Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Suddenly having pop ups / highlighted words with adds


  • Please log in to reply
10 replies to this topic

#1 ericj223

ericj223

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:09:56 PM

Posted 09 July 2014 - 10:54 PM

My computer was running fine with no pop ups until about 2 weeks ago when suddenly anytime i click anything i recieve pop ups from various companies alot of which appear to be microsoft or microsoft knock offs. In addition to that random words are highlighted in blue and underlined and when i hover my mouse over them a small window pops up with an ad in it.

 

The performance of my computer while browsing the web seems to be slower and when streaming video it is choppy and can barely stream a basic youtube video.

 

This virus is ruining my computer and i have tried ad aware, windows security essentials and bitdefender and nothing seems to work. Can someone please assist me in getting rid of this terrible virus?

 

Thank you


Edited by Queen-Evie, 09 July 2014 - 11:27 PM.
moved from Windows 7 to AII


BC AdBot (Login to Remove)

 


#2 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,607 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:01:56 PM

Posted 10 July 2014 - 10:17 AM

Please download AdwCleaner and run it.
 
An image like the one below will open, click on Scan.
 
adwcleaner11_zps48314883.png
 
Once the search is complete a list of the pending items will be displayed.  If you see any which you do not want removed, remove the check mark next to it.  
 
Click on Clean to remove the selected items.  
 
You will receive a message telling you that all programs will be close so that the infections can be removed.  Click on Ok.
 
When the cleaning process is complete a log of what was removed will be presented.  Please copy and the paste this log in your next post.
 
 

Please download Malwarebytes Anti-Malware.  After clicking on the link the download will start automatically.
 
1)  Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.
 
2)  Malwarebytes will automatically open.  If this is the first time you have run this version of Malwarbytes you will see an image like the one below.
 
mbam1_zps95cc812c.png
 
Click on Update Now, after Malwarebytes is updated click on Scan.
 
If this isn't the first time you have run this version, then you will see an image like the one below.  Click on Scan
 
mbam1_zps98e7fba9.png
 
You will be prompted to update Malwarebytes, to do so click on Update Now.
 
 mbam2_zps85f38f0c.png
 
3)  The scan will automatically run now.
 
mbamreplace_zps3ead4824.png
 
 
4)  When the scan is complete the results will be displayed.  Click on Quarantine All, then click on Apply Actions
 
mbam4_zps23e52ad4.png
 
 
5)  To complete any actions taken you will be asked if you want to restart your computer, click on Yes
 
 mbam4_zps490948cc.png
 
6)  Please post the Malwarebytes log.
 
To find your Malwarebytes log,download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  When the log opens, scroll down toward the bottom of the log to Quarantined Items.  Copy and paste this in your next post.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,484 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:56 PM

Posted 10 July 2014 - 07:42 PM

What you describe is most likely "In-text" advertising. You may want to read this topic which explains this type of advertising.

About In-text advertising: In-Text Ads - Text Enhanced Ads
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 ericj223

ericj223
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:09:56 PM

Posted 11 July 2014 - 12:58 AM

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask
[#] Folder Deleted : C:\ProgramData\Browser Manager
Folder Deleted : C:\ProgramData\VisualBee
Folder Deleted : C:\Program Files (x86)\Search Toolbar
Folder Deleted : C:\Program Files\003
Folder Deleted : C:\Program Files\SupraSavings
Folder Deleted : C:\Users\eric\AppData\Local\Conduit
Folder Deleted : C:\Users\eric\AppData\Local\emaze
Folder Deleted : C:\Users\eric\AppData\Local\PriceMeter
Folder Deleted : C:\Users\eric\AppData\Local\torch
Folder Deleted : C:\Users\eric\AppData\Local\VisualBeeExe
Folder Deleted : C:\Users\eric\AppData\Local\Temp\NetCrawl
Folder Deleted : C:\Users\eric\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\eric\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\eric\AppData\LocalLow\searchresultstb
Folder Deleted : C:\Users\eric\AppData\Roaming\RocketUpdater
Folder Deleted : C:\Users\eric\AppData\Roaming\Systweak
Folder Deleted : C:\Users\eric\Documents\Optimizer Pro
File Deleted : C:\END
File Deleted : C:\Windows\SysWOW64\conduitEngine.tmp
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Windows\System32\Tasks\pricemeterdownloader

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1060933
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4B5C-9287-DA72D38F4FE6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{9D425283-D487-4337-BAB6-AB8354A81457}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{9D425283-D487-4337-BAB6-AB8354A81457}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\Ask&Record
Key Deleted : HKCU\Software\BrowserSafeguardInstalled
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\DataMngr
Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\torch
Key Deleted : HKCU\Software\visualbee
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\Supra Savings
Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\BrowserSafeGuard
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DealPlyLive
Key Deleted : HKLM\Software\iLividSRTB
Key Deleted : HKLM\Software\PriceMeterLiveUpdate
Key Deleted : HKLM\Software\suprasavings
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\torch
Key Deleted : HKLM\Software\visualbee
Key Deleted : [x64] HKLM\SOFTWARE\DataMngr
Key Deleted : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Key Deleted : [x64] HKLM\SOFTWARE\Supra Savings
Key Deleted : [x64] HKLM\SOFTWARE\suprasavings

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207

*************************

AdwCleaner[R0].txt - [8557 octets] - [10/07/2014 22:42:43]
AdwCleaner[S0].txt - [7438 octets] - [10/07/2014 22:43:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7498 octets] ##########



#5 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:56 AM

Posted 11 July 2014 - 01:09 AM

DealPlyLive/ Supra Savings/ LevelQualityWatcher/ visualbee/ PriceMeterLiveUpdate/ iLividSRTB/

The above list, and several others are all Adware "Scammy Programs" that need removal.

 

Please try to find if any of these are in Programs and Features (also often by other names).



#6 ericj223

ericj223
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:09:56 PM

Posted 11 July 2014 - 01:19 AM

mbam-check result log version:     2.1.1.1001
========================================

User Account type:                 Administrator
OS:                                Windows 7 Service Pack 1 Service Pack 1 64 bit Operating System
Current Version and Build:         6.1.7601.0
Malwarebytes Anti-Malware:         2.0.2.1012
Installed On:                      2014/07/10
Malware Database:                  2014.07.11.03
Rootkit Database:                  2014.07.09.01
Remediation Database:              2013.10.16.01
IP Database:                       0000.00.00.00
Domain Database:                   0000.00.00.00
License:                           Trial
Malware Protection:                4 (The service is running.)
Malicious Website Protection:      4 (The service is running.)
Chameleon:                         0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
Log Created:                       2014/07/10 23:17:07
Compatibility Flag Settings:
=================================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
 C:\Windows\Freecorder\uninstall.exeREG_SZ  VISTARTM
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
 C:\Program Files (x86)\Optimizer Pro\OptimizerPro.exeREG_SZ  RUNASADMIN ELEVATECREATEPROCESS
 C:\Program Files (x86)\Perk Prize Panel\perkda.exeREG_SZ  RunAsInvoker
 C:\Users\eric\AppData\Local\Temp\PerkDaU.exeREG_SZ  RunAsInvoker
 C:\Program Files (x86)\Perk Prize Panel\pdr.exeREG_SZ  RunAsInvoker
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
 C:\Program Files (x86)\Perk Prize Panel\pdr.exeREG_SZ  RunAsInvoker
HKEY_CURRENT_USER\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
 C:\Program Files (x86)\Perk Prize Panel\perkda.exeREG_SZ  RunAsInvoker
 C:\Users\eric\AppData\Local\Temp\PerkDaU.exeREG_SZ  RunAsInvoker
 C:\Program Files (x86)\Perk Prize Panel\pdr.exeREG_SZ  RunAsInvoker
Malwarebytes Anti-Malware Shell Extension Block Check:
======================================================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:

