Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

I have National Zoom in internet explorer. I can't remove it. Help


  • Please log in to reply
3 replies to this topic

#1 siminu2

siminu2

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:New Hampshire
  • Local time:10:34 PM

Posted 11 December 2013 - 11:52 AM

Downloaded Adobe update and was infected with something called National Zoom.  It has taken over my Explorer.  I have removed it from add-on's and search in tools.  But it still pops up as my home page.  Can I get some help please.



BC AdBot (Login to Remove)

 


#2 xXToffeeXx

xXToffeeXx

    Bleepin' Toffee Monster


  • Malware Response Instructor
  • 3,165 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Somewhere in BleepingComputer
  • Local time:03:34 AM

Posted 11 December 2013 - 12:02 PM

Hi siminu2,
 
Run these for me:
 
Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • Click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

 

-----------
 

thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

-----------
 
Please download Malwarebytes Anti-Malware mbamicontw5.gif and save it to your desktop.

  • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
  • Double-click on the renamed file to install, then follow these instructions
  • for doing a Quick Scan in normal mode.
  • Don't forget to check for database definition updates through the program's interface (preferable method) before scanning.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues

Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.

  • After completing the scan, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab .
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.
 
xXToffeeXx~


If I am helping you and you have not had a reply from me in two days, please send me a PM.

 

~Open a window, eat an apple, chrome some metal, watch an opera, make a safari, hunt a fire fox, be an explorer~


#3 siminu2

siminu2
  • Topic Starter

  • Members
  • 43 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:New Hampshire
  • Local time:10:34 PM

Posted 11 December 2013 - 01:35 PM

# AdwCleaner v3.015 - Report created 11/12/2013 at 12:40:05
# Updated 10/12/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Sandra - SANDRA-HP
# Running from : C:\Users\Sandra\Downloads\AdwCleaner (1).exe
# Option : Clean
 
***** [ Services ] *****
 
Service Deleted : Level Quality Watcher
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\Systweak
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\open it!
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\Level Quality Watcher
Folder Deleted : C:\Program Files (x86)\MyPC Backup
[!] Folder Deleted : C:\Program Files\Level Quality Watcher
Folder Deleted : C:\Users\Sandra\AppData\Local\Conduit
Folder Deleted : C:\Users\Sandra\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\Sandra\AppData\Local\Temp\NativeMessaging
Folder Deleted : C:\Users\Sandra\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Sandra\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Sandra\AppData\Roaming\DealPly
Folder Deleted : C:\Users\Sandra\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekcjpgehmohobmdiikfnopibipmgnml
File Deleted : C:\END
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Sandra\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx
File Deleted : C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ojcgaoafcmbadjkfdippkdddgkeaipbn_0.localstorage-journal
File Deleted : C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage
File Deleted : C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_app.mam.conduit.com_0.localstorage-journal
File Deleted : C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fastcontent.conduit.com_0.localstorage
File Deleted : C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_fastcontent.conduit.com_0.localstorage-journal
File Deleted : C:\Windows\System32\Tasks\Dealply
 
***** [ Shortcuts ] *****
 
Shortcut Disinfected : C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Sandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Sandra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Sandra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Sandra\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Key Deleted : HKLM\SOFTWARE\Classes\AppID\RegistryHelper.DLL
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3307181
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{544C2426-48FD-4C40-AE3B-31257FF334D0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1917AB4C-E2E9-42AE-A51E-B5750F160BFB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4341726-E922-47BB-86A6-23F4F4F67342}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B887CA3B-D82B-4A01-AD29-E97444D01CE6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFB904C4-C255-4540-B97E-A75A34F1FFB0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{00000001-4FEF-40D3-B3FA-E0531B897F98}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{1917AB4C-E2E9-42AE-A51E-B5750F160BFB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{64697678-0000-0010-8000-00AA00389B71}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A4341726-E922-47BB-86A6-23F4F4F67342}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{DCA1528D-A3C0-4A9F-AA6E-DCE643F91495}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B887CA3B-D82B-4A01-AD29-E97444D01CE6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Myfree Codec
Key Deleted : HKLM\Software\nationzoomSoftware
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DSite
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Key Deleted : [x64] HKLM\SOFTWARE\Conduit
Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Deleted : [x64] HKLM\SOFTWARE\Scorpion Saver
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16428
 
