Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

ATT-Yahoo causing search problems


  • Please log in to reply
7 replies to this topic

#1 nosmiley

nosmiley

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:asheville, north carolina
  • Local time:08:15 AM

Posted 29 June 2015 - 05:25 AM

I have used ATT Yahoo for 15 years with suitable results. Sometime within the last two months the search response has become terrible. When I type a word or two into the search block, for something I want to read about, as I click the search button, something is adding words to the search before it displays, but after I click. Example. I wanted to look for Honda lawnmower engines. As I clicked, it changed to Honda lawn tractor engines which I don't want because I don't own a lawn tractor, but do own a small lawnmower. If I click in a city in China, the search reveals a page or two about the hotels, and nothing about the city I'm looking for.

I have ad block free, I have run Super-anti spyware, Malware-bytes, I have on windows security , I have run virus scans, Advanced system care. Nothing is found. I have dumped cookies, and histories, and temporary files.  Would it help to uninstall and reinstall  Internet explorer . ?

This problem annoys me to the degree, that I may change home pages. I don't like the idea of changing to Google , because it keeps information  on what you do. I'm an ordinary citizen not intent or planning anything regarding the country or other countries. It just bothers me for private companies to feel they can watch my every movement.

Windows 7 all updates 64 bit ultimate

Please advise.

Thank you.


Edited by hamluis, 29 June 2015 - 11:58 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 darkbit

darkbit

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:04:15 AM

Posted 29 June 2015 - 07:17 AM

I have used ATT Yahoo for 15 years with suitable results. Sometime within the last two months the search response has become terrible. When I type a word or two into the search block, for something I want to read about, as I click the search button, something is adding words to the search before it displays, but after I click. Example. I wanted to look for Honda lawnmower engines. As I clicked, it changed to Honda lawn tractor engines which I don't want because I don't own a lawn tractor, but do own a small lawnmower. If I click in a city in China, the search reveals a page or two about the hotels, and nothing about the city I'm looking for.
I have ad block free, I have run Super-anti spyware, Malware-bytes, I have on windows security , I have run virus scans, Advanced system care. Nothing is found. I have dumped cookies, and histories, and temporary files.  Would it help to uninstall and reinstall  Internet explorer . ?
This problem annoys me to the degree, that I may change home pages. I don't like the idea of changing to Google , because it keeps information  on what you do. I'm an ordinary citizen not intent or planning anything regarding the country or other countries. It just bothers me for private companies to feel they can watch my every movement.
Windows 7 all updates 64 bit ultimate
Please advise.
Thank you.

Are you sure your computer is not infected? Try it from a different computers. Create a Virtual Machine and try it from inside the VM. Might not be your ISP, might be your machine.
 
Also, stop using Yahoo. Use DuckDuckGo or StartPage.  Best browser to use is Firefox 28.0 before they went to the darkside. Change your useragent in about:config and most sites won't know the difference or complain about you being on an 'older' browser. Don't install the maintenance service and delete the updater so it can't update itself. Then install and use Adblock plus, and Noscript. Put an adblock hosts file on your machine. Don't use Adobe Flash, Silverlight or Java (not to be confused with javascript) 
 
If Malwarebytes didn't pick it up, try Norton Power Eraser. 
 
And if it IS your ISP, stick it to them by using TAILS/TOR. If you think you are being watched, use full disk encryption , like TrueCrypt 7.1a and better yet triple cascading ciphers if you don't care about I/O speeds. Turn off AES-NI if you don't trust Intel. Get something like an APC Line-R and ethernet switchbox so you can cutoff power and network to your machine at a moments notice. Physically lock down your computer (assuming it is desktop) to prevent cold boot attacks. 
 
Best guess is your machine somehow got infected. Best to do a complete wipe and start over. Flash your BIOS, clear your CMOS, and flash your harddrive firmware and /or at least do a low level wipe of your harddrive.

Edited by Queen-Evie, 29 June 2015 - 01:26 PM.
deleted reference to run a tool that is not allowed in Am I Infected.


#3 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,757 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:15 AM

Posted 29 June 2015 - 10:45 AM

@darkbit

 

Being infected is not the end of the world.  I wouldn't suggest wiping the hdd and starting all over with a fresh install unless it turns out to be absolutely necessary.

 

Combofix should not be used unless one of our Malware Response members it guiding you through it.  Even if it is run, the log cannot be posted in any forum except the Malware Removal Logs.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#4 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,757 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:15 AM

Posted 29 June 2015 - 10:48 AM

Nosmiley, please do the following.
 
Please run Malwarebytes AntiMalware
 
Please download Malwarebytes Anti-Malware.  After clicking on the link the download will start automatically.
 
1)  Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.
 
2)  Malwarebytes will automatically open.  If this is the first time you have run this version of Malwarbytes you will see an image like the one below.
 
mbam1_zps95cc812c.png
 
Click on Update Now, after Malwarebytes is updated click on Scan.
 
If this isn't the first time you have run this version, then you will see an image like the one below.  Click on Scan
 
mbam1_zps98e7fba9.png
 
You will be prompted to update Malwarebytes, to do so click on Update Now.
 
 mbam2_zps85f38f0c.png
 
3)  The scan will automatically run now.
 
malwarerun_zps9abd4ef1.png
 
4)  When the scan is complete the results will be displayed.  Click on Delete All.
 
malwarenew_zps34b58fdc.png
 
5)  Please post the Malwarebytes log.
 
To find your Malwarebytes log,download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  Copy and paste the log in your topic.
 
====================
 

Please run TDSSKiller.
 
