Jump to content

Unable to open or remove Malwarebytes


Recommended Posts

I posted this problem earlier today and received help from a volunteer who suggested I reset my browsers, which I did but it did not help. -

I am unable to open Malwarebytes. I receive the error message "Run-time error '5'", invalid procedure call or argument. I am also unable to download any files, including MBam clean. The error message I receive is "download failed-virus scan failed" even when I am attempting to download files I am sure are safe. I have turned off Windows Defender but still receive the error message. I have tried Chameleon to no avail. If I attempt to remove Malwarebytes via uninstall programs I get an error message that says the setup files are corrupted and to please obtain a new copy of the program, but I cannot download it.  I am running Windows Vista and would like to upload files to a cloud program so that I can transfer them to a new computer, but I cannot download any programs at all, including Farbar Recovery Scan. I looked thru previous threads but do not see this particular problem. I am not very skilled so please use as simple of computer language as possible.  Any help will be appreciated!

Link to post
Share on other sites

Hello,
    
 
They call me TwinHeadedEagle around here, and I'll be working with you.
 
     
    
Before we start please read and note the following:

  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
  • Always execute my instructions in given order. If for some reason you cannot completely follow one instruction, inform me about that.
  • Stay with me to the end, the absence of symptoms doesn't mean that your machine is fully operational.
  • Note that we may live in totally different time zones, what may cause some delays between answers.
  • Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

:excl: I can't foresee everything, so if anything unexpected happens, please stop and inform me!
:excl: There are no silly questions. Never be afraid to ask if in doubt!
 
 
 
  warning.gif Rules and policies
 
We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!
 
Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.
 
 
 

Please download Farbar Recovery Scan Tool and save it to your desktop.
 
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Link to post
Share on other sites

It worked when I used Internet Explorer!

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-12-2014
Ran by Patti (administrator) on PATTI-PC on 28-12-2014 17:38:37
Running from C:\Users\Patti\Downloads
Loaded Profile: Patti (Available profiles: Patti)
Platform: Windows Vista Home Premium Service Pack 2 (X64) OS Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
() C:\Program Files (x86)\B021CBBD-E38E-4F8C-8E93-6624B0597A23\etmajyzoqm64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\005\cyycfhtzro64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Seagate Technology LLC) C:\Program Files (x86)\Maxtor\Sync\SyncServices.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
() C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
(Panasonic Corporation) C:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe
(Maxtor Corporation) C:\Program Files (x86)\Maxtor\OneTouch Status\MaxMenuMgr.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_246_ActiveX.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [6936096 2008-11-25] (Realtek Semiconductor)
HKLM\...\Run: [skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2008-11-25] (Realtek Semiconductor Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [mxomssmenu] => C:\Program Files (x86)\Maxtor\OneTouch Status\maxmenumgr.exe [169264 2007-09-06] (Maxtor Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1478845872-4263262292-354051888-1000\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1478845872-4263262292-354051888-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1478845872-4263262292-354051888-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [138240 2008-01-20] (Microsoft Corporation)
HKU\S-1-5-21-1478845872-4263262292-354051888-1000\...\Run: [Akamai NetSession Interface] => "C:\Users\Patti\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-1478845872-4263262292-354051888-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-10-31] (Apple Inc.)
HKU\S-1-5-21-1478845872-4263262292-354051888-1000\...\MountPoints2: {85fbdf62-13cd-11e0-b3d9-0026185415aa} - K:\LaunchU3.exe -a
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL => "C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Smart Wizard.lnk
ShortcutTarget: NETGEAR WNA3100 Smart Wizard.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO.lnk
ShortcutTarget: PHOTOfunSTUDIO.lnk -> C:\Program Files (x86)\Panasonic\PHOTOfunSTUDIO\PhAutoRun.exe (Panasonic Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://broadband.zoomtown.com
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-1478845872-4263262292-354051888-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ->  No File
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: No Name -> {26B19FA4-E8A1-4A1B-A163-1A1E46F830DD} ->  No File
BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG10\avgssie.dll No File
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKU\S-1-5-21-1478845872-4263262292-354051888-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Toolbar: HKU\S-1-5-21-1478845872-4263262292-354051888-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {3107C2A8-9F0B-4404-A58B-21BD85268FBC} http://www.pogo.com/cdl/launcher/PogoWebLauncherInstaller.CAB
DPF: HKLM-x32 {935F9B04-0C7B-4454-A391-348C54AD7ADD} http://www.shockwave.com/content/bigcityadventuresf/sis/JBGamePlayer.cab
DPF: HKLM-x32 {A4110378-789B-455F-AE86-3A1BFC402853} http://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab
DPF: HKLM-x32 {B8BE5E93-A60C-4D26-A2DC-220313175592} http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
DPF: HKLM-x32 {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} http://aolsvc.aol.com/onlinegames/bejeweled2/popcaploader_v10.cab
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.200.1
 