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
 
-\\ Google Chrome v
 
[ File : C:\Users\Sandra\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted : urls_to_restore_on_startup
 
*************************
 
AdwCleaner[R0].txt - [4055 octets] - [19/10/2013 06:37:44]
AdwCleaner[R1].txt - [9872 octets] - [11/12/2013 12:10:35]
AdwCleaner[R2].txt - [9932 octets] - [11/12/2013 12:11:50]
AdwCleaner[S0].txt - [3929 octets] - [19/10/2013 06:40:27]
AdwCleaner[S1].txt - [7874 octets] - [11/12/2013 12:40:05]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [7934 octets] ##########
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by Sandra on Wed 12/11/2013 at 12:56:00.56
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\dynconie.dynconieobject
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\dynconie.dynconieobject.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{2830488C-079B-45C2-88B6-AFE4EAA2DF85}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{781CA792-9B6E-400B-B36F-15C097D2CA54}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{AE6FCC02-176F-4480-A836-244997C328E6}
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\Users\Public\Desktop\play more great games!.url"
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\Sandra\appdata\local\cre"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uniblue"
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{01223558-449C-499C-BEFC-7A58898DF7A7}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{02C05F77-3A34-4BF9-ABD7-2EB8B9483024}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{05E4E9CC-8316-4FA1-A8F3-F6F86ACCF390}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{07A20637-F2EA-472A-9A69-5B3064AF6FE6}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{0C8B1047-2C2F-43BF-B234-F1B1F1402898}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{0E0DD862-8233-4114-B67A-36179F9C4983}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{0EACDB9F-A0D3-48EB-808B-3814082C6BBF}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{0F64B6B1-480D-4416-9D42-8291588DA085}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{15874851-5CD6-4AA9-98B2-A93964CB8C00}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{1616F1ED-EDBA-4E0C-97D7-E65F0B58EE0D}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{169E0FE2-DC8E-4CCB-ACF2-731CA9E1AE8D}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{18C9180D-FE4D-48C7-86D4-9F0BCFD2C075}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{1C1F1ABF-44D9-420D-A6C3-1E04CF0BC5FC}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{2487C5BA-0FA1-4F6C-AA69-88C27D879826}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{27C592A4-AD7B-40F0-970E-CEF42650B154}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{316A7FA7-F5D1-4C8F-8F06-AAB493D76C47}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{3268CDE6-7947-4B47-8069-253B91A0CBEE}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{329A5D9D-6D4D-4FC3-80B3-7F39790F5213}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{32F7C0CE-9B0D-4904-A5F9-75DDB8F322CB}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{33857375-8C5A-44CF-B997-B0199FB79E54}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{33BBE6C2-8ED8-4463-B6C7-C53E2CC546E4}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{36935932-04FD-483F-B063-F193D3C76777}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{3CDC3EE5-4E4D-4A26-AB5C-1372BA0A27B0}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{3E250669-16AA-4925-9F14-2CD2ADAAD44D}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{434F75F8-4663-472A-B79D-E34178AD23C3}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{448C6EE9-9399-498A-B075-81AE945EA0C8}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{45FEA378-0E7F-498F-9FB8-2F3AEF76BC52}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{475D394C-4325-43B5-ADE2-B04E4CEA9F3D}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{478966E1-D499-4C37-AFD7-2A7ABB914E2F}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{4D659BCC-2AF3-4333-AFF0-977A2E4DF628}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{50C2059E-3926-4269-8C00-2F47A0C95688}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{5324B1A9-78B3-4332-96C5-5241252A4E7E}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{577DDFC5-9E3C-4F39-9299-1B91AEAF0DB4}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{5819FBF1-86BC-422D-9AF4-22D7717688A6}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{589F4C15-6566-45CD-AF57-3E4ADCAEB63C}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{59877EC2-DAAA-4ED4-92F3-2F04F0B31298}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{5AAFA392-1DE7-45B3-97AB-6C00CBD5C3B0}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{5CBED8D6-6298-4705-9C70-2AE9302E8606}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{5E2BF8EA-0D1E-4690-A7B4-C46E6A584A40}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{62002866-C335-49E8-B09C-797E1D061999}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{635318C3-A4D9-44EC-BAE3-EB0E27179ED8}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