Please download TDSSKiller from here and save it to your Desktop.
 
The log for the TDSSKiller can be very long.  If you go to the bottom of the log to where you find Scan finished you will see the results of the scan.  If it shows Detected object count: 0 and Actual detected object count: 0, this means that nothing malicious was found and you will not need to post the log.
 
1.  Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
 
tdss1_zps90132559.png
 
2.  Check Loaded Modules, Verify Driver Digital Signature, and Detect TDLFS file system.
 
If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now.
 
tdsskillermultiple_zps472c18eb.png
 
3.  Click Start Scan and allow the scan process to run.
 
tdss4_zps6792a13c.png
 
4.  If threats are detected select Cure (if available) for all of them unless otherwise instructed.
 
***Do NOT select Delete!
 
Click on Continue.
 
tdss5_zps98fc5887.png
 
5.  Click on Reboot computer.
 
Please copy the TDSSKiller.[Version]_[Date]_[Time]_log.txt file found in your root directory (typically c:\) and paste it into your next reply.
 
Note:  The log may be very long.  You may need to break it into parts to post the whole log.
 
====================

Please run the ESET OnlineScan

This scan takes quite a long time to run, so be prepared to have the time to allow this to run till it is completed.

***Please note. If you run this scan using Internet Explorer you won't need to download the Eset Smartinstaller.***

  • Click on this link to open ESET OnlineScan in a new window.
  • The ESET Online Scanner page will open, click on Yes, I agree to the trems of use, then click on Start, the scan will now begine.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

Edited by dc3, 29 June 2015 - 10:49 AM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#5 nosmiley

nosmiley
  • Topic Starter

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:asheville, north carolina
  • Local time:08:15 AM

Posted 30 June 2015 - 09:41 PM

mbam-check result log version: 2.1.1.1001
========================================

User Account type: Administrator
OS: Windows 7 Service Pack 1 Service Pack 1 64 bit Operating System
Current Version and Build: 6.1.7601.0
Malwarebytes Anti-Malware: 2.1.8.1057
Installed On: 2015/06/30
Malware Database: 2015.06.30.08
Rootkit Database: 2015.06.30.01
Remediation Database: 2015.06.26.01
IP Database: 2015.06.12.01
Domain Database: 2015.06.12.01
License: Trial
Malware Protection: 4 (The service is running.)
Malicious Website Protection: 4 (The service is running.)
Chameleon: 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
Log Created: 2015/06/30 22:35:13
Compatibility Flag Settings:
=================================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers
C:\Program Files (x86)\AnalogX\CookieWall\cookieu.exeREG_SZ VISTARTM
C:\Users\Dow\Desktop\AnalogX\CookieWall\cookieu.exeREG_SZ VISTARTM
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\appCompatFlags\Layers


Malwarebytes Anti-Malware Shell Extension Block Check:
======================================================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Blocked:

MBAM Startup Entries:
=====================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce

Malwarebytes Anti-Malware Service and Driver Status:
=======================================================

--------------Driver File Info:--------------
C:\Windows\system32\drivers\mbam.sys
File Size: 25816 BYTES FileVersion: 0.1.15.0 MD5: [a8d28d5b3e2a528d1ef0e338e44f2820]
C:\Windows\system32\drivers\mwac.sys
File Size: 63704 BYTES FileVersion: 1.0.6.0 MD5: [ae757332ea130e94e646621cc695b52a]
C:\Windows\system32\drivers\mbamswissarmy.sys
File Size: 113880 BYTES FileVersion: 0.2.22.0 MD5: [8f22037d3f5a6bb676525d825a1388b9]
C:\Windows\system32\drivers\mbamchameleon.sys
File Size: 109272 BYTES FileVersion: 1.1.20.0 MD5: [e681ce4ae5c09651d53cb4387ca3560e]

--------------MBAMProtector:--------------
Type: 2
State: 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE: 0
SERVICE_EXIT_CODE: 0
CHECKPOINT: 0
WAIT_HINT: 0


--------------MBAMService:--------------
Type: 16
State: 4 (The service is running.)
WIN32_EXIT_CODE: 0
SERVICE_EXIT_CODE: 0
CHECKPOINT: 0
WAIT_HINT: 0


--------------MBAMScheduler:--------------
Type: 16
State: 4 (The service is running.)
WIN32_EXIT_CODE: 0
SERVICE_EXIT_CODE: 0
CHECKPOINT: 0
WAIT_HINT: 0


--------------MBAMChameleon:--------------
Type: N/A
State: 0 <--CAN NOT OPEN SC_HANDLE, SERVICE IS NOT RUNNING FOR: MBAMChameleon
WIN32_EXIT_CODE: N/A
SERVICE_EXIT_CODE: N/A
CHECKPOINT: N/A
WAIT_HINT: N/A


--------------MBAMWebAccessControl:--------------
Type: 2
State: 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE: 0
SERVICE_EXIT_CODE: 0
CHECKPOINT: 0
WAIT_HINT: 0


Required Dependencies:
======================

--------------BFE:--------------
Type: 32
State: 4 (The service is running.)
WIN32_EXIT_CODE: 0
SERVICE_EXIT_CODE: 0
CHECKPOINT: 0
WAIT_HINT: 0


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE
DisplayName REG_SZ @%SystemRoot%\system32\bfe.dll,-1001
Group REG_SZ NetworkProvider
ImagePath REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k LocalServiceNoNetwork
Description REG_SZ @%SystemRoot%\system32\bfe.dll,-1002
ObjectName REG_SZ NT AUTHORITY\LocalService
ErrorControl REG_DWORD 1
Start REG_DWORD 2
Type REG_DWORD 32
DependOnService REG_MULTI_SZ RpcSs