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @mywebsearch.com/Plugin -> C:\Program Files (x86)\MyWebSearch\bar\1.bin\NPMyWebS.dll No File
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.7\npapicomadapter.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1478845872-4263262292-354051888-1000: @movenetworks.com/Quantum Media Player -> C:\Users\Patti\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-22]
FF HKLM-x32\...\Firefox\Extensions: [m3ffxtbr@mywebsearch.com] - C:\Program Files (x86)\MyWebSearch\bar\1.bin
FF HKU\S-1-5-21-1478845872-4263262292-354051888-1000\...\Firefox\Extensions: [moveplayer@movenetworks.com] - C:\Users\Patti\AppData\Roaming\Move Networks
FF Extension: No Name - C:\Users\Patti\AppData\Roaming\Move Networks [2010-01-13]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3330390&octid=EB_ORIGINAL_CTID&ISID=MBDB1ACF7-1ED6-49CA-90F4-5AEEC686FB42&SearchSource=55&CUI=&UM=6&UP=SP88C34C93-B72E-419A-A88E-8AADDA8F7F97&SSPV=
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Java Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (BrowserPlus (from Yahoo!) v2.9.8) - C:\Users\Patti\AppData\Local\Yahoo!\BrowserPlus\2.9.8\Plugins\npybrowserplus_2.9.8.dll No File
CHR Plugin: (Move Streaming Media Player) - C:\Users\Patti\AppData\Roaming\Move Networks\plugins\npqmp071505000011.dll (Move Networks)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Profile: C:\Users\Patti\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Entanglement Web App) - C:\Users\Patti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2011-05-14]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Patti\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (Poppit!) - C:\Users\Patti\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2011-05-14]
CHR Extension: (Google Wallet) - C:\Users\Patti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AllDaySavingsService64; C:\Program Files (x86)\B021CBBD-E38E-4F8C-8E93-6624B0597A23\etmajyzoqm64.exe [172544 2014-07-31] () [File not signed]
R2 cyycfhtzro64; C:\Program Files\005\cyycfhtzro64.exe [709120 2014-08-09] () [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-06-04] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-06-04] (Hewlett-Packard Co.) [File not signed]
R2 Maxtor Sync Service; C:\Program Files (x86)\Maxtor\Sync\SyncServices.exe [156976 2007-09-28] (Seagate Technology LLC)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [69632 2006-11-08] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [88064 2006-11-08] (Hewlett-Packard) [File not signed]
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [285152 2010-08-26] ()
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [X]
S2 CouponArificService64; C:\Program Files (x86)\35556262-902E-49AE-8622-66E14F1F041C\arrmeapsie64.exe [X]
S2 Norton Internet Security; "C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe" /s "Norton Internet Security" /m "C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\diMaster.dll" /prefetch:1
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 camfilt2; C:\Windows\System32\DRIVERS\camfilt2.sys [137728 2007-08-06] (Guillemot Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15680 2006-11-01] ()
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [56528 2014-11-19] (NetFilterSDK.com)
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10684672 2007-07-17] (Sonix Co. Ltd.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\EX64.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S1 SRTSP; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSP64.SYS [X]
S1 SRTSPX; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSPX64.SYS [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-28 17:38 - 2014-12-28 17:38 - 00020248 _____ () C:\Users\Patti\Downloads\FRST.txt
2014-12-28 17:37 - 2014-12-28 17:37 - 02123264 _____ (Farbar) C:\Users\Patti\Downloads\FRST64.exe
2014-12-27 14:14 - 2014-12-27 14:14 - 00000022 _____ () C:\Users\Patti\Desktop\New Compressed (zipped) Folder.zip
2014-12-22 22:38 - 2014-12-22 22:38 - 00274672 _____ () C:\Windows\Minidump\Mini122214-01.dmp
2014-12-11 03:05 - 2014-11-06 20:33 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-11 03:05 - 2014-11-06 20:28 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-11 03:05 - 2014-11-03 19:35 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-11 03:05 - 2014-11-03 19:19 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-11 03:03 - 2014-12-02 21:06 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-12-11 03:03 - 2014-12-02 20:51 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-12-10 07:49 - 2014-11-24 17:12 - 17874432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-10 07:49 - 2014-11-24 16:59 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-10 07:49 - 2014-11-24 16:54 - 10921984 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-10 07:49 - 2014-11-24 16:53 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-10 07:49 - 2014-11-24 16:47 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-10 07:49 - 2014-11-24 16:47 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-10 07:49 - 2014-11-24 16:45 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-10 07:49 - 2014-11-24 16:45 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-12-10 07:49 - 2014-11-24 16:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-10 07:49 - 2014-11-24 16:44 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-10 07:49 - 2014-11-24 16:44 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-10 07:49 - 2014-11-24 16:44 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-10 07:49 - 2014-11-24 16:44 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-10 07:49 - 2014-11-24 16:44 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-10 07:49 - 2014-11-24 16:44 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-10 07:49 - 2014-11-24 16:44 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-10 07:49 - 2014-11-24 16:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-12-10 07:49 - 2014-11-24 16:44 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-12-10 07:49 - 2014-11-24 16:43 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-10 07:49 - 2014-11-24 16:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-10 07:49 - 2014-11-24 16:43 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-12-10 07:49 - 2014-11-24 16:42 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-10 07:49 - 2014-11-24 15:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-10 07:49 - 2014-11-24 15:41 - 12369920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-10 07:49 - 2014-11-24 15:40 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-10 07:49 - 2014-11-24 15:37 - 09740800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-10 07:49 - 2014-11-24 15:35 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-10 07:49 - 2014-11-24 15:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-10 07:49 - 2014-11-24 15:34 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-10 07:49 - 2014-11-24 15:34 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-12-10 07:49 - 2014-11-24 15:33 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-10 07:49 - 2014-11-24 15:33 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-10 07:49 - 2014-11-24 15:33 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-10 07:49 - 2014-11-24 15:33 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-10 07:49 - 2014-11-24 15:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-10 07:49 - 2014-11-24 15:33 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-10 07:49 - 2014-11-24 15:33 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-12-10 07:49 - 2014-11-24 15:32 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-10 07:49 - 2014-11-24 15:32 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-10 07:49 - 2014-11-24 15:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-10 07:49 - 2014-11-24 15:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-10 07:49 - 2014-11-24 15:32 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-10 07:49 - 2014-11-24 15:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-12-10 07:49 - 2014-11-24 15:32 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-12-01 17:05 - 2014-12-01 17:05 - 00000000 ____D () C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-28 17:38 - 2014-04-17 18:39 - 00000000 ____D () C:\FRST
2014-12-28 17:35 - 2009-06-03 19:05 - 00000434 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{0422D2B5-98C1-4BE9-BEFD-2BF564BDE206}.job
2014-12-28 17:27 - 2006-11-02 07:46 - 00759582 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-28 17:24 - 2009-08-05 11:50 - 01292125 _____ () C:\Windows\WindowsUpdate.log
2014-12-28 17:03 - 2013-11-13 08:59 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-28 16:48 - 2006-11-02 10:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-28 16:48 - 2006-11-02 10:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-28 16:41 - 2010-03-05 14:14 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-28 13:41 - 2010-03-05 14:14 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-27 18:07 - 2011-05-21 08:36 - 00003686 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E48DE84D-903C-4131-B3F3-13534B7BF64D}
2014-12-26 14:54 - 2006-11-02 10:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-25 11:51 - 2006-11-02 10:42 - 00032622 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-12-22 22:38 - 2014-04-28 11:44 - 530975082 _____ () C:\Windows\MEMORY.DMP
2014-12-22 22:38 - 2009-10-14 15:32 - 00000000 ____D () C:\Windows\Minidump
2014-12-12 07:50 - 2011-05-13 12:32 - 00002025 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-11 03:47 - 2006-11-02 08:33 - 00000000 ____D () C:\Windows\rescache
2014-12-11 03:13 - 2009-06-03 18:54 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-11 03:12 - 2013-07-23 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-11 03:07 - 2006-11-02 07:35 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-12-10 11:03 - 2013-11-13 08:59 - 00003682 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-10 11:03 - 2012-05-11 18:42 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 11:03 - 2011-06-29 07:42 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-05 13:57 - 2009-12-28 18:53 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-12-05 13:51 - 2009-12-28 18:55 - 00000000 ____D () C:\Users\Patti\AppData\Roaming\Apple Computer
2014-12-02 18:51 - 2011-02-21 09:18 - 00000000 ____D () C:\Users\Patti\AppData\Local\Windows Live
 