MBAM Startup Entries:
=====================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
 "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"REG_SZ  "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Malwarebytes Anti-Malware Service and Driver Status:
=======================================================

--------------Driver File Info:--------------
C:\Windows\system32\drivers\mbam.sys
File Size: 25816     BYTES FileVersion: 0.1.13.0 MD5: [f92b0e478c0faa6d6661e6e977247e60]
C:\Windows\system32\drivers\mwac.sys
File Size: 63704     BYTES FileVersion: 1.0.1.0 MD5: [15e8abc06843672955ce26a009533bad]
C:\Windows\system32\drivers\mbamswissarmy.sys
File Size: 122584    BYTES FileVersion: 0.1.7.0 MD5: [8a50d5304e6ae48664cf5838ec32f647]
C:\Windows\system32\drivers\mbamchameleon.sys
File Size: 91352     BYTES FileVersion: 1.0.4.0 MD5: [9d9ed48f841ea37aa5310d54b9e5d3c7]

--------------MBAMProtector:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0

--------------MBAMService:--------------
Type:                   16
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0

--------------MBAMScheduler:--------------
Type:                   16
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0

--------------MBAMChameleon:--------------
Type:                   N/A
State:                  0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
WIN32_EXIT_CODE:        N/A
SERVICE_EXIT_CODE:      N/A
CHECKPOINT:             N/A
WAIT_HINT:              N/A

--------------MBAMWebAccessControl:--------------
Type:                   1
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0

Required Dependencies:
======================

--------------BFE:--------------
Type:                   32
State:                  4 (The service is running.)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
 DisplayName                   REG_SZ  @%SystemRoot%\system32\bfe.dll,-1001
 Group                         REG_SZ  NetworkProvider
 ImagePath                     REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
 Description                   REG_SZ  @%SystemRoot%\system32\bfe.dll,-1002
 ObjectName                    REG_SZ  NT AUTHORITY\LocalService
 ErrorControl                  REG_DWORD  1
 Start                         REG_DWORD  2
 Type                          REG_DWORD  32
 DependOnService               REG_MULTI_SZ RpcSs

 ServiceSidType                REG_DWORD  3
 RequiredPrivileges            REG_MULTI_SZ SeAuditPrivilege

 FailureActions                REG_BINARY Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters
 ServiceDll                    REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll
 ServiceDllUnloadOnStop        REG_DWORD  1
 ServiceMain                   REG_SZ  BfeServiceMain
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\Filter
 {dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data

 {0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data

 {12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data

 {c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data

 {0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data

 {074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data

 {c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data

 {a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data

 {0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data

 {2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data

 {2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY Binary Data

 {c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY Binary Data

 {935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY Binary Data

 {941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY Binary Data

 {9db5e469-b3f9-47cd-89cb-8da4a2b41a36}REG_BINARY Binary Data

 {6b53db2e-45ed-4aff-939d-031714733d82}REG_BINARY Binary Data

 {ea19a789-4ee7-4112-869e-9ecb7abe12c1}REG_BINARY Binary Data

 {98395d45-4563-4372-adf6-e4590a8e998b}REG_BINARY Binary Data

 {440cc24d-d9dd-4c4a-8985-2662e3e9f58f}REG_BINARY Binary Data

 {ed6afcce-ffdf-4c25-b8b5-0d0914226613}REG_BINARY Binary Data

 {8c0b86f2-9252-4475-82b6-feb428802c51}REG_BINARY Binary Data

 {fcc81bf5-5c83-4f71-843e-b00ee1b9483c}REG_BINARY Binary Data

 {f94da470-0558-4a08-aeb2-20c327d4d6b6}REG_BINARY Binary Data

 {4049000f-b01c-4950-a95f-ff0ca619abec}REG_BINARY Binary Data

 {671a4cc2-a19f-49a7-a5a8-a20c4cc9affe}REG_BINARY Binary Data

 {57fb7286-f5cc-4af2-9d67-cb4ed258bc11}REG_BINARY Binary Data

 {e638b86c-ebee-42ae-b6db-2bc3fefb54ba}REG_BINARY Binary Data

 {3dda1213-65cc-4d07-9f32-c574de510bf6}REG_BINARY Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Callout
 {971fe817-a416-4447-b577-1dd38109858e}REG_BINARY Binary Data

 {982a0ed3-8535-4b32-8907-63780de8bb88}REG_BINARY Binary Data

 {49bc316e-22f6-4ebf-ae58-75b3e49ec111}REG_BINARY Binary Data

 {03288309-b852-4761-8181-d399cff7f23e}REG_BINARY Binary Data

 {351f5661-b48e-465a-9f2b-c35915e41602}REG_BINARY Binary Data

 {d83c4ddf-b5b4-44a3-9221-b4da15b2708f}REG_BINARY Binary Data

 {1f03505a-2c31-4da5-b01e-f6ae6e6acf09}REG_BINARY Binary Data

 {43c2cb5a-4daa-4461-9a1d-988c81896a4a}REG_BINARY Binary Data

 {86002faf-e455-4493-a901-375a1045f74f}REG_BINARY Binary Data

 {ecb859dd-8793-4556-ad85-4c1f8fff61d6}REG_BINARY Binary Data

 {6ed7b0a9-ff49-4418-89e3-814735afc4ce}REG_BINARY Binary Data

 {e33fb58c-a13c-4763-b08c-dd3fdd87418a}REG_BINARY Binary Data

 {beb7d817-855c-4a44-90f5-11f95b2a6519}REG_BINARY Binary Data

 {c2e7b6d5-4acf-4a81-b2ad-4343823c8d90}REG_BINARY Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Filter
 {dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data