ServiceSidType REG_DWORD 3
RequiredPrivileges REG_MULTI_SZ SeAuditPrivilege

FailureActions REG_BINARY Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters
ServiceDll REG_EXPAND_SZ %SystemRoot%\System32\bfe.dll
ServiceDllUnloadOnStop REG_DWORD 1
ServiceMain REG_SZ BfeServiceMain
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\BootTime\Filter
{dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data

{2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data

{2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY Binary Data

{c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY Binary Data

{0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data

{12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data

{c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data

{0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data

{074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data

{c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data

{a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data

{0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data

{935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY Binary Data

{941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Callout
{22001ee0-8e87-4f75-ba58-248f5918a63a}REG_BINARY Binary Data

{79f2a265-b693-4cc9-b480-cbcd87bd4747}REG_BINARY Binary Data

{c4b50f21-503e-4d7a-abd4-ed0a823a2453}REG_BINARY Binary Data

{91e902db-2cef-4040-b8e2-02fe4fd49c25}REG_BINARY Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Filter
{dc95b53e-01cf-4058-821d-350b3d0d4676}REG_BINARY Binary Data

{f444c576-6e60-4ea2-9faa-80d57ed12cd2}REG_BINARY Binary Data

{0c41d586-9c19-4e01-9d66-b5b98a97576e}REG_BINARY Binary Data

{12c38916-82ac-4737-8f38-b6957ffebad6}REG_BINARY Binary Data

{c970a45d-57f9-4e32-a5bd-886a9662641e}REG_BINARY Binary Data

{0c3be01b-fe70-4cc4-89dc-c07996b67e6d}REG_BINARY Binary Data

{4d9581d2-aef8-4993-84cd-b986ced80d42}REG_BINARY Binary Data

{be7cbdf4-b192-4aa5-94f8-1fb5c5ee07bc}REG_BINARY Binary Data

{716b48eb-0a35-4a76-92ab-1d987230d288}REG_BINARY Binary Data

{1165065e-4996-4338-abaf-4b8556b4d431}REG_BINARY Binary Data

{07a24961-a760-4e80-b263-6d275e1b09cb}REG_BINARY Binary Data

{5b0cb2e2-ab87-4974-9f1c-2f22a654eeb9}REG_BINARY Binary Data

{b6b2ca61-fb98-4422-adc2-e7cf56b3680c}REG_BINARY Binary Data

{0aa7fff8-919f-453c-928c-28a12122ba38}REG_BINARY Binary Data

{074f7f68-ee10-428a-89d1-ba78f6c327ca}REG_BINARY Binary Data

{c016105c-eb34-4519-a5fd-5f4e4ad4d18e}REG_BINARY Binary Data

{a47525e2-725b-4888-8af1-ba5a60c04f4d}REG_BINARY Binary Data

{0ccc96a3-8c5c-45e2-b80e-7e37b16cc1ad}REG_BINARY Binary Data

{91ffecf0-0a9e-4572-95f1-a7111af86967}REG_BINARY Binary Data

{64e55933-15a5-495d-a928-ccca43d44875}REG_BINARY Binary Data

{13bfd422-6f75-4408-8924-9400ec0cb19c}REG_BINARY Binary Data

{cbfb56db-3c85-4543-9bc2-76ea28cdd74e}REG_BINARY Binary Data

{2dd96961-5757-434f-b617-34e732517c0e}REG_BINARY Binary Data

{375fb39b-08c6-40f2-bdf2-08fa63f970a2}REG_BINARY Binary Data

{2db25e6c-f07a-44f4-b6c8-50a330d2790b}REG_BINARY Binary Data

{c42f1cd6-3a95-4ae2-a513-793c3ae610c7}REG_BINARY Binary Data

{b6fdab6b-dcc6-43e3-99ce-7aeca65063a4}REG_BINARY Binary Data

{3697a558-3ed3-49be-a4c1-c1a4448653b4}REG_BINARY Binary Data

{935b7f48-0ede-44dd-9bc2-e00bb635cda3}REG_BINARY Binary Data

{941dad9d-7b1a-4354-997b-00cf1aa9b35c}REG_BINARY Binary Data

{b02a4013-b6b5-4859-9168-1e3299e43b24}REG_BINARY Binary Data

{d870c96c-75ee-46a6-8a02-8e4401a73423}REG_BINARY Binary Data

{8b50e2ec-7cf0-4b71-b42e-5b0536f6cab8}REG_BINARY Binary Data

{4137b143-2770-43d4-91a2-55bb0a069830}REG_BINARY Binary Data

{3180114b-8338-4740-9a16-444134ad62f4}REG_BINARY Binary Data

{17043d46-fac2-4561-bca1-0c7a05e95f5f}REG_BINARY Binary Data

{567d3836-3f5b-4067-b9c4-952f677010a2}REG_BINARY Binary Data

{4e718c57-c397-4221-9fbb-14fd51701d6a}REG_BINARY Binary Data

{3a90a266-1519-4d23-911b-e84cd0f02ab8}REG_BINARY Binary Data

{56b4fdc4-bb4e-4c42-a9d8-f627ee15ac21}REG_BINARY Binary Data

{1ba41ed8-151d-4577-9272-317856bc637c}REG_BINARY Binary Data

{9248d57e-f843-4159-807d-3813173e2096}REG_BINARY Binary Data

{4658cd86-525d-44ed-98a5-791a7b8655f1}REG_BINARY Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\Provider
{decc16ca-3f33-4346-be1e-8fb4ae0f3d62}REG_BINARY Binary Data