Files to move or delete:
====================
C:\Users\Patti\AcroPro90_efg.exe
 
 
Some content of TEMP:
====================
C:\Users\Patti\AppData\Local\Temp\APNSetup.exe
C:\Users\Patti\AppData\Local\Temp\BackupSetup.exe
C:\Users\Patti\AppData\Local\Temp\bpuninstall.exe
C:\Users\Patti\AppData\Local\Temp\CloudBackup1947.exe
C:\Users\Patti\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Patti\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Patti\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Patti\AppData\Local\Temp\nsa3DBE.exe
C:\Users\Patti\AppData\Local\Temp\nsiC90C.exe
C:\Users\Patti\AppData\Local\Temp\nss93A6.exe
C:\Users\Patti\AppData\Local\Temp\nssCCA5.exe
C:\Users\Patti\AppData\Local\Temp\nsu504E.tmp.exe
C:\Users\Patti\AppData\Local\Temp\nsx9684.exe
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite27417.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite27485.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite27788.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite28521.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite36478.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite41684.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite46617.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite49717.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite55097.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite59290.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite60765.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite63276.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite67745.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite68477.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite69673.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite71213.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite71603.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite73714.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite73878.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite83247.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite89764.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite92087.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite93688.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite94115.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite97269.dll
C:\Users\Patti\AppData\Local\Temp\System.Data.SQLite97725.dll
C:\Users\Patti\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Patti\AppData\Local\Temp\_is22BC.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-12-26 15:00
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-12-2014
Ran by Patti at 2014-12-28 17:39:14
Running from C:\Users\Patti\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
64 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
AIO_Scan (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avery Wizard 3.1 (HKLM-x32\...\{F4986439-300C-4CA1-B293-809B10ECDB15}) (Version: 3.1.7 - Avery)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
C4200 (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden
C4200_doccd (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden
c4200_Help (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden
Copy (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
CustomerResearchQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destination Component (x32 Version: 090.000.091.086 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 90.0.205.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 9.0.0.0 - Hewlett-Packard) Hidden
DocProcQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
eSupportQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hercules Classic Silver Webcam (HKLM-x32\...\{FD4FE0F7-91FC-43A2-9C3A-187553991FFF}) (Version: 2.8.0.0 - Hercules)
HP Customer Participation Program 9.0 (HKLM\...\HPExtendedCapabilities) (Version: 9.0 - HP)
HP Imaging Device Functions 9.0 (HKLM\...\HP Imaging Device Functions) (Version: 9.0 - HP)
HP OCR Software 9.0 (HKLM\...\HPOCR) (Version: 9.0 - HP)
HP Photosmart All-In-One Software 9.0 (HKLM\...\{B09BCBF6-87EE-4403-A336-3A9510856535}) (Version: 9.0 - HP)
HP Photosmart Essential 2.01 (HKLM\...\HP Photosmart Essential) (Version: 2.01 - HP)
HP Solution Center 9.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 9.0 - HP)
HP Update (HKLM-x32\...\{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}) (Version: 4.000.006.003 - Hewlett-Packard)
HPProductAssistant (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}) (Version: 2.2.0.0000 - Hewlett Packard Development Company L.P.)
iCloud (HKLM\...\{CE97E4D3-9F91-4D72-8A29-ED9EA90E5A15}) (Version: 2.1.3.25 - Apple Inc.)
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Malwarebytes' Anti-Malware version 1.51.2.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.51.2.1300 - Malwarebytes Corporation)
MarketResearch (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
Maxtor Manager (HKLM-x32\...\InstallShield_{ED01D958-AEDC-40C8-93FD-0C08E8AA9530}) (Version: 4.02.0227 - Seagate Technology)
Maxtor Manager (x32 Version: 4.02.0227 - Seagate Technology) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUSR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Move Media Player (HKU\S-1-5-21-1478845872-4263262292-354051888-1000\...\Move Media Player) (Version:  - Move Networks)
MSXML 4.0 SP2 (KB927978) (HKLM-x32\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 1.01.206 - NETGEAR)
PHOTOfunSTUDIO (HKLM-x32\...\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}) (Version: 3.00.000 - Panasonic)
Picaboo X (HKLM-x32\...\com.picaboo.Picaboo.A382D4714709B456C4E0088DFC1F7243AF9EBF75.1) (Version: 10.141P - Picaboo Corporation)
Picaboo X (x32 Version: 10.141 - Picaboo Corporation) Hidden
PS_AIO_ProductContext (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden
PS_AIO_Software (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden
PS_AIO_Software_min (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden
PSSWCORE (x32 Version: 2.01.0000 - Hewlett-Packard) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5745 - Realtek Semiconductor Corp.)
Scan (x32 Version: 9.0.0.0 - Hewlett-Packard) Hidden
Segoe UI (x32 Version: 15.4.2271.0615 - Microsoft Corp) Hidden
Skype Toolbars (HKLM-x32\...\{981029E0-7FC9-4CF3-AB39-6F133621921A}) (Version: 1.0.4051 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
Spelling Dictionaries Support For Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-900000000004}) (Version: 9.0.0 - Adobe Systems Incorporated)
Status (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 9.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VideoToolkit01 (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
WebReg (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Yahoo! Detect (HKLM-x32\...\YTdetect) (Version:  - )
ZoomTown Install Kit 10.3.0.0 (HKLM-x32\...\ZoomTown Install Kit) (Version: 10.3.0.0 - Cincinnati Bell)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
Check "winmgmt" service or repair WMI.
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2006-11-02 07:34 - 2006-09-18 16:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {3B5D64EE-15CC-4E16-9E88-8DA8C6439297} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {5699806F-9276-4C3B-9A9A-FD13F2995B2D} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-20] (Microsoft Corporation)
Task: {A97C87F8-F35E-4183-88F2-2499D38E5ECC} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {BE5431BF-3B95-407F-B56C-FB9D32116E6B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: {D173794B-F688-4E53-A395-CB362EBBBB3F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {EBAEBB3C-2FF6-4CCC-A479-47D98C4A6A13} - System32\Tasks\{959AAD54-70D9-4D65-BD47-97709204AD7C} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2013-11-14] (Skype Technologies S.A.)
Task: {ED925B61-5405-47B6-B7F6-6A8A494B3B4B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-21] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{0422D2B5-98C1-4BE9-BEFD-2BF564BDE206}.job => C:\Windows\system32\msfeedssync.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-07-31 15:20 - 2014-07-31 15:20 - 00172544 _____ () C:\Program Files (x86)\B021CBBD-E38E-4F8C-8E93-6624B0597A23\etmajyzoqm64.exe
2014-07-31 15:20 - 2014-07-31 15:20 - 00110080 _____ () C:\Program Files (x86)\B021CBBD-E38E-4F8C-8E93-6624B0597A23\nfapi.dll
2014-07-31 15:20 - 2014-07-31 15:20 - 00456192 _____ () C:\Program Files (x86)\B021CBBD-E38E-4F8C-8E93-6624B0597A23\ProtocolFilters.dll
2013-10-31 12:47 - 2013-10-31 12:47 - 00954696 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2014-08-09 07:21 - 2014-08-09 07:21 - 00709120 _____ () C:\Program Files\005\cyycfhtzro64.exe
2013-11-15 18:50 - 2010-08-26 17:48 - 00285152 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
2013-11-15 18:50 - 2010-08-26 17:47 - 04577760 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe
2014-02-12 19:58 - 2014-02-12 19:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-15 18:50 - 2010-07-09 16:38 - 00331776 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll
2013-11-15 18:50 - 2010-02-03 11:31 - 00282624 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvcLib.dll
2014-04-13 10:40 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\Patti\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-04-13 10:40 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\Patti\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
2014-12-12 07:49 - 2014-12-05 20:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-12 07:49 - 2014-12-05 20:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:30997E0F
AlternateDataStreams: C:\ProgramData\TEMP:34BCB6A9
AlternateDataStreams: C:\ProgramData\TEMP:7C3E753C
AlternateDataStreams: C:\ProgramData\TEMP:87EF2A8F
AlternateDataStreams: C:\ProgramData\TEMP:ABCD2B94
AlternateDataStreams: C:\ProgramData\TEMP:B0456F0C
AlternateDataStreams: C:\ProgramData\TEMP:C46995DA
AlternateDataStreams: C:\ProgramData\TEMP:FAC5BCF5
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-1478845872-4263262292-354051888-500 - Administrator - Disabled)
Guest (S-1-5-21-1478845872-4263262292-354051888-501 - Limited - Disabled)
Patti (S-1-5-21-1478845872-4263262292-354051888-1000 - Administrator - Enabled) => C:\Users\Patti
 