 {f444c576-6e60-4ea2-9faa-80d57ed12cd2}REG_BINARY Binary Data

 {0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data

 {12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data

 {c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data

 {0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data

 {4d9581d2-aef8-4993-84cd-b986ced80d42}REG_BINARY Binary Data

 {be7cbdf4-b192-4aa5-94f8-1fb5c5ee07bc}REG_BINARY Binary Data

 {716b48eb-0a35-4a76-92ab-1d987230d288}REG_BINARY Binary Data

 {1165065e-4996-4338-abaf-4b8556b4d431}REG_BINARY Binary Data

 {07a24961-a760-4e80-b263-6d275e1b09cb}REG_BINARY Binary Data

 {5b0cb2e2-ab87-4974-9f1c-2f22a654eeb9}REG_BINARY Binary Data

 {b6b2ca61-fb98-4422-adc2-e7cf56b3680c}REG_BINARY Binary Data

 {0aa7fff8-919f-453c-928c-28a12122ba38}REG_BINARY Binary Data

 {074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data

 {c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data

 {a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data

 {0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data

 {91ffecf0-0a9e-4572-95f1-a7111af86967}REG_BINARY Binary Data

 {64e55933-15a5-495d-a928-ccca43d44875}REG_BINARY Binary Data

 {13bfd422-6f75-4408-8924-9400ec0cb19c}REG_BINARY Binary Data

 {cbfb56db-3c85-4543-9bc2-76ea28cdd74e}REG_BINARY Binary Data

 {2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data

 {375fb39b-08c6-40f2-bdf2-08fa63f970a2}REG_BINARY Binary Data

 {2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY Binary Data

 {c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY Binary Data

 {b6fdab6b-dcc6-43e3-99ce-7aeca65063a4}REG_BINARY Binary Data

 {3697a558-3ed3-49be-a4c1-c1a4448653b4}REG_BINARY Binary Data

 {935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY Binary Data

 {941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY Binary Data

 {b02a4013-b6b5-4859-9168-1e3299e43b24}REG_BINARY Binary Data

 {d870c96c-75ee-46a6-8a02-8e4401a73423}REG_BINARY Binary Data

 {8b50e2ec-7cf0-4b71-b42e-5b0536f6cab8}REG_BINARY Binary Data

 {4137b143-2770-43d4-91a2-55bb0a069830}REG_BINARY Binary Data

 {3180114b-8338-4740-9a16-444134ad62f4}REG_BINARY Binary Data

 {17043d46-fac2-4561-bca1-0c7a05e95f5f}REG_BINARY Binary Data

 {567d3836-3f5b-4067-b9c4-952f677010a2}REG_BINARY Binary Data

 {4e718c57-c397-4221-9fbb-14fd51701d6a}REG_BINARY Binary Data

 {3a90a266-1519-4d23-911b-e84cd0f02ab8}REG_BINARY Binary Data

 {9db5e469-b3f9-47cd-89cb-8da4a2b41a36}REG_BINARY Binary Data

 {c0ec88f6-8f29-487f-b75f-9ec70244e72c}REG_BINARY Binary Data

 {6b53db2e-45ed-4aff-939d-031714733d82}REG_BINARY Binary Data

 {7f3d2317-8fa9-4733-82f1-16e199869978}REG_BINARY Binary Data

 {ea19a789-4ee7-4112-869e-9ecb7abe12c1}REG_BINARY Binary Data

 {c681227d-0b6f-4aa1-b3db-d629969608f1}REG_BINARY Binary Data

 {98395d45-4563-4372-adf6-e4590a8e998b}REG_BINARY Binary Data

 {308ff412-9eba-44d5-9cea-a9be44cfdb4b}REG_BINARY Binary Data

 {440cc24d-d9dd-4c4a-8985-2662e3e9f58f}REG_BINARY Binary Data

 {6f347775-aaec-49f5-8aae-813452bfc3d4}REG_BINARY Binary Data

 {ed6afcce-ffdf-4c25-b8b5-0d0914226613}REG_BINARY Binary Data

 {7e96a182-5655-4b32-9abb-53d86f946a27}REG_BINARY Binary Data

 {8c0b86f2-9252-4475-82b6-feb428802c51}REG_BINARY Binary Data

 {73402305-c771-421c-9a9e-676e632cd58d}REG_BINARY Binary Data

 {fcc81bf5-5c83-4f71-843e-b00ee1b9483c}REG_BINARY Binary Data

 {f7f1e7a9-2a28-4fd8-9257-37b661a77308}REG_BINARY Binary Data

 {f94da470-0558-4a08-aeb2-20c327d4d6b6}REG_BINARY Binary Data

 {44a6bed6-4a59-486a-8900-d496fc034712}REG_BINARY Binary Data

 {4049000f-b01c-4950-a95f-ff0ca619abec}REG_BINARY Binary Data

 {8fd772d5-328b-4ea3-9671-36427c79d37f}REG_BINARY Binary Data

 {671a4cc2-a19f-49a7-a5a8-a20c4cc9affe}REG_BINARY Binary Data

 {cc155c6c-d1f7-4775-b8ee-6ceff2bb16c2}REG_BINARY Binary Data

 {57fb7286-f5cc-4af2-9d67-cb4ed258bc11}REG_BINARY Binary Data

 {72513c0a-8dd8-44be-b3dd-a32818022fc5}REG_BINARY Binary Data

 {e638b86c-ebee-42ae-b6db-2bc3fefb54ba}REG_BINARY Binary Data

 {3c83dd70-7e3a-43f0-854f-4b770f01a148}REG_BINARY Binary Data

 {3dda1213-65cc-4d07-9f32-c574de510bf6}REG_BINARY Binary Data

 {127e6889-bf6e-4394-aab5-d204bcf00dc0}REG_BINARY Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Provider
 {decc16ca-3f33-4346-be1e-8fb4ae0f3d62}REG_BINARY Binary Data

 {4b153735-1049-4480-aab4-d1b9bdc03710}REG_BINARY Binary Data

 {1bebc969-61a5-4732-a177-847a0817862a}REG_BINARY Binary Data

 {aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3}REG_BINARY Binary Data

 {e5e8c522-9d0e-48dc-b4fd-16789ad052e5}REG_BINARY Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\SubLayer
 {b3cdd441-af90-41ba-a745-7c6008ff2300}REG_BINARY Binary Data

 {b3cdd441-af90-41ba-a745-7c6008ff2301}REG_BINARY Binary Data

 {b3cdd441-af90-41ba-a745-7c6008ff2302}REG_BINARY Binary Data

 {9ba30013-c84e-47e5-ac6e-1e1aed72fa69}REG_BINARY Binary Data

 {ff2e84f6-a3b5-4993-a23c-03f63edf942f}REG_BINARY Binary Data

--------------fltmgr:--------------
Type:                   2
State:                  4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE:        0
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
 AttachWhenLoaded              REG_DWORD  1
 DisplayName                   REG_SZ  @%SystemRoot%\system32\drivers\fltmgr.sys,-10001
 Group                         REG_SZ  FSFilter Infrastructure
 ImagePath                     REG_EXPAND_SZ system32\drivers\fltmgr.sys
 Description                   REG_SZ  @%SystemRoot%\system32\drivers\fltmgr.sys,-10000
 ErrorControl                  REG_DWORD  3
 Start                         REG_DWORD  0
 Tag                           REG_DWORD  1
 Type                          REG_DWORD  2
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum
 0                             REG_SZ  Root\LEGACY_FLTMGR\0000
 Count                         REG_DWORD  1
 NextInstance                  REG_DWORD  1

