RayK Posted January 9, 2014 ID:775586 Share Posted January 9, 2014 Hi, I'm not too sure if I'm posting in the right place but Skype does not work at all when I try and sign in. I used MBAM to clean up my computer, but after when I tried to use Skype within the next day it keeps signing in forever or if it does sign in it keeps refreshing the messages forever, so I cannot receive or send messages or calls. It's been like this for days now. Link to post Share on other sites More sharing options...
Firefox Posted January 9, 2014 ID:775594 Share Posted January 9, 2014 Hello and Removing malware can be tricky and sometimes breaks other things.... can you post your last scan log so we can see what was detected and removed? Thanks Link to post Share on other sites More sharing options...
RayK Posted January 9, 2014 Author ID:775597 Share Posted January 9, 2014 Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2014.01.01.06 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 11.0.9600.16476Ray :: RAY-PC [administrator] 01/01/2014 9:43:51 PMmbam-log-2014-01-01 (21-43-51).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 259979Time elapsed: 19 minute(s), 50 second(s) Memory Processes Detected: 1C:\PROGRAMDATA\IBUPDATERSERVICE\ibsvc.exe (Adware.InstallBrain) -> 1976 -> Delete on reboot. Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 6HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (Adware.InstallBrain) -> Quarantined and deleted successfully.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service (Adware.InstallBrain) -> Quarantined and deleted successfully.HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> Quarantined and deleted successfully.HKCU\SOFTWARE\BI (PUP.Optional.FilesFrog.A) -> Quarantined and deleted successfully.HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3315010 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. Registry Values Detected: 1HKCU\Software\BI|ui_path_filesfrog (PUP.Optional.FilesFrog.A) -> Data: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FilesFrog Update Checker -> Quarantined and deleted successfully. Registry Data Items Detected: 1HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit.A) -> Bad: (http://search.conduit.com/?ctid=CT3227981&octid=CT3227981&SearchSource=61&CUI=UN21053656883082322&UM=2&UP=SP515AC8B9-5E5D-4036-8539-BFC1B60B6E78&SSPV=) Good: (http://www.google.com) -> Quarantined and repaired successfully. Folders Detected: 13C:\PROGRAMDATA\IBUPDATERSERVICE (Adware.InstallBrain) -> Delete on reboot.C:\Users\Ray\AppData\Roaming\OPENCANDY (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Roaming\OPENCANDY\7163E6D1D59944EAADA36CF087F8AE95 (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Roaming\OPENCANDY\OpenCandy_7163E6D1D59944EAADA36CF087F8AE95 (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\CT3227981 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\CT3227981\plugins (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\CT3315010 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\CT3315010\plugins (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\CT3315010\xpi (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\CT3315010\xpi\defaults (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\CT3315010\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\PROGRAMDATA\Conduit\IE (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\PROGRAMDATA\Conduit\IE\CT3315010 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. Files Detected: 103C:\PROGRAMDATA\IBUPDATERSERVICE\ibsvc.exe (Adware.InstallBrain) -> Delete on reboot.C:\$Recycle.Bin\S-1-5-21-2177173121-3923863015-2743746415-1000\$RLVTTJ8.exe (PUP.Optional.FilePile.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\appshat-distribution.exe (PUP.Optional.Somoto.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\BI_RunOnce.exe (PUP.Optional.Somoto.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\BundleSweetIMSetup.exe (PUP.Optional.SweetIM) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate.exe (PUP.Optional.Somoto) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\ly.exe (PUP.Optional.AdLyrics) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\mconduitinstaller.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\nsa13D4.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\nsa457E.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\nsf2B6C.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\nsf38D7.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\nsfB3A8.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\nsi6153.tmp (PUP.Optional.Somoto.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\nsk3A73.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\nskBE7A.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\nsm29E4.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\nsp9B8C.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\OptimizerPro.exe (PUP.Optional.OptimizePro.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\pcp_conduit_setup.exe (Adware.InstallBrain) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\run.exe (PUP.Optional.Somoto) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\setup.exe (PUP.Optional.Monetizer) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\tmp44C0.exe (PUP.Optional.Amonetize) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\tmpD5A8.exe (PUP.Optional.Amonetize) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\tmpF6EF.exe (PUP.Optional.Amonetize) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\ToolbarHelper.