==================== Faulty Device Manager Devices =============
 
Could not list Devices. Check "winmgmt" service or repair WMI.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/27/2014 06:13:39 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\PATTI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\PEPPER DATA\SHOCKWAVE FLASH\WRITABLEROOT\#SHAREDOBJECTS\HY5AJ8TP\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\SETTINGS.SOL> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (12/27/2014 06:13:39 PM) (Source: Windows Search Service) (EventID: 3013) (User: )
Description: The entry <C:\USERS\PATTI\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\PEPPER DATA\SHOCKWAVE FLASH\WRITABLEROOT\#SHAREDOBJECTS\HY5AJ8TP\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\SETTINGS.SOL> in the hash map cannot be updated.
 
Context:  Application, SystemIndex Catalog
 
 
Details:
A device attached to the system is not functioning.   (0x8007001f)
 
Error: (12/27/2014 05:14:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4992
 
Error: (12/27/2014 05:14:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4992
 
Error: (12/27/2014 05:14:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (12/27/2014 05:14:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1997
 
Error: (12/27/2014 05:14:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1997
 
Error: (12/27/2014 05:14:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (12/27/2014 05:14:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 998
 
Error: (12/27/2014 05:14:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 998
 
 
System errors:
=============
Error: (12/28/2014 05:24:53 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {A47979D2-C419-11D9-A5B4-001185AD2B89}
 
Error: (12/28/2014 05:24:23 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {A47979D2-C419-11D9-A5B4-001185AD2B89}
 
Error: (12/27/2014 05:16:33 PM) (Source: Dhcp) (EventID: 1001) (User: )
Description: Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 4494FC19BE01.  The following error occurred: 
%%121. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
 
Error: (12/27/2014 05:15:24 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {A47979D2-C419-11D9-A5B4-001185AD2B89}
 
Error: (12/27/2014 05:14:54 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {A47979D2-C419-11D9-A5B4-001185AD2B89}
 
Error: (12/26/2014 06:43:48 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000WSWNA3100
 
Error: (12/26/2014 06:43:18 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000WSWNA3100
 
Error: (12/26/2014 06:42:48 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000WSWNA3100
 
Error: (12/26/2014 06:42:18 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000WSWNA3100
 
Error: (12/26/2014 06:41:48 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: 30000WSWNA3100
 
 
Microsoft Office Sessions:
=========================
Error: (12/24/2014 05:48:51 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6713.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 88954 seconds with 780 seconds of active time.  This session ended with a crash.
 
Error: (12/21/2014 09:23:07 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6713.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 27 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (12/19/2014 10:19:11 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6713.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 14964 seconds with 3420 seconds of active time.  This session ended with a crash.
 
Error: (10/30/2014 07:19:35 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6705.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 9079 seconds with 420 seconds of active time.  This session ended with a crash.
 
Error: (10/17/2014 08:13:38 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6705.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 10135 seconds with 180 seconds of active time.  This session ended with a crash.
 
Error: (09/10/2014 09:27:13 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6700.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 96 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error: (05/22/2014 10:47:35 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2784 seconds with 900 seconds of active time.  This session ended with a crash.
 
Error: (02/27/2011 04:43:36 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (02/10/2011 09:58:42 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (02/27/2010 10:45:38 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7765 seconds with 360 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2013-04-14 16:03:10.534
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-14 16:03:10.389
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-14 16:03:10.239
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-14 16:03:10.094
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-14 16:03:09.954
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-14 16:03:09.809
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22713_none_0fbe86f737e6a8d6\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-14 16:03:09.619
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-14 16:03:09.474
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-14 16:03:09.324
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2013-04-14 16:03:09.179
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\winsxs\amd64_microsoft-windows-tcpip-binaries_31bf3856ad364e35_6.0.6001.22636_none_0fabe61737f42f96\tcpip.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core2 Quad CPU Q9400 @ 2.66GHz
Percentage of memory in use: 71%
Total physical RAM: 4085.25 MB
Available physical RAM: 1155.9 MB
Total Pagefile: 8389.78 MB
Available Pagefile: 5522.69 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.51 GB) (Free:704.3 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive i: (OneTouch4 Plus) (Fixed) (Total:465.76 GB) (Free:140.54 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 94083B87)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 97B5DA41)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
Link to post
Share on other sites

FRST.gif Fix with Farbar Recovery Scan Tool
 



icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

 
Download attached fixlist.txt file and save it to the Desktop:
 
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.
 
 
 
 
 
adwcleaner_new.png Fix with AdwCleaner
 
Please download AdwCleaner by Xplode and save the file to your Desktop.

  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait until the database is updated.
  • Accept the Terms of use and click Scan.
  • When finished, please click Clean.
  • Upon completion, click Report. A log (AdwCleaner[s*].txt) will open.

Please include the contents of that file in your reply.
 
Note: Reports will be saved in your system partition, usually at C:\Adwcleaner

fixlist.txt

Link to post
Share on other sites

# AdwCleaner v4.106 - Report created 29/12/2014 at 11:34:14
# Updated 21/12/2014 by Xplode
# Database : 2014-12-28.1 [Live]
# Operating System : Windows Vista Home Premium Service Pack 2 (64 bits)
# Username : Patti - PATTI-PC
# Running from : C:\Users\Patti\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : CouponArificService64

***** [ Files / Folders ] *****

[!] Folder Deleted : C:\ProgramData\apn
[!] Folder Deleted : C:\ProgramData\Trymedia
[!] Folder Deleted : C:\Users\All Users\apn
[!] Folder Deleted : C:\Users\All Users\Trymedia
[!] Folder Deleted : C:\Users\Patti\AppData\LocalLow\DataMngr
[!] Folder Deleted : C:\Users\Patti\AppData\LocalLow\FunWebProducts
[!] Folder Deleted : C:\Users\Patti\AppData\LocalLow\MyWebSearch
[!] Folder Deleted : C:\Users\Patti\AppData\LocalLow\Datamngr
[!] Folder Deleted : C:\Users\Patti\AppData\Roaming\Advanced System Protector
[!] Folder Deleted : C:\Users\Patti\AppData\Roaming\Systweak
[!] Folder Deleted : C:\Users\Patti\AppData\Roaming\cloudbkp
File Deleted : C:\Windows\Downloaded Program Files\popcaploader.inf
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Patti\Desktop\Continue Live Installation.lnk
File Deleted : C:\Users\Patti\Desktop\Live PC Help.lnk