{4b153735-1049-4480-aab4-d1b9bdc03710}REG_BINARY Binary Data

{1bebc969-61a5-4732-a177-847a0817862a}REG_BINARY Binary Data

{aa6a7d87-7f8f-4d2a-be53-fda555cd5fe3}REG_BINARY Binary Data

{839cd73f-1907-49ea-9aa5-0e6be9048087}REG_BINARY Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Parameters\Policy\Persistent\SubLayer
{b3cdd441-af90-41ba-a745-7c6008ff2300}REG_BINARY Binary Data

{b3cdd441-af90-41ba-a745-7c6008ff2301}REG_BINARY Binary Data

{b3cdd441-af90-41ba-a745-7c6008ff2302}REG_BINARY Binary Data

{9ba30013-c84e-47e5-ac6e-1e1aed72fa69}REG_BINARY Binary Data

{8c36b346-4e0c-4049-8b55-5295ac35567c}REG_BINARY Binary Data

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\BFE\Security
Security REG_BINARY Binary Data

--------------fltmgr:--------------
Type: 2
State: 4 (The service is running.) (STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
WIN32_EXIT_CODE: 0
SERVICE_EXIT_CODE: 0
CHECKPOINT: 0
WAIT_HINT: 0


HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr
AttachWhenLoaded REG_DWORD 1
DisplayName REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10001
Group REG_SZ FSFilter Infrastructure
ImagePath REG_EXPAND_SZ system32\drivers\fltmgr.sys
Description REG_SZ @%SystemRoot%\system32\drivers\fltmgr.sys,-10000
ErrorControl REG_DWORD 3
Start REG_DWORD 0
Tag REG_DWORD 1
Type REG_DWORD 2
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\FltMgr\Enum
0 REG_SZ Root\LEGACY_FLTMGR\0000
Count REG_DWORD 1
NextInstance REG_DWORD 1


C:\Windows\system32\drivers\fltmgr.sys
File Size: 289664 BYTES FileVersion: 6.1.7601.17514 MD5: [da6b67270fd9db3697b20fce94950741]
C:\Windows\SysWOW64\mscomctl.ocx
File Size: 1070152 BYTES FileVersion: 6.1.98.34 MD5: [e52859fcb7a827cacfce7963184c7d24]
C:\Windows\SysWOW64\olepro32.dll
File Size: 90112 BYTES FileVersion: 6.1.7601.17514 MD5: [703ffd301ab900b047337c5d40fd6f96]


MBAM Registry Settings and License Info:
========================================
--------------Settings:--------------
Advanced:
AutomaticQuarantine: true
AutostartProtection: true
LimitedMode: false
StartSilentMode: false
StartupDelay: 30
ApplicationState:
First-Run-After-Installation: false
General:
DaysUntilNotifyExpiration: 5
Language: en
RightClickAccess: false
SilentErrors: false
Logging:
ExportLog: true
Marketing:
LastPostScanMarketingIndex: 1
Notification:
ProtectionTray:
DisplayMilliseconds: 3000
ScanHistory:
Duration_Complete: 79721
Duration_Driver: 15350
Duration_Filesystem: 88
Duration_Heuristics: 493678
Duration_Loading: 0
Duration_MasterBootRecord: 27
Duration_Memory: 40000
Duration_PreScan: 13832
Duration_Registry: 15571
Duration_Sector: 0
Duration_Startup: 13931
ItemCount_Complete: 298291
ItemCount_Driver: 316
ItemCount_Filesystem: 46993
ItemCount_Heuristics: 12274
ItemCount_Loading: 0
ItemCount_MasterBootRecord: 3
ItemCount_Memory: 2797
ItemCount_PreScan: 0
ItemCount_Registry: 581
ItemCount_Sector: 0
ItemCount_Startup: 1051
LastScanDateEpoch: 1435703138170
LastScanType: 1 (Threat Scan)
Update:
LastUpdate: 2015-06-30T22:23:06
NotifyInstallReady: true
NotifyOutdatedDatabase: 7
ProxyPassword:
ProxyPort: 0
ProxyServer:
ProxyUsername:
UseProxy: false
UseProxyAuthentication: false
--------------Account:--------------
Account Status: Trial
Expiration Time: 2015/07/14 22:18:15
Activation Time: 2015/06/30 18:18:21
Trial Used: true
--------------Access Policies:--------------

Scheduler Queue:
================

tasks:
09962ff0-a31d-4a0d-bc2d-4fdbc17cc19e:
parameters:
NotifyWhenUpdateCompletes: false
TaskType: 3
triggers:
a1f2575c-c3db-48d9-9b5f-82a06dad05ab:
dateinterval: 0:0:0
lastscheduled: Tue, 30 Jun 2015 21:52:31.546775 -0400
lasttriggered: Tue, 30 Jun 2015 21:52:31.546775 -0400
nextscheduled: Tue, 30 Jun 2015 22:49:04.522480 -0400
recovery: 00:00:00
start: Tue, 30 Jun 2015 18:52:31.522480 -0400
timeinterval: 01:00:00
type: 3
uuid: a1f2575c-c3db-48d9-9b5f-82a06dad05ab
type: update
uuid: 09962ff0-a31d-4a0d-bc2d-4fdbc17cc19e
e47b4d3a-251f-4b18-93e2-e3abf695d79f:
parameters:
AutoDelete: false
CheckForUpdatesBeforeScanStart: true
ScanConfig:
ExportLog: true
FileSystemOption: true
Quarantine: Prompt
RebootSystemWhenMalwareDetected: false
ScanArchives: true
ScanExtra: true
ScanHeuristic: true
ScanMemoryObjects: true
ScanPUM: 2
ScanPUP: 2
ScanRegistry: true
ScanRootkits: false
ScanSource: 1
ScanStartup: true
ScanTargets:
ScanType: 1 (Threat Scan)
Silent: true
StartTaskFromSystemAccount: false
TaskType: 0
triggers:
4ad76b57-6079-4fc4-bc5a-0ff0b403f512:
dateinterval: 1:0:0
lastscheduled:
lasttriggered:
nextscheduled: Wed, 01 Jul 2015 02:26:28 -0400
recovery: 23:00:00
start: Wed, 01 Jul 2015 02:25:59 -0400
timeinterval: 00:00:00
type: 4
uuid: 4ad76b57-6079-4fc4-bc5a-0ff0b403f512
type: scan
uuid: e47b4d3a-251f-4b18-93e2-e3abf695d79f