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\UpdateCheckerSetup.exe (PUP.Optional.Somoto.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\AU\SPSetup.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\ct3227981\chLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\ct3227981\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\ct3227981\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\ct3227981\spch.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\ct3227981\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\ct3227981\stub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\ct3315010\chLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\ct3315010\ctbe.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\ct3315010\ffLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\ct3315010\ieLogic.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\ct3315010\spch.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\ct3315010\spff.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\ct3315010\statisticsStub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\ct3315010\stub.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\Download_276E\Slicethepie_AutoTyper_Downloader.exe (PUP.Optional.FilePile.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\Download_BBA1\Slicethepie_AutoTyper_Downloader.exe (PUP.Optional.FilePile.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\Download_C9B6\Slicethepie_AutoTyper_Downloader.exe (PUP.Optional.FilePile.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\Download_E254\Slicethepie_AutoTyper_Downloader.exe (PUP.Optional.FilePile.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\Slicethepie AutoTyperDownload_3302\Slicethepie_AutoTyper_Downloader.exe (PUP.Optional.FilePile.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\Slicethepie AutoTyperDownload_C725\Slicethepie_AutoTyper_Downloader.exe (PUP.Optional.FilePile.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\Slicethepie AutoTyperDownload_E9F2\Slicethepie_AutoTyper_Downloader.exe (PUP.Optional.FilePile.A) -> Quarantined and deleted successfully.C:\Windows\Temp\nse3FB4.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.C:\Windows\Temp\nseE18D.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.C:\Windows\Temp\nstE063.exe (PUP.Optional.SearchProtect.A) -> Quarantined and deleted successfully.C:\Windows\Temp\nsyE38D.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\Downloads\7zip_RocketFuelInstaller.exe (PUP.Optional.Verti) -> Quarantined and deleted successfully.C:\Users\Ray\Downloads\CheatEngine62.exe (PUP.Optional.Somoto) -> Quarantined and deleted successfully.C:\Users\Ray\Downloads\FLVPlayerSetup-54Svhek.exe (PUP.Optional.Somoto) -> Quarantined and deleted successfully.C:\Users\Ray\Downloads\LOIC-1.0.7.42-binary.zip (PUP.HackTool.LOIC) -> Quarantined and deleted successfully.C:\Users\Ray\Downloads\mav180p_v8_downloader.exe (PUP.ForceInstaller) -> Quarantined and deleted successfully.C:\Users\Ray\Downloads\Slicethepie_AutoTyper_Downloader.exe (PUP.Optional.FilePile.A) -> Quarantined and deleted successfully.C:\Users\Ray\Downloads\SoftonicDownloader_for_axife-mouse-recorder (1).exe (PUP.Optional.Softonic) -> Quarantined and deleted successfully.C:\Users\Ray\Downloads\SoftonicDownloader_for_axife-mouse-recorder.exe (PUP.Optional.Softonic) -> Quarantined and deleted successfully.C:\Users\Ray\Downloads\VLCMediaPlayerSetup-8p3IKVp.exe (PUP.Optional.Somoto) -> Quarantined and deleted successfully.C:\Users\Ray\Downloads\winamp563_full_emusic-7plus_all.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.C:\Users\Ray\Downloads\winamp565_full_emusic-7plus_all.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Bundled software uninstaller\biclient.exe (PUP.Optional.Somoto.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Conduit\CT3315010\KeyBar_1.29AutoUpdateHelper.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\Local Settings\Temporary Internet Files\Content.IE5\3HCB9LH8\KeyBar_1_29_wpf[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\Local Settings\Temporary Internet Files\Content.IE5\3HCB9LH8\LyricsSing_1060-3050_v122[1].exe (PUP.Optional.AdLyrics) -> Quarantined and deleted successfully.C:\Users\Ray\Local Settings\Temporary Internet Files\Content.IE5\3HCB9LH8\SPSetup[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\Local Settings\Temporary Internet Files\Content.IE5\5Z5FCCYW\SPSetup[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\Local Settings\Temporary Internet Files\Content.IE5\8LOP3UDV\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate[1].exe (PUP.Optional.Somoto) -> Quarantined and deleted successfully.C:\Users\Ray\Local Settings\Temporary Internet Files\Content.IE5\8LOP3UDV\KeyBar_1.29[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\Local Settings\Temporary Internet Files\Content.IE5\9RBC4SN5\conduitinstaller[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\Local Settings\Temporary Internet Files\Content.IE5\BSHB838M\checktbexist[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\Local Settings\Temporary Internet Files\Content.IE5\BSHB838M\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\Local Settings\Temporary Internet Files\Content.IE5\WL00S1YJ\appbario7[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\Local Settings\Temporary Internet Files\Content.IE5\WL00S1YJ\bi_downloader[1].exe (PUP.Optional.Somoto.A) -> Quarantined and deleted successfully.C:\Users\Ray\Local Settings\Temporary Internet Files\Content.IE5\WQEBZ2W1\stublogic[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\Local Settings\Temporary Internet Files\Content.IE5\YW52IRDN\appbario7_wpf[1].exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\Local Settings\Temporary Internet Files\Content.IE5\YW52IRDN\minibar-core[1].exe (PUP.Optional.MiniBar.A) -> Quarantined and deleted successfully.C:\PROGRAMDATA\IBUPDATERSERVICE\REPOSITORY.XML (Adware.InstallBrain) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Roaming\OPENCANDY\7163E6D1D59944EAADA36CF087F8AE95\TuneUpUtilities2013-2200310_en-US.