C:\Windows\system32\drivers\fltmgr.sys
File Size: 289664    BYTES FileVersion: 6.1.7601.17514 MD5: [da6b67270fd9db3697b20fce94950741]
C:\Windows\SysWOW64\mscomctl.ocx
File Size: 1071088   BYTES FileVersion: 6.1.97.86 MD5: [d268668751ee22997d7ef1417034cb04]
C:\Windows\SysWOW64\olepro32.dll
File Size: 90112     BYTES FileVersion: 6.1.7601.17514 MD5: [703ffd301ab900b047337c5d40fd6f96]

MBAM Registry Settings and License Info:
========================================
--------------Settings:--------------
Advanced:
    AutomaticQuarantine:                                       true
    AutostartProtection:                                       true
    LimitedMode:                                               false
    StartSilentMode:                                           false
    StartupDelay:                                              0
ApplicationState:
    First-Run-After-Installation:                              false
General:
    DaysUntilNotifyExpiration:                                 5
    Language:                                                  en
    RightClickAccess:                                          false
    SilentErrors:                                              false
Logging:
    ExportLog:                                                 true
Notification:
ProtectionTray:
    DisplayMilliseconds:                                       7000
ScanHistory:
    Duration_Complete:                                         151000
    Duration_Driver:                                           0
    Duration_Filesystem:                                       1000
    Duration_Heuristics:                                       357000
    Duration_Loading:                                          0
    Duration_MasterBootRecord:                                 0
    Duration_Memory:                                           40000
    Duration_PreScan:                                          11000
    Duration_Registry:                                         13000
    Duration_Sector:                                           0
    Duration_Startup:                                          12000
    ItemCount_Complete:                                        266414
    ItemCount_Driver:                                          0
    ItemCount_Filesystem:                                      42315
    ItemCount_Heuristics:                                      11469
    ItemCount_Loading:                                         0
    ItemCount_MasterBootRecord:                                0
    ItemCount_Memory:                                          2797
    ItemCount_PreScan:                                         0
    ItemCount_Registry:                                        556
    ItemCount_Sector:                                          0
    ItemCount_Startup:                                         1130
    LastScanDateEpoch:                                         1405058501883
    LastScanType:                                              1 (Threat Scan)
Update:
    LastUpdate:                                                2014-07-11T06:01:04
    NotifyInstallReady:                                        true
    NotifyOutdatedDatabase:                                    1
    ProxyPassword:                                             
    ProxyPort:                                                 0
    ProxyServer:                                               
    ProxyUsername:                                             
    UseProxy:                                                  false
    UseProxyAuthentication:                                    false
--------------Account:--------------
  Account Status:                                              Trial
  Expiration Time:                                             2014/07/25 06:00:43
  Activation Time:                                             2014/07/11 06:00:43
  Trial Used:                                                  true
--------------Access Policies:--------------

Scheduler Queue:
================

tasks:
    a9059411-89a0-4c11-9784-f4c3e47ce822:                      
      parameters:                                              
        NotifyWhenUpdateCompletes:                             true
        TaskType:                                              3
      triggers:                                                
        899e6999-3b64-4edf-9407-41775d9e5e05:                  
          dateinterval:                                        0:0:0
          lastscheduled:                                       
          lasttriggered:                                       
          nextscheduled:                                       Thu, 10 Jul 2014 23:46:51.720706 -0700
          recovery:                                            00:00:00
          start:                                               Thu, 10 Jul 2014 23:52:13.720706 -0700
          timeinterval:                                        01:00:00
          type:                                                3
          uuid:                                                899e6999-3b64-4edf-9407-41775d9e5e05
      type:                                                    update
      uuid:                                                    a9059411-89a0-4c11-9784-f4c3e47ce822
    e8b10c64-c3a0-4176-ad35-73b0d9947ac0:                      
      parameters:                                              
        CheckForUpdatesBeforeScanStart:                        true
        ScanConfig:                                            
          ExitWhenNoMalwareDetected:                           false
          ExportLog:                                           true
          FileSystemOption:                                    true
          RebootSystemWhenMalwareDetected:                     false
          RemoveMalwareAutomaticallyWhenScanEnds:              false
          ScanArchives:                                        true
          ScanExtra:                                           true
          ScanHeuristic:                                       true
          ScanMemoryObjects:                                   true
          ScanPUM:                                             2
          ScanPUP:                                             2
          ScanRegistry:                                        true
          ScanRootkits:                                        false
          ScanStartup:                                         true
          ScanTargets:                                         
          ScanType:                                            1 (Threat Scan)
          Silent:                                              true
          TerminateExplorerWhenMalwareIsRemoved:               false
        StartTaskFromSystemAccount:                            false
        TaskType:                                              0
      triggers:                                                
        bbd75078-d1cc-4060-8cf7-e8b6da043042:                  
          dateinterval:                                        1:0:0
          lastscheduled:                                       
          lasttriggered:                                       
          nextscheduled:                                       Fri, 11 Jul 2014 02:12:35 -0700
          recovery:                                            23:00:00
          start:                                               Fri, 11 Jul 2014 02:12:08 -0700
          timeinterval:                                        00:00:00
          type:                                                4
          uuid:                                                bbd75078-d1cc-4060-8cf7-e8b6da043042
      type:                                                    scan
      uuid:                                                    e8b10c64-c3a0-4176-ad35-73b0d9947ac0

Pending File Rename Operations:
================================
If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.
Pending File Rename Operations:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\
 PendingFileRenameOperations REG_MULTI_SZ \??\C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\cleanup.old

 

MBAMProtector Registry Values:
==============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector
 Type                          REG_DWORD  2
 Start                         REG_DWORD  3
 ErrorControl                  REG_DWORD  1
 ImagePath                     REG_EXPAND_SZ \??\C:\Windows\system32\drivers\mbam.sys
 Group                         REG_SZ  FSFilter Anti-Virus
 DependOnService               REG_MULTI_SZ FltMgr

 WOW64                         REG_DWORD  1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances
 DefaultInstance               REG_SZ  MBAMProtector Instance
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance
 Altitude                      REG_SZ  328800
 Flags                         REG_DWORD  0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Parameters
 PassThruFile                  REG_SZ  mbampt.exe
 ProductPath                   REG_SZ  C:\Program Files (x86)\Malwarebytes Anti-Malware
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum
 0                             REG_SZ  Root\LEGACY_MBAMPROTECTOR\0000
 Count                         REG_DWORD  1
 NextInstance                  REG_DWORD  1

MBAMService Registry Values:
============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService
 Type                          REG_DWORD  16
 Start                         REG_DWORD  2
 ErrorControl                  REG_DWORD  1
 ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
 DependOnService               REG_MULTI_SZ MBAMProtector