Pending File Rename Operations:
================================
If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.
Pending File Rename Operations:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\
PendingFileRenameOperations REG_MULTI_SZ \??\C:\Users\Dow\AppData\Local\Temp\PCWF26A.xml



MBAMProtector Registry Values:
==============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector
Type REG_DWORD 2
Start REG_DWORD 3
ErrorControl REG_DWORD 1
ImagePath REG_EXPAND_SZ \??\C:\Windows\system32\drivers\mbam.sys
Group REG_SZ FSFilter Anti-Virus
DependOnService REG_MULTI_SZ FltMgr

WOW64 REG_DWORD 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances
DefaultInstance REG_SZ MBAMProtector Instance
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Instances\MBAMProtector Instance
Altitude REG_SZ 328800
Flags REG_DWORD 0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Parameters
PassThruFile REG_SZ mbampt.exe
ProductPath REG_SZ C:\Program Files (x86)\Malwarebytes Anti-Malware
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMProtector\Enum
0 REG_SZ Root\LEGACY_MBAMPROTECTOR\0000
Count REG_DWORD 1
NextInstance REG_DWORD 1

MBAMService Registry Values:
============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMService
Type REG_DWORD 16
Start REG_DWORD 2
ErrorControl REG_DWORD 1
ImagePath REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe"
DependOnService REG_MULTI_SZ MBAMProtector

WOW64 REG_DWORD 1
ObjectName REG_SZ LocalSystem
Description REG_SZ Malwarebytes Anti-Malware service
DelayedAutostart REG_DWORD 0

MBAMScheduler Registry Values:
==============================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MBAMScheduler
Type REG_DWORD 16
Start REG_DWORD 2
ErrorControl REG_DWORD 1
ImagePath REG_EXPAND_SZ "C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe"
WOW64 REG_DWORD 1
ObjectName REG_SZ LocalSystem
Description REG_SZ Malwarebytes Anti-Malware scheduler

Terminal Services Status for (null) entries in PM logs and GetUserToken errors:
===============================================================================

--------------TERMService:--------------
Type: 32
State: 4 (The service is running.)
WIN32_EXIT_CODE: 0
SERVICE_EXIT_CODE: 0
CHECKPOINT: 0
WAIT_HINT: 0


TermService Start is set to: 2 (Automatic Startup)

Proxy Status: No proxy is Set

LAN Settings:
=============

only 'Automatically detect settings' is selected

SystemPartition:
================

HKEY_LOCAL_MACHINE\SYSTEM\Setup\
SystemPartition REG_SZ \Device\HarddiskVolume1

Balloon Tips Status:
====================

Enabled

Time Format Settings:
=====================

Should be:
h:mm:ss tt
AM
PM
:

Currently:
REG_SZ h:mm:ss tt
REG_SZ AM
REG_SZ PM
REG_SZ :

Language and Regional Settings:
===============================

ACP: Language is English (United States)
MACCP: Language is English (United States)
OEMCP: Language is English (United States)

Startup Folders for Error_Expanding_Variables Check:
====================================================

All Users Startup Folder Exists.
Current User's Startup Folder Exists.