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\CT3227981\chromeid.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\CT3227981\CT3227981.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\CT3227981\initData.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\CT3227981\manifest.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\CT3227981\setup.ini.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\CT3227981\plugins\TBVerifier.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\CT3315010\chromeid.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\CT3315010\conduit.xml (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\CT3315010\CT3315010.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\CT3315010\CT3315010.xpi (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\CT3315010\initdata.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\CT3315010\manifest.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\CT3315010\setup.ini.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\CT3315010\version.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\CT3315010\plugins\TBVerifier.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\CT3315010\xpi\install.rdf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\Users\Ray\AppData\Local\Temp\CT3315010\xpi\defaults\PREFERENCES\defaults.js (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\PROGRAMDATA\Conduit\IE\CT3315010\configutaion.json (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\PROGRAMDATA\Conduit\IE\CT3315010\SetupIcon.ico (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully.C:\PROGRAMDATA\Conduit\IE\CT3315010\UninstallerUI.exe (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. (end) Link to post Share on other sites More sharing options...
RayK Posted January 9, 2014 Author ID:775601 Share Posted January 9, 2014 I also have this from my last full scan log. Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2014.01.01.06 Windows 7 Service Pack 1 x64 NTFSInternet Explorer 11.0.9600.16476Ray :: RAY-PC [administrator] 02/01/2014 8:59:10 PMmbam-log-2014-01-02 (20-59-10).txt Scan type: Full scan (C:\|D:\|)Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 628901Time elapsed: 2 hour(s), 5 minute(s), 40 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 18HKCR\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634} (PUP.Optional.Wajam.A) -> No action taken.HKCR\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} (PUP.Optional.Wajam.A) -> No action taken.HKCR\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5} (PUP.Optional.Wajam.A) -> No action taken.HKCR\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} (PUP.Optional.Wajam.A) -> No action taken.HKCR\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2} (PUP.Optional.Wajam.A) -> No action taken.HKCR\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D} (PUP.Optional.Wajam.A) -> No action taken.HKCR\wajam.WajamDownloader.1 (PUP.Optional.Wajam.A) -> No action taken.HKCR\wajam.WajamDownloader (PUP.Optional.Wajam.A) -> No action taken.HKCR\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam) -> No action taken.HKCR\wajam.WajamBHO.1 (PUP.Optional.Wajam) -> No action taken.HKCR\wajam.WajamBHO (PUP.Optional.Wajam) -> No action taken.HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C} (PUP.Optional.Wajam) -> No action taken.HKCR\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} (PUP.Optional.Conduit) -> No action taken.HKCR\AppID\priam_bho.DLL (PUP.Optional.Wajam.A) -> No action taken.HKCU\SOFTWARE\WAJAM (PUP.Optional.Wajam.A) -> No action taken.HKLM\SOFTWARE\WAJAM (PUP.Optional.Wajam.A) -> No action taken.HKLM\SYSTEM\CurrentControlSet\Services\WajamUpdaterV3 (PUP.Optional.Wajam.A) -> No action taken.HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam (PUP.Optional.Wajam.A) -> No action taken. Registry Values Detected: 3HKCU\Software\Mozilla\Firefox\Extensions|{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2} (PUP.Optional.Wajam.A) -> Data: C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi -> No action taken.HKCU\Software\Wajam|affiliate_id (PUP.Optional.Wajam.A) -> Data: 5927 -> No action taken.HKLM\SOFTWARE\Wajam|red (PUP.Optional.Wajam.A) -> Data: 4 -> No action taken. Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 11C:\PROGRAM FILES (X86)\Wajam (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Chrome (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Chrome\nativeMessagingHost (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Firefox (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\IE (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Updater (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Search (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Explore Social Shopping (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Uninstall Wajam (PUP.Optional.Wajam.A) -> No action taken. Files Detected: 70C:\PROGRAM FILES (X86)\Wajam\IE\PRIAM_BHO.DLL (PUP.Optional.Wajam.A) -> No action taken.C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll (PUP.Optional.Conduit) -> No action taken.C:\Program Files (x86)\KeyBar_1.29\KeyBar_1.29ToolbarHelper.exe (PUP.Optional.Conduit.A) -> No action taken.C:\Program Files (x86)\Wajam\Updater\update.exe (PUP.Optional.Wajam) -> No action taken.C:\Users\Ray\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3HCB9LH8\wajam_install[1].exe (PUP.Optional.Wajam) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Updater\WAJAMUPDATERV3.EXE (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\uninstall.exe (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Chrome\NATIVEMESSAGINGHOST\host.json (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Chrome\NATIVEMESSAGINGHOST\NativeMessageHost.exe (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\IE\favicon.