 WOW64                         REG_DWORD  1
 ObjectName                    REG_SZ  LocalSystem
 Description                   REG_SZ  Malwarebytes Anti-Malware service
 DelayedAutostart              REG_DWORD  0

MBAMScheduler Registry Values:
==============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler
 Type                          REG_DWORD  16
 Start                         REG_DWORD  2
 ErrorControl                  REG_DWORD  1
 ImagePath                     REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
 WOW64                         REG_DWORD  1
 ObjectName                    REG_SZ  LocalSystem
 Description                   REG_SZ  Malwarebytes Anti-Malware scheduler

Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
===============================================================================

--------------TERMService:--------------
Type:                   32
State:                  1 (The service is not running.) (State is stopped)
WIN32_EXIT_CODE:        1077
SERVICE_EXIT_CODE:      0
CHECKPOINT:             0
WAIT_HINT:              0

TermService Start is set to: 3 (Manual Startup)

Proxy Status: No proxy is Set

Proxy Server:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\
 ProxyServer REG_SZ  http=127.0.0.1:51857;https=127.0.0.1:51857

Proxy Override:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\
 ProxyOverride REG_SZ  <-loopback>

LAN Settings:
=============

No Settings are Set  <--NOT DETECTING SETTING AUTOMATICALLY

SystemPartition:
================

HKEY_LOCAL_MACHINE\SYSTEM\Setup\
 SystemPartition REG_SZ  \Device\HarddiskVolume2

Balloon Tips Status:
====================

Enabled

Time Format Settings:
=====================

Should be:
  h:mm:ss tt
  AM
  PM
  :

Currently:
REG_SZ  h:mm:ss tt
REG_SZ  AM
REG_SZ  PM
REG_SZ  :

Language and Regional Settings:
===============================

ACP:  Language is English (United States)
MACCP:  Language is English (United States)
OEMCP:  Language is English (United States)

Startup Folders for Error_Expanding_Variables Check:
====================================================

All Users Startup Folder Exists.
Current User's Startup Folder Exists.

Context Menu Entries:
=====================

 

 

 

 

 

 

 

List of MBAM Related Directories:
=================================

C:\Program Files (x86)\Malwarebytes Anti-Malware\
7z.dll                                   File Size: 920888    BYTES FileVersion:  9.20.0.0       MD5: [9f522b2708cab181c0f137abbcd1de2e]
changes.txt                              File Size: 2261      BYTES FileVersion:  N/A            MD5: [af70267bdf9a37a96f1a79a5c3720ae6]
license.rtf                              File Size: 39478     BYTES FileVersion:  N/A            MD5: [8627b31943a534aad30d154c2b2c1aaf]
master.conf                              File Size: 1258      BYTES FileVersion:  N/A            MD5: [9702ca5e82d3756c6d8af34a2ababaea]
mbam.dll                                 File Size: 579896    BYTES FileVersion:  1.0.7.0        MD5: [d32c2a98859cb22d57a665f15f351e7d]
mbam.exe                                 File Size: 6970168   BYTES FileVersion:  1.0.0.532      MD5: [4fbc630768570e6ac35c3de8f6ec79f5]
mbamcore.dll                             File Size: 1680696   BYTES FileVersion:  1.0.11.0       MD5: [f722fa26739eafcbd8d5f3829b632cd7]
mbamdor.exe                              File Size: 54072     BYTES FileVersion:  1.0.1.0        MD5: [4da2f2da54a92850f56c0db712058188]
mbamext.dll                              File Size: 184632    BYTES FileVersion:  3.0.4.0        MD5: [945bb364b09f3a8e998dbff02a0a5a58]
mbampt.exe                               File Size: 39736     BYTES FileVersion:  1.0.0.0        MD5: [9acd7583584c93ee542c273df8e91dc1]
mbamscheduler.exe                        File Size: 1809720   BYTES FileVersion:  3.0.2.0        MD5: [d84aea3f3329d622dfc1297dddf6163b]
mbamservice.exe                          File Size: 860472    BYTES FileVersion:  3.0.2.0        MD5: [4f45ed469906494f9bf754e476390dbd]
mbamsrv.dll                              File Size: 4437816   BYTES FileVersion:  1.1.0.0        MD5: [9b48e38c35f08fa831b387a0b27c40aa]
msvcp100.dll                             File Size: 421688    BYTES FileVersion:  10.0.40219.325 MD5: [e4b829081e639e42985853bae754a53d]
msvcr100.dll                             File Size: 774456    BYTES FileVersion:  10.0.40219.325 MD5: [80fcedbe920e9cbe30d9d3665bd6efed]
QtCore4.dll                              File Size: 2732856   BYTES FileVersion:  4.8.4.0        MD5: [30490eed6a1e20e8259c0b9c58f488fe]
QtGui4.dll                               File Size: 8575288   BYTES FileVersion:  4.8.4.0        MD5: [15e21aa7d0c0c994cd565eeb96d13c20]
QtNetwork4.dll                           File Size: 909112    BYTES FileVersion:  4.8.4.0        MD5: [d7588d42e29080c32a003bee465160d8]
unins000.dat                             File Size: 23379     BYTES FileVersion:  N/A            MD5: [6723c3e68f736a922b3757036ad1f855]
unins000.exe                             File Size: 718037    BYTES FileVersion:  51.52.0.0      MD5: [d2796ecf50731e696f0c065d24c0827a]

C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon

C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon\Windows
chameleon.chm                            File Size: 235882    BYTES FileVersion:  N/A            MD5: [c4190b71f037714aa77aba294434ba5b]
firefox.com                              File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
firefox.exe                              File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
firefox.pif                              File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
firefox.scr                              File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
iexplore.exe                             File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.com                       File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.exe                       File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.pif                       File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-chameleon.scr                       File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
mbam-killer.exe                          File Size: 1181496   BYTES FileVersion:  N/A            MD5: [c6927fd8f7e9105b64db5d5a08b53731]
rundll32.exe                             File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
svchost.exe                              File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
windows.exe                              File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]
winlogon.exe                             File Size: 750392    BYTES FileVersion:  3.0.4.0        MD5: [09882e8edd1144e6ef1af6d1f98305ee]

C:\Program Files (x86)\Malwarebytes Anti-Malware\\imageformats
qgif4.dll                                File Size: 32568     BYTES FileVersion:  4.8.4.0        MD5: [e59f533c26c8375cd120b4791482217e]