Context Menu Entries:
=====================
















List of MBAM Related Directories:
=================================

C:\Program Files (x86)\Malwarebytes Anti-Malware\
7z.dll File Size: 920888 BYTES FileVersion: 9.20.0.0 MD5: [90cc5c5c5347eee0909d5bbbe4ea4321]
changes.txt File Size: 3003 BYTES FileVersion: N/A MD5: [17b6dc5b45f9558ea11ee7b95da9b684]
cloud-enumeration.dll File Size: 286008 BYTES FileVersion: 1.0.0.0 MD5: [932c98b79d8dc1409d6c74efd715135e]
cloud.dll File Size: 351544 BYTES FileVersion: 1.0.0.0 MD5: [5d383e601d77e4e82b64c6c3e4b823b3]
license.rtf File Size: 235316 BYTES FileVersion: N/A MD5: [5980b191ffe5d53bfef600b97ad533b5]
master.conf File Size: 1258 BYTES FileVersion: N/A MD5: [9702ca5e82d3756c6d8af34a2ababaea]
mbam.dll File Size: 602936 BYTES FileVersion: 1.0.37.0 MD5: [a3043182dcef5612c928517985bd545a]
mbam.exe File Size: 6554424 BYTES FileVersion: 2.3.55.0 MD5: [abff2b3a80aa5348be5e43efd6b415d1]
mbamcore.dll File Size: 1971512 BYTES FileVersion: 1.3.11.0 MD5: [51b5bea5015b2e37c4f4d496441f8369]
mbamdor.exe File Size: 54072 BYTES FileVersion: 1.0.1.0 MD5: [a994a921e954ba55bea4cc8767f64e0f]
mbamext.dll File Size: 310584 BYTES FileVersion: 3.0.6.0 MD5: [7a4c3c98cc41d06e26cc4cc5d9d06200]
mbampt.exe File Size: 39736 BYTES FileVersion: 1.0.0.0 MD5: [f872caff0cc1fe69d55cbb10c087a00a]
mbamresearch.exe File Size: 1947960 BYTES FileVersion: 1.1.0.0 MD5: [7fb4e7cfabfdc99b88165ecfc0c532c5]
mbamscheduler.exe File Size: 1871160 BYTES FileVersion: 3.1.3.0 MD5: [301e3fdfcf33640bb8763ba444bc5093]
mbamservice.exe File Size: 1133880 BYTES FileVersion: 3.2.13.0 MD5: [83c982a395d00baff6515fb38424ea76]
mbamsrv.dll File Size: 3841336 BYTES FileVersion: 2.1.2.0 MD5: [b3273340603058e7e89964abeea0aa4b]
msvcp100.dll File Size: 421688 BYTES FileVersion: 10.0.40219.325 MD5: [650f2286252c8854ac5846940d181d3a]
msvcr100.dll File Size: 774456 BYTES FileVersion: 10.0.40219.325 MD5: [005f96c221719c03671c0262a4a93521]
Qt5Core.dll File Size: 4645688 BYTES FileVersion: 5.4.1.0 MD5: [a8fceb6261751b709a84ce4a3726439f]
Qt5Gui.dll File Size: 4639032 BYTES FileVersion: 5.4.1.0 MD5: [cdfa353db0a56a394b1fd8346c905069]
Qt5Network.dll File Size: 672056 BYTES FileVersion: 5.4.1.0 MD5: [e4fd655cc85eb6063a8cef66f4e5ed55]
Qt5Widgets.dll File Size: 4473656 BYTES FileVersion: 5.4.1.0 MD5: [5a48fe8fc8b20960713e172a83cca0f5]
Third-party-notices.txt File Size: 70041 BYTES FileVersion: N/A MD5: [915ab4fe416654fbc412019a0a1002ac]
unins000.dat File Size: 30523 BYTES FileVersion: N/A MD5: [d730c6b03f17efb85c90ac722963b8c4]
unins000.exe File Size: 718037 BYTES FileVersion: 51.52.0.0 MD5: [d2796ecf50731e696f0c065d24c0827a]

C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon

C:\Program Files (x86)\Malwarebytes Anti-Malware\\Chameleon\Windows
chameleon.chm File Size: 235882 BYTES FileVersion: N/A MD5: [c4190b71f037714aa77aba294434ba5b]
firefox.com File Size: 893752 BYTES FileVersion: 3.1.25.0 MD5: [0692c8163852ab5674e2eb3b36131ef3]
firefox.exe File Size: 893752 BYTES FileVersion: 3.1.25.0 MD5: [0692c8163852ab5674e2eb3b36131ef3]
firefox.pif File Size: 893752 BYTES FileVersion: 3.1.25.0 MD5: [0692c8163852ab5674e2eb3b36131ef3]
firefox.scr File Size: 893752 BYTES FileVersion: 3.1.25.0 MD5: [0692c8163852ab5674e2eb3b36131ef3]
iexplore.exe File Size: 893752 BYTES FileVersion: 3.1.25.0 MD5: [0692c8163852ab5674e2eb3b36131ef3]
mbam-chameleon.com File Size: 893752 BYTES FileVersion: 3.1.25.0 MD5: [0692c8163852ab5674e2eb3b36131ef3]
mbam-chameleon.exe File Size: 893752 BYTES FileVersion: 3.1.25.0 MD5: [0692c8163852ab5674e2eb3b36131ef3]
mbam-chameleon.pif File Size: 893752 BYTES FileVersion: 3.1.25.0 MD5: [0692c8163852ab5674e2eb3b36131ef3]
mbam-chameleon.scr File Size: 893752 BYTES FileVersion: 3.1.25.0 MD5: [0692c8163852ab5674e2eb3b36131ef3]
mbam-killer.exe File Size: 1496888 BYTES FileVersion: 3.0.13.0 MD5: [10ddd12d628a5388865f2ae25019dd76]
rundll32.exe File Size: 893752 BYTES FileVersion: 3.1.25.0 MD5: [0692c8163852ab5674e2eb3b36131ef3]
svchost.exe File Size: 893752 BYTES FileVersion: 3.1.25.0 MD5: [0692c8163852ab5674e2eb3b36131ef3]
windows.exe File Size: 893752 BYTES FileVersion: 3.1.25.0 MD5: [0692c8163852ab5674e2eb3b36131ef3]
winlogon.exe File Size: 893752 BYTES FileVersion: 3.1.25.0 MD5: [0692c8163852ab5674e2eb3b36131ef3]

C:\Program Files (x86)\Malwarebytes Anti-Malware\\imageformats
qgif.dll File Size: 28472 BYTES FileVersion: 5.4.1.0 MD5: [8858629a544c7c0536c35561040a2d78]