{63DF5F4A-8E7B-4318-833D-D2B37D65E1C7}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{669F648C-33DA-4F90-A69A-59E7BAA3535B}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{67A2A728-636D-4C01-89D3-96F8271EAE32}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{6801A217-D511-4FC4-BC8B-5ADB97F8D460}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{68B7978A-97CA-433F-842A-71CFABC725B6}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{6CA4827F-0753-4DD5-A539-554916F5FE20}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{6DA23EFE-7C0E-42FD-BE90-5DDF4EFBF310}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{6F40458B-FC70-4C50-9981-04C109CA0005}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{6F5CD99A-9FEC-4956-88FC-4E214B2CED49}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{70E43C7D-388E-448D-9FE1-CAC1174EDB1B}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{7567095D-0279-45D2-8799-4493B2EB5EAB}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{75B10D3F-CB6A-4801-87C6-2A30BFEE0985}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{77C2B545-6D75-4451-933C-1F8487269A38}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{7AA968A8-D6ED-4AC2-AFD4-0504363698CC}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{7B8EDF29-07EA-4FEC-AA3A-7D83BC4CEE13}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{84F20F37-7A78-4D19-9609-6183AC2AC133}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{864E840D-BE4A-42AC-B97F-A2F1131BB90A}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{9193D119-420D-4A1E-A344-FC438BDA0BC5}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{9930F4FE-5B58-4007-8F69-1DDC3AC34D23}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{9C5B0715-7F5F-4E83-803C-46DC9FE8279F}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{9D48D282-BAC3-4A45-8CDC-959AB205EC4C}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{A59AB813-C4F9-4EDE-931D-1820235BC077}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{A837BA50-99A0-44B3-9383-4D34716DEC4C}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{B0530B3A-4558-484D-B55D-2047CF8E3826}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{B0755960-4CAD-4E28-BDDC-D3285F2EB40F}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{B60A80F2-AA48-4F4D-8770-0E8E525B6E08}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{B6C50C64-0EF8-4F2B-932A-DC0AAD36FD0E}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{B8967A16-D0B0-4846-A180-97E1815AACAF}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{C03EF2B5-5ED7-4F3C-8DFA-46A7677EBD19}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{C09C3536-EF3E-4302-969A-CEDEBFC3933E}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{C44E6441-302D-4F74-83DE-BC1124358260}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{C891DB8B-04CF-4C6E-B29A-28D7E0007587}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{C97B4049-55FB-4DCF-90F5-093988FC2A89}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{CB63435E-5DF4-4084-991E-678D24135795}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{CC1011F9-0AB4-43FB-98E9-A29BB82F1646}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{CCD21FDB-9852-41C9-86AD-EA67DD713C32}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{D5657268-F17B-4107-90E0-F4AD0A35420D}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{D6997037-4BA1-4D06-B89C-A299C6F7167A}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{D9E0413D-A444-45D2-ADA1-F183C784208E}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{E0990CC1-19B5-464F-8817-31F61A62A69C}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{E0BBCB30-6C1C-4A02-BFC3-0B71EB231214}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{E1035A66-4F12-480B-AD6E-67EE92628FA3}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{E666F3CF-5121-449A-8D80-D88695E748A7}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{E82A86EE-97E3-47C3-8223-8A59AD42D675}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{F6071431-6970-4317-8D61-061CA4EA2233}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{F8177CFC-1000-4E9D-AE23-D08FB04F6898}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{F90FC85D-CA2A-49AD-AD43-9C353D62019F}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{FD6F9D22-33C0-46D3-A73D-0B948230900F}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{FE5C4E06-5FE6-4911-82CF-7747F7A99860}
Successfully deleted: [Empty Folder] C:\Users\Sandra\appdata\local\{FEA6828F-BD6E-4FBD-8BED-70EC8EFF91A2}
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 12/11/2013 at 13:10:34.48
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2013.12.11.05
 
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Sandra :: SANDRA-HP [administrator]
 
12/11/2013 12:51:44 PM
mbam-log-2013-12-11 (12-51-44).txt
 
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 264121
Time elapsed: 14 minute(s), 33 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 1
HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{19DC5AB8-0792-4875-8F1B-896C5A9CE6AE} (PUP.Optional.Adpeak) -> No action taken.
 