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\IE\wajamLogo.bmp (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\amazon.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\argos.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\ask.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\bestbuy.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\bing.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\ebay.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\etsy.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\facebook.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\favicon.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\google.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\homedepot.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\ikea.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\imdb.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\lowes.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\mercado.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\mysearchweb.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\myshopping.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\searchresult.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\sears.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\setting.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\settings.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\shopping.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\target.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\tesco.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\tripadvisor.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\twitter.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\wajam.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\walmart.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\wiki.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\yahoo.ico (PUP.Optional.Wajam.A) -> No action taken.C:\PROGRAM FILES (X86)\Wajam\Logos\zalando.ico (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Settings.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\SignIn with Facebook.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\SignIn with Twitter.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\Wajam Website.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\EXPLORE SOCIAL SEARCH\Ask.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\EXPLORE SOCIAL SEARCH\Bing.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\EXPLORE SOCIAL SEARCH\Google.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\EXPLORE SOCIAL SEARCH\IMDb.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\EXPLORE SOCIAL SEARCH\Shopping.com.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\EXPLORE SOCIAL SEARCH\TripAdvisor.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\EXPLORE SOCIAL SEARCH\Wikipedia.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\EXPLORE SOCIAL SEARCH\Yahoo!.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\EXPLORE SOCIAL SHOPPING\Amazon.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\EXPLORE SOCIAL SHOPPING\Argos.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\EXPLORE SOCIAL SHOPPING\Ebay.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\EXPLORE SOCIAL SHOPPING\Etsy.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\EXPLORE SOCIAL SHOPPING\HomeDepot.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\EXPLORE SOCIAL SHOPPING\Ikea.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\EXPLORE SOCIAL SHOPPING\Lowe's.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\EXPLORE SOCIAL SHOPPING\Mercadolivre.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\EXPLORE SOCIAL SHOPPING\MyShopping.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\EXPLORE SOCIAL SHOPPING\Sears.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\EXPLORE SOCIAL SHOPPING\Target.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\EXPLORE SOCIAL SHOPPING\Tesco.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\EXPLORE SOCIAL SHOPPING\Walmart.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\EXPLORE SOCIAL SHOPPING\Zalando.lnk (PUP.Optional.Wajam.A) -> No action taken.C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam\UNINSTALL WAJAM\uninstall.lnk (PUP.Optional.Wajam.A) -> No action taken. (end) Link to post Share on other sites More sharing options...
Root Admin AdvancedSetup Posted January 10, 2014 Root Admin ID:775987 Share Posted January 10, 2014 Not sure why it would do that as none of those files are system critical or even OS related. Please follow the instructions here and someone will assist you further. https://forums.malwarebytes.org/index.php?showtopic=9573 Thanks Link to post Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now