C:\Program Files (x86)\Malwarebytes Anti-Malware\\Languages
lang_ar.qm File Size: 87320 BYTES FileVersion: N/A MD5: [7a7c7e14fcf3f14d6b269295e877750c]
lang_bg.qm File Size: 109563 BYTES FileVersion: N/A MD5: [654b95c228a72131aca7cb26e964dcf9]
lang_ca.qm File Size: 92640 BYTES FileVersion: N/A MD5: [533208d2306e5ad1e5972650f69d8c22]
lang_cs.qm File Size: 105006 BYTES FileVersion: N/A MD5: [508844d9e9aa364aa53bc77adf4f42a8]
lang_da.qm File Size: 88045 BYTES FileVersion: N/A MD5: [e3bc3cdfcf360d319319299d8cd66506]
lang_de.qm File Size: 133736 BYTES FileVersion: N/A MD5: [9b6c6a0d6bc188c1d86ea9342b8035da]
lang_el.qm File Size: 126414 BYTES FileVersion: N/A MD5: [3d112a79eca581d1775fd96b3c5870bb]
lang_en.qm File Size: 2849 BYTES FileVersion: N/A MD5: [d495fecf1db29d41317196416d5ea6c2]
lang_es.qm File Size: 132948 BYTES FileVersion: N/A MD5: [455f47414f13f8942ee6652dd194c46a]
lang_et.qm File Size: 107454 BYTES FileVersion: N/A MD5: [ef9d8fcc151759a2cf100afe2889d5e5]
lang_fi.qm File Size: 89336 BYTES FileVersion: N/A MD5: [09f12751811f8c1a46f6308ab1968ff7]
lang_fr.qm File Size: 136774 BYTES FileVersion: N/A MD5: [581b5833e2fa89003ff8349390323790]
lang_he.qm File Size: 98616 BYTES FileVersion: N/A MD5: [a9cb152f93da040fb9451d750f359c3e]
lang_hu.qm File Size: 108619 BYTES FileVersion: N/A MD5: [042e132aa420bb7807dc6ea150d21c84]
lang_id.qm File Size: 105573 BYTES FileVersion: N/A MD5: [1352510fd6296523d239363d90d493ad]
lang_it.qm File Size: 129004 BYTES FileVersion: N/A MD5: [993c14184487084aedf79471b337606b]
lang_ja.qm File Size: 73730 BYTES FileVersion: N/A MD5: [e1ae65ac342628156abb2cdc36508929]
lang_ko.qm File Size: 85538 BYTES FileVersion: N/A MD5: [e495736a22b566cd27cef405507c0b55]
lang_lt.qm File Size: 90775 BYTES FileVersion: N/A MD5: [2605701cc94ca4ee2ef0be3aaa617d64]
lang_lv.qm File Size: 90647 BYTES FileVersion: N/A MD5: [c9dda1e18b4869c60b8df14907dd5e46]
lang_nl.qm File Size: 128186 BYTES FileVersion: N/A MD5: [193e199cefe0429da41d564af35786e7]
lang_no.qm File Size: 118156 BYTES FileVersion: N/A MD5: [a7a243c9ac9e1efc71f8cdeb8c6ed4bf]
lang_pl.qm File Size: 128623 BYTES FileVersion: N/A MD5: [9e4c6ca1532843c77ddb07b8a1bcac08]
lang_pt_BR.qm File Size: 131550 BYTES FileVersion: N/A MD5: [418b8766d7e7a2a4806ed4d97d18e80f]
lang_pt_PT.qm File Size: 131702 BYTES FileVersion: N/A MD5: [34f70f2a89733552373fa935200c2a0a]
lang_ro.qm File Size: 90440 BYTES FileVersion: N/A MD5: [24bf3ee283cf5a3fd4c93bba6c9fc12b]
lang_ru.qm File Size: 132186 BYTES FileVersion: N/A MD5: [08e1303dba20e8e1957ae1de2ccb4550]
lang_sk.qm File Size: 89139 BYTES FileVersion: N/A MD5: [82ddef8ec6d13b1d4601e7104243ecc9]
lang_sl.qm File Size: 107472 BYTES FileVersion: N/A MD5: [c8e3fae6ae3980aec292baa6cb8eac89]
lang_sv.qm File Size: 105939 BYTES FileVersion: N/A MD5: [646ad8e20658650d4d1daa63b5abb9b6]
lang_tr.qm File Size: 88788 BYTES FileVersion: N/A MD5: [6c4e9b16e496ab46d4a1d3333d972762]
lang_vi.qm File Size: 105393 BYTES FileVersion: N/A MD5: [d1b2c9264ef72792b53255d4dfeb3098]
lang_zh_TW.qm File Size: 87358 BYTES FileVersion: N/A MD5: [1ebfe79770cf695df897750b3c2d5a08]

C:\Program Files (x86)\Malwarebytes Anti-Malware\\platforms
qwindows.dll File Size: 928568 BYTES FileVersion: 5.4.1.0 MD5: [15d93b1f5171eacf7724b2f728a064c4]

C:\Program Files (x86)\Malwarebytes Anti-Malware\\Plugins
fixdamage.exe File Size: 821560 BYTES FileVersion: 1.1.0.1010 MD5: [57da74e5d020877f0aa23133081a1d5c]

C:\Users\Dow\AppData\Roaming\Malwarebytes\Malwarebytes Anti-Malware

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware
actions.ref File Size: 1578 BYTES FileVersion: N/A MD5: [8d8af991d031fdd3494efddaa8f6de12]
akadomains.ref File Size: 532279 BYTES FileVersion: N/A MD5: [633e9eb6d03952edbdcebe50e991d1f1]
akaips.ref File Size: 248739 BYTES FileVersion: N/A MD5: [a36994f4ebf0e4997e8d0e28bec5036e]
domains.ref File Size: 92 BYTES FileVersion: N/A MD5: [643b11322d78d9f4f46f030869ecfc49]
exclusions.dat File Size: 0 BYTES FileVersion: N/A MD5: [d41d8cd98f00b204e9800998ecf8427e]
ips.ref File Size: 80 BYTES FileVersion: N/A MD5: [2ec9c118caec1ae4b78c6ea95da0539f]
rules.ref File Size: 12642075 BYTES FileVersion: N/A MD5: [c5a96ffe5d6489f1600f0a856e24971c]
swissarmy.ref File Size: 25423 BYTES FileVersion: N/A MD5: [636da6ffb6413c6ada45b216dae87e82]