C:\Program Files (x86)\Malwarebytes Anti-Malware\\Languages
lang_bg.qm                               File Size: 144048    BYTES FileVersion:  N/A            MD5: [9ccb79999432d56b9843a3e2b2c90325]
lang_bs.qm                               File Size: 145523    BYTES FileVersion:  N/A            MD5: [6ab7a6274d4f9f7553c944f5c66201ba]
lang_ca.qm                               File Size: 132254    BYTES FileVersion:  N/A            MD5: [68a83ec63b6e7bc5dbdd412bcc49c6ce]
lang_cs.qm                               File Size: 141243    BYTES FileVersion:  N/A            MD5: [6b8acee7f461fa69b83d2c45c3725427]
lang_da.qm                               File Size: 130101    BYTES FileVersion:  N/A            MD5: [8539796784746218b229419e99ab308d]
lang_de.qm                               File Size: 149462    BYTES FileVersion:  N/A            MD5: [fcd3bc376ad219396e8c7d3c87cd8864]
lang_el.qm                               File Size: 149912    BYTES FileVersion:  N/A            MD5: [74f13f95f63fe96c08e571598df052d6]
lang_en.qm                               File Size: 115961    BYTES FileVersion:  N/A            MD5: [8c9da1c0ce06b89f8d323bf948bfba4e]
lang_es.qm                               File Size: 130487    BYTES FileVersion:  N/A            MD5: [33e1c6d40b841cc2e783ec8d8102e66f]
lang_et.qm                               File Size: 138126    BYTES FileVersion:  N/A            MD5: [aa215b5f37a72a69854c9163ac543b51]
lang_fi.qm                               File Size: 144256    BYTES FileVersion:  N/A            MD5: [18912c339939c3a6629004ec900f4fe4]
lang_fr.qm                               File Size: 149253    BYTES FileVersion:  N/A            MD5: [ec2bf2f431c4273f151b8c8a7b84c387]
lang_he.qm                               File Size: 116101    BYTES FileVersion:  N/A            MD5: [9e692744e77051c6ce14df32f9b71920]
lang_hr.qm                               File Size: 139841    BYTES FileVersion:  N/A            MD5: [3e3737fe86eb595c5f6817eebf731aa7]
lang_hu.qm                               File Size: 145621    BYTES FileVersion:  N/A            MD5: [52d3d7fcf8c8db071ef0573a1357c2fd]
lang_id.qm                               File Size: 143102    BYTES FileVersion:  N/A            MD5: [80473d2c73d2f54f2b23c9316f2d0ceb]
lang_it.qm                               File Size: 146851    BYTES FileVersion:  N/A            MD5: [7e7aea7d0b433d7e912ed9f0887684a7]
lang_ja.qm                               File Size: 121282    BYTES FileVersion:  N/A            MD5: [19ac79b7a5e05d665e417c2dd75afc94]
lang_ko.qm                               File Size: 118033    BYTES FileVersion:  N/A            MD5: [de213178c14490bf452ea45278d3442d]
lang_nl.qm                               File Size: 146325    BYTES FileVersion:  N/A            MD5: [5aec6f6bdc5e6c28744e6ef374709eeb]
lang_no.qm                               File Size: 142918    BYTES FileVersion:  N/A            MD5: [4388c08217618af2e24173af6f5d3f97]
lang_pl.qm                               File Size: 145434    BYTES FileVersion:  N/A            MD5: [699700c889447d1f9b607c04f07fff67]
lang_pt_BR.qm                            File Size: 131739    BYTES FileVersion:  N/A            MD5: [a3430222223d59da8ec6ea1edae5ee2f]
lang_pt_PT.qm                            File Size: 149128    BYTES FileVersion:  N/A            MD5: [afdf1907af4c95f9af510d5fc1bb9067]
lang_ro.qm                               File Size: 121166    BYTES FileVersion:  N/A            MD5: [1672a2b3a9807a1497fe43824c0026c0]
lang_ru.qm                               File Size: 122186    BYTES FileVersion:  N/A            MD5: [d4dd1eea2b0f52aba2fca4d159c387f7]
lang_sk.qm                               File Size: 119827    BYTES FileVersion:  N/A            MD5: [8b200d162e8028843e41aa1a927cfd84]
lang_sl.qm                               File Size: 143191    BYTES FileVersion:  N/A            MD5: [1760a6aa6990b2f0c4c71ec04b25ac9c]
lang_sr.qm                               File Size: 143261    BYTES FileVersion:  N/A            MD5: [377d15c0da0249f4a7a58978b6307d81]
lang_sv.qm                               File Size: 142525    BYTES FileVersion:  N/A            MD5: [2587ead21967296fefdd0ee0684fe8b4]
lang_tr.qm                               File Size: 142194    BYTES FileVersion:  N/A            MD5: [880fcbe97ec6f13ec094f7371b5b295f]
lang_vi.qm                               File Size: 126874    BYTES FileVersion:  N/A            MD5: [c61281786b5bfec68afc742a19f6abd9]
lang_zh_tr.qm                            File Size: 110870    BYTES FileVersion:  N/A            MD5: [f223d83580b1ee35edea13293cb2c80d]

C:\Program Files (x86)\Malwarebytes Anti-Malware\\Plugins
fixdamage.exe                            File Size: 821560    BYTES FileVersion:  1.1.0.1010     MD5: [3a4dcd021d9f3a5305a22e5e309da305]

C:\Users\eric\AppData\Roaming\Malwarebytes\Malwarebytes Anti-Malware

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware
actions.ref                              File Size: 314       BYTES FileVersion:  N/A            MD5: [b26a36c0696e299fdfebe180c09c2737]
cleanup.old                              File Size: 1680696   BYTES FileVersion:  1.0.11.0       MD5: [f722fa26739eafcbd8d5f3829b632cd7]
domains.ref                              File Size: 38        BYTES FileVersion:  N/A            MD5: [8c30b536b67543eb68e68b9640d4d498]
exclusions.dat                           File Size: 0         BYTES FileVersion:  N/A            MD5: [d41d8cd98f00b204e9800998ecf8427e]
ips.ref                                  File Size: 33        BYTES FileVersion:  N/A            MD5: [8a1c580788ea8de3f32862c2c1cf373c]
mbamdor.old                              File Size: 54072     BYTES FileVersion:  1.0.1.0        MD5: [4da2f2da54a92850f56c0db712058188]
rules.ref                                File Size: 8777935   BYTES FileVersion:  N/A            MD5: [76e81b7f8fb7fc3afe825576b1096513]
swissarmy.ref                            File Size: 21908     BYTES FileVersion:  N/A            MD5: [440fd09ffb48aa2b4cbb1e7645ae5bc6]

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration
build.conf                               File Size: 4492      BYTES FileVersion:  N/A            MD5: [2ac20ced08593dc9188f57166e180295]
database.conf                            File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
gatekeeper.conf                          File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
license.conf                             File Size: 461       BYTES FileVersion:  N/A            MD5: [e29d464949a8d0f965544ad505e86e93]
manifest.conf                            File Size: 2126      BYTES FileVersion:  N/A            MD5: [a4def08f53ac15f868a458713b682d59]
marketing.conf                           File Size: 1434      BYTES FileVersion:  N/A            MD5: [19533c40d9c9778b2ab423dbcf063d80]
net.conf                                 File Size: 6102      BYTES FileVersion:  N/A            MD5: [44ae2bcf7bc32edc669aab01effc0ca0]
notifications.conf                       File Size: 4         BYTES FileVersion:  N/A            MD5: [2261e7eca4cd0615a97263c0ad5045c2]
scheduler.conf                           File Size: 2049      BYTES FileVersion:  N/A            MD5: [9e2cd99ddc58e156fe360b2c04dabbf9]
settings.conf                            File Size: 1995      BYTES FileVersion:  N/A            MD5: [f05dcc926e6319b35e021bd1ffa8e03f]
statistics.conf                          File Size: 597       BYTES FileVersion:  N/A            MD5: [cdc47e6f4f0d40d47443b7b8f907e63d]