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\Software\Classes\popcaploader.popcaploaderctrl2
Key Deleted : HKLM\Software\Classes\popcaploader.popcaploaderctrl2.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DB507187-9746-458C-97DA-C458131EEDE7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E4E3E0F8-CD30-4380-8CE9-B96904BDEFCA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE8A736F-4124-4D9C-B4B1-3B12381EFABE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C9C5DEAF-0A1F-4660-8279-9EDFAD6FEFE1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\distromatic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\UpdateFiles
Key Deleted : HKCU\Software\StormWatchApp
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Trymedia Systems
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Amazon Browser Settings
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\mywebsearch bar uninstall
Key Deleted : [x64] HKLM\SOFTWARE\AllDaySavings
Key Deleted : [x64] HKLM\SOFTWARE\AllDaySavings
Key Deleted : [x64] HKLM\SOFTWARE\couponarific

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16599

Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Bar]

-\\ Google Chrome v39.0.2171.95

[C:\Users\Patti\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\Patti\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Patti\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.nydailynews.com/search-results/search-results-7.113?q={searchTerms}&selecturl=site
[C:\Users\Patti\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.wayfair.com/keyword.php?keyword={searchTerms}&ust=&command=dosearch&new_keyword_search=true
[C:\Users\Patti\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.default-search.net/search?sid=492&aid=100&itype=n&ver=12283&tm=320&src=ds&p={searchTerms}
[C:\Users\Patti\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.foxnews.com/search-results/search?q={searchTerms}&submit=Search&ss=fn
[C:\Users\Patti\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3330390&octid=EB_ORIGINAL_CTID&ISID=MBDB1ACF7-1ED6-49CA-90F4-5AEEC686FB42&SearchSource=58&CUI=&UM=6&UP=SP88C34C93-B72E-419A-A88E-8AADDA8F7F97&q={searchTerms}&SSPV=
[C:\Users\Patti\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3330390&octid=EB_ORIGINAL_CTID&ISID=MBDB1ACF7-1ED6-49CA-90F4-5AEEC686FB42&SearchSource=58&CUI=&UM=6&UP=SP88C34C93-B72E-419A-A88E-8AADDA8F7F97&q={searchTerms}&SSPV=
[C:\Users\Patti\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.foodnetwork.com/search/search-results.html?searchTerm={searchTerms}&form=global&_charset_=UTF-8

*************************

AdwCleaner[R0].txt - [11548 octets] - [29/12/2014 11:29:12]
AdwCleaner[s0].txt - [8880 octets] - [29/12/2014 11:34:14]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [8940 octets] ##########

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 28-12-2014
Ran by Patti at 2014-12-29 11:12:48 Run:1
Running from C:\Users\Patti\Desktop
Loaded Profile: Patti (Available profiles: Patti)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
closeprocesses:
emptytemp:
C:\Program Files (x86)\B021CBBD-E38E-4F8C-8E93-6624B0597A23
C:\Program Files\005
HKU\S-1-5-21-1478845872-4263262292-354051888-1000\...\MountPoints2: {85fbdf62-13cd-11e0-b3d9-0026185415aa} - K:\LaunchU3.exe -a
AppInit_DLLs-x32: C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL => "C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL" File Not Found
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://search.mywebs...r={searchTerms}
SearchScopes: HKU\S-1-5-21-1478845872-4263262292-354051888-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: No Name -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} ->  No File
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3330390&octid=EB_ORIGINAL_CTID&ISID=MBDB1ACF7-1ED6-49CA-90F4-5AEEC686FB42&SearchSource=55&CUI=&UM=6&UP=SP88C34C93-B72E-419A-A88E-8AADDA8F7F97&SSPV=
CHR StartupUrls: Default -> "hxxp://www.google.com/"
R2 AllDaySavingsService64; C:\Program Files (x86)\B021CBBD-E38E-4F8C-8E93-6624B0597A23\etmajyzoqm64.exe [172544 2014-07-31] () [File not signed]
R2 cyycfhtzro64; C:\Program Files\005\cyycfhtzro64.exe [709120 2014-08-09] () [File not signed]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20080829.024\EX64.SYS [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S1 SRTSP; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSP64.SYS [X]
S1 SRTSPX; \??\C:\Windows\system32\drivers\NISx64\1000000.07D\SRTSPX64.SYS [X]
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [56528 2014-11-19] (NetFilterSDK.com)
C:\Windows\System32\drivers\netfilter64.sys
Task: {3B5D64EE-15CC-4E16-9E88-8DA8C6439297} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
C:\Program Files (x86)\MyPC Backup
AlternateDataStreams: C:\ProgramData\TEMP:30997E0F
AlternateDataStreams: C:\ProgramData\TEMP:34BCB6A9
AlternateDataStreams: C:\ProgramData\TEMP:7C3E753C
AlternateDataStreams: C:\ProgramData\TEMP:87EF2A8F
AlternateDataStreams: C:\ProgramData\TEMP:ABCD2B94
AlternateDataStreams: C:\ProgramData\TEMP:B0456F0C
AlternateDataStreams: C:\ProgramData\TEMP:C46995DA
AlternateDataStreams: C:\ProgramData\TEMP:FAC5BCF5

*****************

Processes closed successfully.
C:\Program Files (x86)\B021CBBD-E38E-4F8C-8E93-6624B0597A23 => Moved successfully.
C:\Program Files\005 => Moved successfully.
"HKU\S-1-5-21-1478845872-4263262292-354051888-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{85fbdf62-13cd-11e0-b3d9-0026185415aa}" => Key deleted successfully.
HKCR\CLSID\{85fbdf62-13cd-11e0-b3d9-0026185415aa} => Key not found.
"C:\PROGRA~2\Amazon\AMAZON~1\\AMAZON~3.DLL" => Value Data removed successfully.
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{38bc6857-67fa-4358-afae-28e0f9ad2128}" => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{38bc6857-67fa-4358-afae-28e0f9ad2128} => Key not found.
HKU\S-1-5-21-1478845872-4263262292-354051888-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => Key deleted successfully.
HKCR\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} => Key not found.
Chrome HomePage deleted successfully.
Chrome StartupUrls deleted successfully.
AllDaySavingsService64 => Service deleted successfully.
cyycfhtzro64 => Service deleted successfully.
IpInIp => Service deleted successfully.
NAVENG => Service deleted successfully.
NAVEX15 => Service deleted successfully.
NwlnkFlt => Service deleted successfully.
NwlnkFwd => Service deleted successfully.
SRTSP => Service deleted successfully.
SRTSPX => Service deleted successfully.
netfilter64 => Unable to stop service
netfilter64 => Service deleted successfully.
C:\Windows\System32\drivers\netfilter64.sys => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3B5D64EE-15CC-4E16-9E88-8DA8C6439297}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3B5D64EE-15CC-4E16-9E88-8DA8C6439297}" => Key deleted successfully.
C:\Windows\System32\Tasks\LaunchSignup => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup" => Key deleted successfully.
C:\Program Files (x86)\MyPC Backup => Moved successfully.
C:\ProgramData\TEMP => ":30997E0F" ADS removed successfully.
C:\ProgramData\TEMP => ":34BCB6A9" ADS removed successfully.
C:\ProgramData\TEMP => ":7C3E753C" ADS removed successfully.
C:\ProgramData\TEMP => ":87EF2A8F" ADS removed successfully.
C:\ProgramData\TEMP => ":ABCD2B94" ADS removed successfully.
C:\ProgramData\TEMP => ":B0456F0C" ADS removed successfully.
C:\ProgramData\TEMP => ":C46995DA" ADS removed successfully.
C:\ProgramData\TEMP => ":FAC5BCF5" ADS removed successfully.
EmptyTemp: => Removed 1.1 GB temporary data.