Registry Values Detected: 1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{19DC5AB8-0792-4875-8F1B-896C5A9CE6AE}|DisplayName (PUP.Optional.Adpeak) -> Data: Level Quality Watcher -> No action taken.
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 12
C:\Users\Sandra\AppData\Local\Temp\ct3289847 (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\ct3307181 (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\ct3307181\plugins (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\Dealply (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\exe (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\GreatArcade (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\MyBackupPc (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\Qone8 (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\ScorpionSaver (PUP.Optional.BundleInstaller.A) -> No action taken.
 
Files Detected: 135
C:\$Recycle.Bin\S-1-5-21-3064546174-981495490-1555626466-1000\$R8030KC.exe (PUP.Optional.Installcore) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-3064546174-981495490-1555626466-1000\$R9HYO3R.exe (PUP.Optional.InstallCore) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-3064546174-981495490-1555626466-1000\$RRMDAW3.exe (PUP.Optional.Installcore) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-3064546174-981495490-1555626466-1000\$RSV5RSP.exe (PUP.Optional.InstallCore) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-3064546174-981495490-1555626466-1000\$RX7B943.exe (PUP.Optional.InstallCore) -> No action taken.
C:\$Recycle.Bin\S-1-5-21-3064546174-981495490-1555626466-1000\$RZTQD1R.exe (PUP.Optional.InstallCore) -> No action taken.
C:\temp\scorpionsaver.exe (PUP.Optional.ScorpionSaver) -> No action taken.
C:\temp\ScorpionSaver.msi (PUP.Optional.Adpeak) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\CSM11E1.tmp (PUP.Adware.RelevantKnowledge) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\dlLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\GreatArcadeHits.exe (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\ICReinstall_ImageEditorSetup (1).exe (PUP.Optional.Installcore) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\ICReinstall_ImageEditorSetup.exe (PUP.Optional.Installcore) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\ICReinstall_ZipOpenerSetup.exe (PUP.Optional.InstallCore) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\newsetup.exe (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\nsd663A.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\nsiD62E.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\nsjEF14.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\nsoBC9F.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\nspCFD5.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\nsr64C.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\nszFA1F.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\ToolbarHelper.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\ct3289847\chlogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\ct3289847\ctbe.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\ct3289847\ielogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\ct3289847\statisticsStub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\ct3307181\chLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\ct3307181\ctbe.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\ct3307181\ieLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\ct3307181\spch.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\ct3307181\statisticsStub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\ct3307181\stub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\parent.txt (PUP.Optional.Domalq) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\software\Dealply.exe (PUP.Optional.DealPly.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\software\GreatArcadeHits.exe (PUP.Optional.GreatArcadeHits.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\software\ScorpionSaver.msi (PUP.Optional.Adpeak) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\software\tugs_nationzoom.exe (PUP.Optional.SkyTech.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\fullpackage_temp1386600223\Baofeng.exe (PUP.Optional.NationZoom.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\fullpackage_temp1386600223\tmp\NewGdp.exe (PUP.Optional.WpManager.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\is357113909\4623991_Setup.EXE (PUP.Optional.LyricXeeker.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\is357113909\49603278_Setup.EXE (PUP.Optional.LyricXeeker.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\is357113909\49603344_Setup.EXE (PUP.Optional.PricePeep.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\is357113909\497411997_Setup.EXE (PUP.Optional.LyricXeeker.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\is357113909\497614443_Setup.EXE (PUP.Optional.PricePeep.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\is357113909\DeltaTB.exe (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\is357113909\OptimizerPro.exe (PUP.Optional.OptimizePro.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\is357113909\wajam_validate.exe (PUP.Optional.Wajam.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\is997511529\DeltaTB.exe (PUP.Optional.Babylon.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\is997511529\wajam_validate.exe (PUP.Optional.Wajam.A) -> No action taken.
C:\Windows\Temp\Optimizer_Pro.exe (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Users\Sandra\Downloads\Express_Installer.exe (PUP.Optional.iBryte) -> No action taken.
C:\Users\Sandra\Downloads\Flash_Player_Pro.exe (PUP.Optional.IBryte.A) -> No action taken.
C:\Users\Sandra\Downloads\Freecorder_8_Setup.exe (PUP.Optional.ExpressInstall.A) -> No action taken.
C:\Users\Sandra\Downloads\ImageEditorSetup.exe (PUP.Optional.Installcore) -> No action taken.
C:\Users\Sandra\Downloads\PluginV2.exe (PUP.Optional.Domalq) -> No action taken.
C:\Users\Sandra\Downloads\UltimateCodec.exe (PUP.Optional.InstallCore) -> No action taken.
C:\Users\Sandra\Downloads\windows live messenger formerly msn messenger setup (1).exe (PUP.Soft32Downloader) -> No action taken.