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
mbam-log-2014-07-10 (23-01-38).xml       File Size: 13126     BYTES FileVersion:  N/A            MD5: [edc63ed15191529bb086375a2ba12edb]
protection-log-2014-07-10.xml            File Size: 4705      BYTES FileVersion:  N/A            MD5: [e23e07388528694ba44c42fa2972c894]

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine
0392752673.data                          File Size: 712       BYTES FileVersion:  N/A            MD5: [3ede8542606d2d768467703f3dc098a4]
0392752673.quar                          File Size: 5056496   BYTES FileVersion:  N/A            MD5: [b79ab670cd840f55b7437b214faf2532]
0421994384.data                          File Size: 712       BYTES FileVersion:  N/A            MD5: [9c26cf32733d34eed04e590a07b04c92]
0421994384.quar                          File Size: 6229848   BYTES FileVersion:  N/A            MD5: [19bb93b88f4a87f81e04d35b2776802e]
0989089375.data                          File Size: 754       BYTES FileVersion:  N/A            MD5: [bcaffd5684c7e10f69ca05b1846fe41a]
0989089375.quar                          File Size: 212       BYTES FileVersion:  N/A            MD5: [8ac25900f4e45d38be407138faf04801]
1288809341.data                          File Size: 764       BYTES FileVersion:  N/A            MD5: [c2b1e935ae4ce1bf10c9df383db462f8]
1288809341.quar                          File Size: 310       BYTES FileVersion:  N/A            MD5: [a2cbcebfd2d80c8d761e2b8a3444ac0c]
1538632945.data                          File Size: 847       BYTES FileVersion:  N/A            MD5: [17983d07fc738328bb33345927f2fbdf]
1538632945.quar                          File Size: 1532      BYTES FileVersion:  N/A            MD5: [4cf5b84fd29d211182aaeabab54ee1c9]
2494791381.data                          File Size: 748       BYTES FileVersion:  N/A            MD5: [65ba3d9d060d8bcac692bb7574d47e3f]
2494791381.quar                          File Size: 8166056   BYTES FileVersion:  N/A            MD5: [dd3f1f05b5e2d2e395dde8304d85334e]
2620112976.data                          File Size: 713       BYTES FileVersion:  N/A            MD5: [dc58ac0323918e23b1956ecf6a2dede8]
2620112976.quar                          File Size: 156063    BYTES FileVersion:  N/A            MD5: [fbb173a547147dec337afecd7b0fcec5]
2745099762.data                          File Size: 689       BYTES FileVersion:  N/A            MD5: [498cb810d08a57732adc398e54676a01]
2745099762.quar                          File Size: 4997120   BYTES FileVersion:  N/A            MD5: [2336cc0a3363abe174c51f03e0e779e1]
3028434588.data                          File Size: 722       BYTES FileVersion:  N/A            MD5: [3231c71605b98db452489b5d598300f8]
3028434588.quar                          File Size: 624872    BYTES FileVersion:  N/A            MD5: [241bdc8170925763e711bf1af0dda7d4]
3520040787.data                          File Size: 927       BYTES FileVersion:  N/A            MD5: [5c38791a04e05c0c543fd1f39e994643]
3864947938.data                          File Size: 850       BYTES FileVersion:  N/A            MD5: [04e2442b171a3e7220559bfad504a353]
3864947938.quar                          File Size: 522       BYTES FileVersion:  N/A            MD5: [c4c816d8528da4dffab825f66c5bcf5c]
4582477063.data                          File Size: 713       BYTES FileVersion:  N/A            MD5: [1f077885778bbb88854728170512913d]
4582477063.quar                          File Size: 156063    BYTES FileVersion:  N/A            MD5: [fbb173a547147dec337afecd7b0fcec5]
4693823307.data                          File Size: 681       BYTES FileVersion:  N/A            MD5: [fdee91ade0a762447f0ca7123bc66c92]
4693823307.quar                          File Size: 3162112   BYTES FileVersion:  N/A            MD5: [2b403b7fce4dc9024321b0af409af088]
5971803534.data                          File Size: 765       BYTES FileVersion:  N/A            MD5: [102998014d42746fd55339a4cd37ed71]
5971803534.quar                          File Size: 738       BYTES FileVersion:  N/A            MD5: [bbdaf34eb6ca88e0ccae329e67cb8a28]
6551784284.data                          File Size: 771       BYTES FileVersion:  N/A            MD5: [fa77e6162ea7e864d20aaf0f2ee66a4b]
6551784284.quar                          File Size: 9380      BYTES FileVersion:  N/A            MD5: [965558a93ce93926fa17264861753f36]
7315520852.data                          File Size: 779       BYTES FileVersion:  N/A            MD5: [930f37b691f5b0de930f531f5cc05e7d]
7315520852.quar                          File Size: 22208     BYTES FileVersion:  N/A            MD5: [925f72814f70d15c273a44dade8c67d5]
7379792741.data                          File Size: 793       BYTES FileVersion:  N/A            MD5: [f20baefa4dcad188eed6ab2f88aed01d]
7379792741.quar                          File Size: 2666      BYTES FileVersion:  N/A            MD5: [9c582825aa4f9f8626ebb1e16c0e7a73]
7746948039.data                          File Size: 826       BYTES FileVersion:  N/A            MD5: [fd306887232ecc31a848a8bb419b84f4]
8051440863.data                          File Size: 713       BYTES FileVersion:  N/A            MD5: [6c31b7ba3aa6ea1147f170dff0034982]
8051440863.quar                          File Size: 156063    BYTES FileVersion:  N/A            MD5: [fbb173a547147dec337afecd7b0fcec5]
8900320651.data                          File Size: 844       BYTES FileVersion:  N/A            MD5: [c6e356c8dfa612f482ded4b89d2149b6]
8900320651.quar                          File Size: 474       BYTES FileVersion:  N/A            MD5: [9ae3696930ad5b7bc3782cd895fb949a]
9572312773.data                          File Size: 715       BYTES FileVersion:  N/A            MD5: [a37630a05dfdc09075efa91b48e57e89]
9572312773.quar                          File Size: 6379728   BYTES FileVersion:  N/A            MD5: [382e27e51b9c007709bd5bb778958f80]
9845290055.data                          File Size: 906       BYTES FileVersion:  N/A            MD5: [282af1600e1e78420f16e92f31a38bde]