The system needed a reboot.

==== End of Fixlog 11:13:15 ====

 

Thank you so much for your continued help! I will donate when we are finished.

Link to post
Share on other sites

Very good. I think we cleaned the infection. Let's try to enable MalwareBytes now:
 
 
mbam-old.png Uninstall outdated Malwarebytes' Anti-Malware
 
Please download MBAM-clean and save it to your desktop.

  • Right-click on mbam-clean.exe icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • It will ask you to reboot the machine - please do so.

After that follow my next instructions to download & install the newset MBAM version.
 
 
 
51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware
 
Please download Malwarebytes Anti-Malware and save it to your desktop.

  • Install the progam and select update.
  • Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.
  • Click the Scan tab, choose Threat Scan is checked and click Scan Now.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • At the bottom click Export and choose Text file.

Save the file to your desktop and include its content in your next reply.

Link to post
Share on other sites

A few questions: I have uninstalled Malwarebytes. In order to reinstall, it says to tempoarily turn off other antivirus software. I am using Windows Defender, but I can't figure out how to turn it off only temporarily. Also, do I need to use Malwarebytes at all? I will reinstall if you think it necessary but since it seems to have caused problems I thought I would ask.

Also, should I uninstall Google Chrome before continuing, and then reinstall once I am done? I did receive a brief error message that a file in Chrome was corrupt, but the message disappeared quickly and I could not look into it more. I am still unable to download files if I am using Chrome as the browser.

Thanks!

Link to post
Share on other sites

No, you do not need to disable antivirus because you do not have one. Having Antivirus installed is mandatory, you must install it immediately.

 

MalwareBytes is great software to have, it works along with your antivirus and is primary focused on thing Antivirus often miss, like Adware, Spyware etc.

 

You can reinstall Chrome too.

Link to post
Share on other sites

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12/30/2014
Scan Time: 4:08:36 PM
Logfile: Malware Scan 1.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.30.08
Rootkit Database: v2014.12.30.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x64
File System: NTFS
User: Patti

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 349706
Time Elapsed: 8 min, 45 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.CouponArific.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\couponarific, Quarantined, [3dc3c5a487f5f145b44dafba5da6cf31],

Registry Values: 1
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|m3ffxtbr@mywebsearch.com, C:\Program Files (x86)\MyWebSearch\bar\1.bin, Quarantined, [26da77f283f90b2baf33c0cca2613cc4]

Registry Data: 0
(No malicious items detected)

Folders: 13
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MindDabble_4pEI, Delete-on-Reboot, [14ec4524740820162cde4ee716ed45bb],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MindDabble_4pEI\Installr, Delete-on-Reboot, [14ec4524740820162cde4ee716ed45bb],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MindDabble_4pEI\Installr\1.bin, Delete-on-Reboot, [14ec4524740820162cde4ee716ed45bb],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MindDabble_4pEI\Installr\1.bin\chrome, Quarantined, [14ec4524740820162cde4ee716ed45bb],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p, Delete-on-Reboot, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar, Delete-on-Reboot, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg, Delete-on-Reboot, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI, Delete-on-Reboot, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI\Installr, Delete-on-Reboot, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI\Installr\Cache, Quarantined, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.BrowserManager.A, C:\Program Files (x86)\FUPM Browser, Quarantined, [13edf376502c9c9aaaa7004c7a894eb2],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8, Quarantined, [f9072f3a770551e500ede07c20e3847c],

Files: 88
PUP.Optional.IBryte, C:\Users\Patti\Downloads\Driver_Update_Setup.exe, Quarantined, [4db3c1a8ee8ea78f64090cb2f20f649c],
PUP.Optional.OptimunInstaller, C:\Users\Patti\Downloads\fl_setup.exe, Quarantined, [38c83e2bafcd57dfbd424cfdf30d2dd3],
PUP.Optional.OptimumInstaller.A, C:\Users\Patti\Downloads\Java_Updater_Setup (1).exe, Quarantined, [a45c3b2e8defd4621824da93bb4637c9],
PUP.Optional.OptimumInstaller.A, C:\Users\Patti\Downloads\Java_Updater_Setup (2).exe, Quarantined, [30d0482133496fc7d26a3c31d13036ca],
PUP.Optional.iBryte, C:\Users\Patti\Downloads\Java_Updater_Setup (3).exe, Quarantined, [5fa100691d5f063005e7c3fb57aab14f],
PUP.Optional.iBryte, C:\Users\Patti\Downloads\Java_Updater_Setup (5).exe, Quarantined, [c33d1752cdaf73c37b716757c73ade22],
PUP.Optional.OptimumInstaller.A, C:\Users\Patti\Downloads\Java_Updater_Setup.exe, Quarantined, [7987e782324ae94dd7653934a0615da3],
PUP.Optional.iBryte, C:\Users\Patti\Downloads\Java_Updater_Setup (4).exe, Quarantined, [11ef3e2bdca0b87e6c8015a9ab567987],
PUP.Optional.ChromeHitory.A, C:\Users\Patti\AppData\Local\ChromeHitoryDB, Quarantined, [817f2940265689ad15f52044c43f926e],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ldb.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lobm.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\btmarrow.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\cancel.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\config.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\continue.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\dispatch.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\divider.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\gcancel.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\index.htm, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\infobar.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\jquery.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\la.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lbcs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lbms.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lca.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lcfc.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lcm.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lcs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lcso.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lctn.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ldbg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lddg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lff.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lffb.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lgs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lgw.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lha.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lhp.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lia.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\liwon.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lkazulah.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmd.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmfc.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmh.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmma.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmosh.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmwf.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmws.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\loryte.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lpss.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lqc.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lrb.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lrg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lrr.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lsc.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lscr.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lsi.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lssd.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ltrs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ltvf.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lvs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lwb.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lwf.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lzwinky.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\mgaddons.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ok.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\overlay.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\pid.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\qstring.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\shield.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\spacer.swf, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\toolbar.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\yelgrey.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\yellowbg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\zEnable.css, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\zEnable.htm, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\zEnable.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI\Installr\Cache\08AB7C0F.exe, Quarantined, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI\Installr\Cache\files.ini, Quarantined, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\64.ico, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\libeay32.dll, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\nfapi.dll, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\nfregdrv.exe, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\ProtocolFilters.dll, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\ssleay32.dll, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\xtloowpkjv64.exe, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.Conduit, C:\Users\Patti\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "suggest_url": "http://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}",), Replaced,[7f81c0a96d0f1323b13f6952de272ed2]

Physical Sectors: 0
(No malicious items detected)

(end)Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12/30/2014
Scan Time: 4:08:36 PM
Logfile: Malware Scan 1.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.30.08
Rootkit Database: v2014.12.30.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x64
File System: NTFS
User: Patti

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 349706
Time Elapsed: 8 min, 45 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.CouponArific.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\couponarific, Quarantined, [3dc3c5a487f5f145b44dafba5da6cf31],

Registry Values: 1
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|m3ffxtbr@mywebsearch.com, C:\Program Files (x86)\MyWebSearch\bar\1.bin, Quarantined, [26da77f283f90b2baf33c0cca2613cc4]

