUP.GamesPlayLab) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken. HKCR\CLSID\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken. HKCR\TypeLib\{44444444-4444-4444-4444-440044224458} (PUP.GamePlayLab) -> No action taken. HKCR\Interface\{55555555-5555-5555-5555-550055225558} (PUP.GamePlayLab) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} (PUP.GamePlayLab) -> No action taken. Registry Values Detected: 1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\I Want This|Publisher (Adware.GamePlayLab) -> Data: 215 Apps -> No action taken. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 6 C:\Program Files\I Want This (Adware.GamePlayLab) -> No action taken. C:\Users\myke\AppData\Roaming\dclogs (Stolen.Data) -> No action taken. C:\Users\myke\Local Settings\Application Data\I Want This (Adware.GamePlayLab) -> No action taken. C:\Users\myke\Local Settings\Application Data\I Want This\Chrome (Adware.GamePlayLab) -> No action taken. C:\Users\myke\AppData\Local\I Want This (Adware.GamePlayLab) -> No action taken. C:\Users\myke\AppData\Local\I Want This\Chrome (Adware.GamePlayLab) -> No action taken. Files Detected: 30 C:\ProgramData\IBUpdaterService\ibsvc.exe (PUP.BundleInstaller.IB) -> No action taken. C:\Program Files\I Want This\I Want This.dll (Adware.GamePlayLabs) -> No action taken. C:\Users\myke\AppData\Local\Temp\javav.exe (PUP.HackTool.ACGen) -> No action taken. C:\Users\myke\Downloads\Converterlite.exe (PUP.BundleInstaller.OI) -> No action taken. C:\Users\myke\Downloads\SoftonicDownloader_for_world-of-warcraft.exe (PUP.ToolbarDownloader) -> No action taken. C:\Users\myke\Downloads\DownloadManager_Setup (1).exe (PUP.Bundle.Installer.OI) -> No action taken. C:\Users\myke\Downloads\DownloadManager_Setup.exe (PUP.Bundle.Installer.OI) -> No action taken. C:\Users\myke\Downloads\epicbot.exe (PUP.BundleOffers.IIQ) -> No action taken. C:\Users\myke\Downloads\epicbot_520 (1).exe (PUP.BundleOffers.IIQ) -> No action taken. C:\Users\myke\Downloads\epicbot_520 (2).exe (PUP.BundleOffers.IIQ) -> No action taken. C:\Users\myke\Downloads\epicbot_520 (3).exe (PUP.BundleOffers.IIQ) -> No action taken. C:\Users\myke\Downloads\epicbot_520.exe (PUP.BundleOffers.IIQ) -> No action taken. C:\Users\Steven\Local Settings\Temporary Internet Files\Content.IE5\8VCK7IYA\PlayPickle_truste.exe (PUP.BundleInstaller.OI) -> No action taken. C:\Users\Steven\Local Settings\Temporary Internet Files\Content.IE5\GA7SFAUP\GameWrangler.exe (PUP.BundleInstaller.OI) -> No action taken. C:\Users\myke\AppData\Local\Temp\file2.exe (Trojan.Agent.Gen) -> No action taken. C:\Program Files\I Want This\I Want This.ini (Adware.GamePlayLab) -> No action taken. C:\Program Files\I Want This\appAPIinternalWrapper.js (Adware.GamePlayLab) -> No action taken. C:\Program Files\I Want This\fb.js (Adware.GamePlayLab) -> No action taken. C:\Program Files\I Want This\I Want This.exe (Adware.GamePlayLab) -> No action taken. C:\Program Files\I Want This\I Want This.ico (Adware.GamePlayLab) -> No action taken. C:\Program Files\I Want This\I Want ThisGui.exe (Adware.GamePlayLab) -> No action taken. C:\Program Files\I Want This\I Want ThisInstaller.log (Adware.GamePlayLab) -> No action taken. C:\Program Files\I Want This\jquery.js (Adware.GamePlayLab) -> No action taken. C:\Program Files\I Want This\json.js (Adware.GamePlayLab) -> No action taken. C:\Program Files\I Want This\Uninstall.exe (Adware.GamePlayLab) -> No action taken. C:\Users\myke\AppData\Roaming\dclogs\2012-06-30-7.dc (Stolen.Data) -> No action taken. C:\Users\myke\AppData\Roaming\dclogs\2012-07-01-1.dc (Stolen.Data) -> No action taken. C:\Users\myke\Local Settings\Application Data\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> No action taken. C:\Users\myke\AppData\Local\I Want This\Chrome\I Want This.crx (Adware.GamePlayLab) -> No action taken. C:\Program Files\I Want This\I Want This.dll (PUP.GamePlayLab) -> No action taken. (end)