Malware Exclusions:
===================
Web Exclusions:
================
Quarantined Items:
===================
Vendor: PUP.Optional.RegCleanPro, Date: 2014/07/11 06:01:41, Type: File, Location: C:\Users\eric\Downloads\rcp_dcomnew_sec_728.exe
Vendor: PUP.Optional.ScramblePacker.A, Date: 2014/07/11 06:01:41, Type: File, Location: C:\Users\eric\AppData\Local\Temp\setup.exe
Vendor: PUP.Optional.HQVid.A, Date: 2014/07/11 06:01:41, Type: Registry Key, Location: HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HQvidPv1.1
Vendor: PUP.Optional.SupraSavings.A, Date: 2014/07/11 06:01:41, Type: Registry Key, Location: HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings
Vendor: PUP.Optional.SearchToolbar, Date: 2014/07/11 06:01:41, Type: Registry Key, Location: HKU\S-1-5-21-4161413759-2596441758-91306408-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{9D425283-D487-4337-BAB6-AB8354A81457}
Vendor: PUP.Optional.OpenCandy, Date: 2014/07/11 06:01:41, Type: File, Location: C:\Users\eric\AppData\Roaming\FrostWire\.AppSpecialShare\frostwire-4.21.7.windows.exe
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/07/11 06:01:41, Type: File, Location: C:\Users\eric\AppData\Local\Temp\nss3828.exe
Vendor: PUP.Optional.AdPeak.A, Date: 2014/07/11 06:01:41, Type: File, Location: C:\Temp\InstallFilter64.msi
Vendor: PUP.Optional.InstallCore, Date: 2014/07/11 06:01:41, Type: File, Location: C:\Users\eric\Desktop\CR_Downloader_for_mario-kart-64.exe
Vendor: PUP.Optional.FrostwireTB.A, Date: 2014/07/11 06:01:41, Type: Registry Value, Location: HKU\S-1-5-21-4161413759-2596441758-91306408-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{D4027C7F-154A-4066-A1AD-4243D8127440}
Vendor: PUP.Optional.SearchToolbar, Date: 2014/07/11 06:01:41, Type: Registry Key, Location: HKU\S-1-5-21-4161413759-2596441758-91306408-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{9D425283-D487-4337-BAB6-AB8354A81457}
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/07/11 06:01:41, Type: File, Location: C:\Users\eric\AppData\Local\Temp\nse8D64.exe
Vendor: PUP.Optional.SupraSavings.A, Date: 2014/07/11 06:01:41, Type: File, Location: C:\Temp\t.msi
Vendor: PUP.Optional.Wajam.A, Date: 2014/07/11 06:01:41, Type: Registry Key, Location: HKU\S-1-5-21-4161413759-2596441758-91306408-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WAJAM
Vendor: PUP.Optional.DataMngr.A, Date: 2014/07/11 06:01:41, Type: Registry Key, Location: HKU\S-1-5-21-4161413759-2596441758-91306408-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr
Vendor: PUP.Optional.DataMngr.A, Date: 2014/07/11 06:01:41, Type: Registry Key, Location: HKU\S-1-5-21-4161413759-2596441758-91306408-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar
Vendor: PUP.Optional.PriceGong.A, Date: 2014/07/11 06:01:41, Type: Registry Key, Location: HKU\S-1-5-21-4161413759-2596441758-91306408-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong
Vendor: PUP.Optional.Wajam.A, Date: 2014/07/11 06:01:41, Type: Registry Value, Location: HKU\S-1-5-21-4161413759-2596441758-91306408-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WAJAM|affiliate_id
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/07/11 06:01:41, Type: File, Location: C:\Users\eric\AppData\Local\Temp\nszA72D.exe
Vendor: PUP.Optional.Wajam.A, Date: 2014/07/11 06:01:41, Type: Registry Key, Location: HKU\S-1-5-21-4161413759-2596441758-91306408-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Vendor: PUP.Optional.Conduit.A, Date: 2014/07/11 06:01:41, Type: File, Location: C:\Users\eric\AppData\Local\Temp\nso65B7\SpSetup.exe
Vendor: PUP.Optional.FrostwireTB.A, Date: 2014/07/11 06:01:41, Type: Registry Value, Location: HKU\S-1-5-21-4161413759-2596441758-91306408-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{D4027C7F-154A-4066-A1AD-4243D8127440}
===============================================================
END OF FILE



#7 ericj223

ericj223
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:09:56 PM

Posted 11 July 2014 - 01:24 AM

DealPlyLive/ Supra Savings/ LevelQualityWatcher/ visualbee/ PriceMeterLiveUpdate/ iLividSRTB/

The above list, and several others are all Adware "Scammy Programs" that need removal.

 

Please try to find if any of these are in Programs and Features (also often by other names).

Thank you for your response,

 

So with these files do I need to manually remove them or did the anti virus program already do that?

 

Is there anything in addition to running these programs and posting the logs that I need to do?

 

It appears the underlined words are all gone! no pop ups yet since I have ran these programs. It seems the problem is fixed although I have not browsed to a very large extent yet. so far so good! thanks guys!



#8 ericj223

ericj223
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:09:56 PM

Posted 11 July 2014 - 01:27 AM

Also if/when the problem is fixed, I now have the two programs that were suggested previously plus I have bit defender free version as my anti virus. Which one of these programs (or all of them) should I use to keep my system protected?



#9 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:06:56 AM

Posted 11 July 2014 - 04:18 AM

Hello -

 

>> So with these files do I need to manually remove them or did the anti virus program already do that? << Please Re-open AdwCleaner, and hit the Uninstall button to remove all items in the Quarantine area fully. You can Re-install it later if required.

The Log-files that were generated by the programs can be Right Click > Deleted to remove after posting them here.

 

 

To see the security programs (Antivirus / Antimalware) that are installed, please follow this small program first.

After you post back the reply, you can just Right click on it and Delete the program and Log-file

 

Download Screen317 Security Check  and save it to your Desktop.
 * Double-click SecurityCheck.exe
 * Follow the onscreen instructions inside of the black box.
 * A Notepad document should open automatically called checkup.txt
 * Please Copy/Paste the contents of that document.
Note:: If any security program requests permission to access the Internet, allow it to do

 

 

I would / do keep Malwarebytes Anti-Malware installed, and Update it every few days, then run a scan to clean up any more minor infections that you may pick up.

 

I hope this is what you are asking -


Edited by noknojon, 11 July 2014 - 04:20 AM.


#10 ericj223

ericj223
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:09:56 PM

Posted 11 July 2014 - 11:22 PM

Thank you very much noknojon and Arachibutyrophobia . All of the symptoms seem to be gone and my system is running much faster than before. I really appreciate all of the help from everyone!



#11 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,484 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:56 PM

Posted 12 July 2014 - 06:46 AM

Don't forget to read the link I provided in Post #3 which explains this and how to avoid it in the future.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users