Registry Data: 0
(No malicious items detected)

Folders: 13
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MindDabble_4pEI, Delete-on-Reboot, [14ec4524740820162cde4ee716ed45bb],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MindDabble_4pEI\Installr, Delete-on-Reboot, [14ec4524740820162cde4ee716ed45bb],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MindDabble_4pEI\Installr\1.bin, Delete-on-Reboot, [14ec4524740820162cde4ee716ed45bb],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MindDabble_4pEI\Installr\1.bin\chrome, Quarantined, [14ec4524740820162cde4ee716ed45bb],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p, Delete-on-Reboot, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar, Delete-on-Reboot, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg, Delete-on-Reboot, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI, Delete-on-Reboot, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI\Installr, Delete-on-Reboot, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI\Installr\Cache, Quarantined, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.BrowserManager.A, C:\Program Files (x86)\FUPM Browser, Quarantined, [13edf376502c9c9aaaa7004c7a894eb2],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8, Quarantined, [f9072f3a770551e500ede07c20e3847c],

Files: 88
PUP.Optional.IBryte, C:\Users\Patti\Downloads\Driver_Update_Setup.exe, Quarantined, [4db3c1a8ee8ea78f64090cb2f20f649c],
PUP.Optional.OptimunInstaller, C:\Users\Patti\Downloads\fl_setup.exe, Quarantined, [38c83e2bafcd57dfbd424cfdf30d2dd3],
PUP.Optional.OptimumInstaller.A, C:\Users\Patti\Downloads\Java_Updater_Setup (1).exe, Quarantined, [a45c3b2e8defd4621824da93bb4637c9],
PUP.Optional.OptimumInstaller.A, C:\Users\Patti\Downloads\Java_Updater_Setup (2).exe, Quarantined, [30d0482133496fc7d26a3c31d13036ca],
PUP.Optional.iBryte, C:\Users\Patti\Downloads\Java_Updater_Setup (3).exe, Quarantined, [5fa100691d5f063005e7c3fb57aab14f],
PUP.Optional.iBryte, C:\Users\Patti\Downloads\Java_Updater_Setup (5).exe, Quarantined, [c33d1752cdaf73c37b716757c73ade22],
PUP.Optional.OptimumInstaller.A, C:\Users\Patti\Downloads\Java_Updater_Setup.exe, Quarantined, [7987e782324ae94dd7653934a0615da3],
PUP.Optional.iBryte, C:\Users\Patti\Downloads\Java_Updater_Setup (4).exe, Quarantined, [11ef3e2bdca0b87e6c8015a9ab567987],
PUP.Optional.ChromeHitory.A, C:\Users\Patti\AppData\Local\ChromeHitoryDB, Quarantined, [817f2940265689ad15f52044c43f926e],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ldb.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lobm.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\btmarrow.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\cancel.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\config.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\continue.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\dispatch.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\divider.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\gcancel.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\index.htm, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\infobar.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\jquery.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\la.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lbcs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lbms.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lca.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lcfc.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lcm.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lcs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lcso.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lctn.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ldbg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lddg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lff.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lffb.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lgs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lgw.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lha.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lhp.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lia.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\liwon.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lkazulah.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmd.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmfc.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmh.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmma.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmosh.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmwf.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmws.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\loryte.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lpss.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lqc.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lrb.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lrg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lrr.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lsc.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lscr.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lsi.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lssd.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ltrs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ltvf.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lvs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lwb.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lwf.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lzwinky.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\mgaddons.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ok.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\overlay.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\pid.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\qstring.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\shield.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\spacer.swf, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\toolbar.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\yelgrey.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\yellowbg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\zEnable.css, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\zEnable.htm, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\zEnable.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI\Installr\Cache\08AB7C0F.exe, Quarantined, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI\Installr\Cache\files.ini, Quarantined, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\64.ico, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\libeay32.dll, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\nfapi.dll, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\nfregdrv.exe, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\ProtocolFilters.dll, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\ssleay32.dll, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\xtloowpkjv64.exe, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.Conduit, C:\Users\Patti\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "suggest_url": "http://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}",), Replaced,[7f81c0a96d0f1323b13f6952de272ed2]

Physical Sectors: 0
(No malicious items detected)

(end)Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12/30/2014
Scan Time: 4:08:36 PM
Logfile: Malware Scan 1.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.30.08
Rootkit Database: v2014.12.30.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x64
File System: NTFS
User: Patti

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 349706
Time Elapsed: 8 min, 45 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.CouponArific.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\couponarific, Quarantined, [3dc3c5a487f5f145b44dafba5da6cf31],

Registry Values: 1
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|m3ffxtbr@mywebsearch.com, C:\Program Files (x86)\MyWebSearch\bar\1.bin, Quarantined, [26da77f283f90b2baf33c0cca2613cc4]

Registry Data: 0
(No malicious items detected)

Folders: 13
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MindDabble_4pEI, Delete-on-Reboot, [14ec4524740820162cde4ee716ed45bb],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MindDabble_4pEI\Installr, Delete-on-Reboot, [14ec4524740820162cde4ee716ed45bb],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MindDabble_4pEI\Installr\1.bin, Delete-on-Reboot, [14ec4524740820162cde4ee716ed45bb],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MindDabble_4pEI\Installr\1.bin\chrome, Quarantined, [14ec4524740820162cde4ee716ed45bb],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p, Delete-on-Reboot, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar, Delete-on-Reboot, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg, Delete-on-Reboot, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI, Delete-on-Reboot, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI\Installr, Delete-on-Reboot, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI\Installr\Cache, Quarantined, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.BrowserManager.A, C:\Program Files (x86)\FUPM Browser, Quarantined, [13edf376502c9c9aaaa7004c7a894eb2],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8, Quarantined, [f9072f3a770551e500ede07c20e3847c],