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration
build.conf File Size: 4607 BYTES FileVersion: N/A MD5: [bb0d56363fe8c256ae199a14b4c4e6dc]
database.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2]
gatekeeper.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2]
license.conf File Size: 1473 BYTES FileVersion: N/A MD5: [cd3e00acbfa7ecb12042cb8595b9fcc0]
manifest.conf File Size: 3375 BYTES FileVersion: N/A MD5: [5a9ee576a45db7725fc465b217888904]
marketing.conf File Size: 10950 BYTES FileVersion: N/A MD5: [2a36548baea918cb338f4d0b4d8bd831]
net.conf File Size: 6903 BYTES FileVersion: N/A MD5: [96f129027660e7b397da1c8ae5e0a174]
notifications.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2]
scheduler.conf File Size: 2047 BYTES FileVersion: N/A MD5: [bb40b690e6a6483e2b9f38d9d287936b]
settings.conf File Size: 2063 BYTES FileVersion: N/A MD5: [2bf914e1299cca85aba3f3b06ecf0c36]
statistics.conf File Size: 513 BYTES FileVersion: N/A MD5: [e572302c9f2f3383704163eb83ae5285]

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Configuration\Restore
build.conf File Size: 4194 BYTES FileVersion: N/A MD5: [402aa68f7a914337069a7a826a856503]
database.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2]
gatekeeper.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2]
license.conf File Size: 23 BYTES FileVersion: N/A MD5: [0ec01df616b565180556881d8042255b]
manifest.conf File Size: 2836 BYTES FileVersion: N/A MD5: [12da8707e6aa5c2dfafca55395a8bdbd]
marketing.conf File Size: 11105 BYTES FileVersion: N/A MD5: [4bbcad9dd8e558eb9996d32f37cd25e2]
net.conf File Size: 6133 BYTES FileVersion: N/A MD5: [78d9d986b84b11f36330303a86a2be82]
notifications.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2]
scheduler.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2]
settings.conf File Size: 1725 BYTES FileVersion: N/A MD5: [5454026126dac24f6e96eeb0c64123d3]
statistics.conf File Size: 4 BYTES FileVersion: N/A MD5: [2261e7eca4cd0615a97263c0ad5045c2]

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs
mbam-log-2015-06-30 (18-25-34).xml File Size: 2488 BYTES FileVersion: N/A MD5: [915453ea3e324a5c5a64cbe0a82d2fe6]
protection-log-2015-06-30.xml File Size: 9412 BYTES FileVersion: N/A MD5: [206f39d5c88454ebe0894063366e3717]

C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Quarantine

Malware Exclusions:
===================
Web Exclusions:
================
Quarantined Items:
===================
===============================================================
END OF FILE
Thanks for all the help. I'm going through your suggestions as I learn how to send stuff

#6 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,757 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:15 AM

Posted 01 July 2015 - 10:07 AM

Malwarebytes didn't find anything. 

 

How about the other scans?


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#7 nosmiley

nosmiley
  • Topic Starter

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:asheville, north carolina
  • Local time:08:15 AM

Posted 02 July 2015 - 02:26 AM

Thanks for coming back. Malware bytes found nothing..
Neither did TDSSKiller.
I ran Avast Free, and oddly it found some pups, and other things. I'd always heard Malware Bytes was better.
Let me see if I can post Avast results. It did not remove them or repair, it put them in quarantine. I'll try now
Thank you sir. Very appreciated.

had no luck being able to send

Avast Listed C: users: Java Malware-gen [Trg]
Java Malware-gen [Trj]
HTML: Sweet Orange-A [Trj] sunjava lowlocal

Edited by nosmiley, 02 July 2015 - 02:43 AM.


#8 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,757 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:04:15 AM

Posted 02 July 2015 - 08:22 AM

Avast is an antivirus, Malwarebyte is an antimalware.  They look for different things.
 
Open Avast and click on Scan.
 
Then click on Scan for virus.
 
At the bottom of the page click on Scan history.
 
Click on Detailed report in the right middle of the page.
 
Copy the report and past it in your topic.
 
================
 
You still have not run or posted the Eset Online Scanner.

Please run the ESET OnlineScan

This scan takes quite a long time to run, so be prepared to allow this to run till it is completed.

***Please note. If you run this scan using Internet Explorer you won't need to download the Eset Smartinstaller.***

ESET Online Scanner

  • Click here to download the installer for ESET Online Scanner and save it to your Desktop.
  • Disable all your antivirus and antimalware software - see how to do that here.
  • Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
  • Place a checkmark in YES, I accept the Terms of Use, then click Start. Wait for ESET Online Scanner to load its components.
  • Select Enable detection of potentially unwanted applications.
  • Click Advanced Settings, then place a checkmark in the following:
    • Remove found threats
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click Start to begin scanning.
  • ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
  • When the scan is done, click List threats (only available if ESET Online Scanner found something).
  • Click Export, then save the file to your desktop.
  • Click Back, then Finish to exit ESET Online Scanner.

Edited by dc3, 02 July 2015 - 08:23 AM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users