C:\Users\Sandra\Downloads\windows live messenger formerly msn messenger setup.exe (PUP.Soft32Downloader) -> No action taken.
C:\Users\Sandra\Downloads\windows xp pro startup disk setup.exe (PUP.Soft32Downloader) -> No action taken.
C:\Users\Sandra\Downloads\ZipOpenerSetup.exe (PUP.Optional.InstallCore) -> No action taken.
C:\Windows\Installer\42f59b.msi (PUP.Optional.Adpeak) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\ct3289847\chromeid.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\ct3289847\setup.ini.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\ct3307181\chromeid.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\ct3307181\CT3307181.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\ct3307181\initdata.json (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\ct3307181\manifest.json (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\ct3307181\setup.ini.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\ct3307181\plugins\TBVerifier.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\base.css (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\dealply.css (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\greatarcadehits.css (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\jquery.min.js (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\mypcbackup.css (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\nationzoom.css (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\position1A.css (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\position2A.css (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\position2B.css (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\position2C.css (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\position3A.css (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\position3B.css (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\position3C.css (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\position3D.css (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\position4A.css (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\scorpionsaver.css (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\style.css (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\bg_app.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\boton.jpg (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\boton_xl.jpg (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\bullet-short.gif (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\bullet-shortw.gif (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\bullet.gif (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\butpause.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\butplay.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\check-close.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\check.jpg (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\check.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\cross.jpg (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\dealply-logo-gris.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\dealply-logo.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\dealply-logo2.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\hide.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\less.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\logo-win.jpg (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\more.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\mypcbackup.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\percentage-bg.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\progress.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\progress_small.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\progress_small_bg.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\screen-geaudioconverter.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\screen-gevideoconverter.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\screen-ifish.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\screen-miul.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\screen-olivebrowser.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\screen-printpdf.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\screen-vafmusic.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\screen-vafplayer.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\screen-zipper.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\css\images\show.png (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\Dealply\info.html (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\exe\box.html (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\exe\close.html (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\exe\finish.html (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\exe\group.html (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\exe\instalando.html (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\exe\options.html (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\exe\welcome.html (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\GreatArcade\info.html (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\MyBackupPc\info.html (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\Qone8\info.html (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\AppData\Local\Temp\DM\bin\ScorpionSaver\info.html (PUP.Optional.BundleInstaller.A) -> No action taken.
C:\Users\Sandra\Downloads\77ZipSetup.exe (Adware.InstallBrain) -> Quarantined and deleted successfully.
 
(end)
 
 
I think I have done everything you asked of me.  Is this all I need to do?


#4 xXToffeeXx

xXToffeeXx

    Bleepin' Toffee Monster


  • Malware Response Instructor
  • 3,165 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Somewhere in BleepingComputer
  • Local time:03:34 AM

Posted 11 December 2013 - 02:37 PM

Hi siminu2,

 

How is your computer running, and is that homepage gone?

 

Follow the instructions here, and then re-run malwarebytes for me. Make sure to post the log in your next reply.

 

xXToffeeXx~


If I am helping you and you have not had a reply from me in two days, please send me a PM.

 

~Open a window, eat an apple, chrome some metal, watch an opera, make a safari, hunt a fire fox, be an explorer~





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users