Files: 88
PUP.Optional.IBryte, C:\Users\Patti\Downloads\Driver_Update_Setup.exe, Quarantined, [4db3c1a8ee8ea78f64090cb2f20f649c],
PUP.Optional.OptimunInstaller, C:\Users\Patti\Downloads\fl_setup.exe, Quarantined, [38c83e2bafcd57dfbd424cfdf30d2dd3],
PUP.Optional.OptimumInstaller.A, C:\Users\Patti\Downloads\Java_Updater_Setup (1).exe, Quarantined, [a45c3b2e8defd4621824da93bb4637c9],
PUP.Optional.OptimumInstaller.A, C:\Users\Patti\Downloads\Java_Updater_Setup (2).exe, Quarantined, [30d0482133496fc7d26a3c31d13036ca],
PUP.Optional.iBryte, C:\Users\Patti\Downloads\Java_Updater_Setup (3).exe, Quarantined, [5fa100691d5f063005e7c3fb57aab14f],
PUP.Optional.iBryte, C:\Users\Patti\Downloads\Java_Updater_Setup (5).exe, Quarantined, [c33d1752cdaf73c37b716757c73ade22],
PUP.Optional.OptimumInstaller.A, C:\Users\Patti\Downloads\Java_Updater_Setup.exe, Quarantined, [7987e782324ae94dd7653934a0615da3],
PUP.Optional.iBryte, C:\Users\Patti\Downloads\Java_Updater_Setup (4).exe, Quarantined, [11ef3e2bdca0b87e6c8015a9ab567987],
PUP.Optional.ChromeHitory.A, C:\Users\Patti\AppData\Local\ChromeHitoryDB, Quarantined, [817f2940265689ad15f52044c43f926e],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ldb.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lobm.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\btmarrow.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\cancel.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\config.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\continue.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\dispatch.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\divider.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\gcancel.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\index.htm, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\infobar.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\jquery.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\la.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lbcs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lbms.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lca.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lcfc.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lcm.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lcs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lcso.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lctn.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ldbg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lddg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lff.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lffb.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lgs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lgw.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lha.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lhp.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lia.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\liwon.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lkazulah.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmd.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmfc.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmh.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmma.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmosh.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmwf.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmws.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\loryte.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lpss.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lqc.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lrb.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lrg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lrr.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lsc.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lscr.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lsi.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lssd.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ltrs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ltvf.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lvs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lwb.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lwf.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lzwinky.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\mgaddons.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ok.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\overlay.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\pid.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\qstring.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\shield.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\spacer.swf, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\toolbar.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\yelgrey.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\yellowbg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\zEnable.css, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\zEnable.htm, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\zEnable.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI\Installr\Cache\08AB7C0F.exe, Quarantined, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI\Installr\Cache\files.ini, Quarantined, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\64.ico, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\libeay32.dll, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\nfapi.dll, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\nfregdrv.exe, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\ProtocolFilters.dll, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\ssleay32.dll, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\xtloowpkjv64.exe, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.Conduit, C:\Users\Patti\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "suggest_url": "http://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}",), Replaced,[7f81c0a96d0f1323b13f6952de272ed2]

Physical Sectors: 0
(No malicious items detected)

(end)Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12/30/2014
Scan Time: 4:08:36 PM
Logfile: Malware Scan 1.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.30.08
Rootkit Database: v2014.12.30.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x64
File System: NTFS
User: Patti

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 349706
Time Elapsed: 8 min, 45 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.CouponArific.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\couponarific, Quarantined, [3dc3c5a487f5f145b44dafba5da6cf31],

Registry Values: 1
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|m3ffxtbr@mywebsearch.com, C:\Program Files (x86)\MyWebSearch\bar\1.bin, Quarantined, [26da77f283f90b2baf33c0cca2613cc4]

Registry Data: 0
(No malicious items detected)

Folders: 13
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MindDabble_4pEI, Delete-on-Reboot, [14ec4524740820162cde4ee716ed45bb],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MindDabble_4pEI\Installr, Delete-on-Reboot, [14ec4524740820162cde4ee716ed45bb],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MindDabble_4pEI\Installr\1.bin, Delete-on-Reboot, [14ec4524740820162cde4ee716ed45bb],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MindDabble_4pEI\Installr\1.bin\chrome, Quarantined, [14ec4524740820162cde4ee716ed45bb],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p, Delete-on-Reboot, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar, Delete-on-Reboot, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg, Delete-on-Reboot, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI, Delete-on-Reboot, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI\Installr, Delete-on-Reboot, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI\Installr\Cache, Quarantined, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.BrowserManager.A, C:\Program Files (x86)\FUPM Browser, Quarantined, [13edf376502c9c9aaaa7004c7a894eb2],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8, Quarantined, [f9072f3a770551e500ede07c20e3847c],

Files: 88
PUP.Optional.IBryte, C:\Users\Patti\Downloads\Driver_Update_Setup.exe, Quarantined, [4db3c1a8ee8ea78f64090cb2f20f649c],
PUP.Optional.OptimunInstaller, C:\Users\Patti\Downloads\fl_setup.exe, Quarantined, [38c83e2bafcd57dfbd424cfdf30d2dd3],
PUP.Optional.OptimumInstaller.A, C:\Users\Patti\Downloads\Java_Updater_Setup (1).exe, Quarantined, [a45c3b2e8defd4621824da93bb4637c9],
PUP.Optional.OptimumInstaller.A, C:\Users\Patti\Downloads\Java_Updater_Setup (2).exe, Quarantined, [30d0482133496fc7d26a3c31d13036ca],
PUP.Optional.iBryte, C:\Users\Patti\Downloads\Java_Updater_Setup (3).exe, Quarantined, [5fa100691d5f063005e7c3fb57aab14f],
PUP.Optional.iBryte, C:\Users\Patti\Downloads\Java_Updater_Setup (5).exe, Quarantined, [c33d1752cdaf73c37b716757c73ade22],
PUP.Optional.OptimumInstaller.A, C:\Users\Patti\Downloads\Java_Updater_Setup.exe, Quarantined, [7987e782324ae94dd7653934a0615da3],
PUP.Optional.iBryte, C:\Users\Patti\Downloads\Java_Updater_Setup (4).exe, Quarantined, [11ef3e2bdca0b87e6c8015a9ab567987],
PUP.Optional.ChromeHitory.A, C:\Users\Patti\AppData\Local\ChromeHitoryDB, Quarantined, [817f2940265689ad15f52044c43f926e],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ldb.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lobm.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\btmarrow.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\cancel.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\config.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\continue.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\dispatch.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\divider.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\gcancel.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\index.htm, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\infobar.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\jquery.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\la.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lbcs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lbms.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lca.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lcfc.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lcm.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lcs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lcso.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lctn.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ldbg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lddg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lff.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lffb.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lgs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lgw.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lha.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lhp.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lia.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\liwon.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lkazulah.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmd.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmfc.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmh.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmma.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmosh.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmwf.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmws.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\loryte.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lpss.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lqc.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lrb.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lrg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lrr.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lsc.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lscr.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lsi.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lssd.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ltrs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ltvf.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lvs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lwb.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lwf.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lzwinky.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\mgaddons.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ok.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\overlay.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\pid.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\qstring.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\shield.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\spacer.swf, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\toolbar.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\yelgrey.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\yellowbg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\zEnable.css, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\zEnable.htm, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\zEnable.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI\Installr\Cache\08AB7C0F.exe, Quarantined, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI\Installr\Cache\files.ini, Quarantined, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\64.ico, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\libeay32.dll, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\nfapi.dll, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\nfregdrv.exe, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\ProtocolFilters.dll, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\ssleay32.dll, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\xtloowpkjv64.exe, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.Conduit, C:\Users\Patti\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "suggest_url": "http://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}",), Replaced,[7f81c0a96d0f1323b13f6952de272ed2]

Physical Sectors: 0
(No malicious items detected)

(end)Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12/30/2014
Scan Time: 4:08:36 PM
Logfile: Malware Scan 1.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.30.08
Rootkit Database: v2014.12.30.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x64
File System: NTFS
User: Patti

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 349706
Time Elapsed: 8 min, 45 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.CouponArific.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\couponarific, Quarantined, [3dc3c5a487f5f145b44dafba5da6cf31],

Registry Values: 1
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|m3ffxtbr@mywebsearch.com, C:\Program Files (x86)\MyWebSearch\bar\1.bin, Quarantined, [26da77f283f90b2baf33c0cca2613cc4]

Registry Data: 0
(No malicious items detected)

Folders: 13
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MindDabble_4pEI, Delete-on-Reboot, [14ec4524740820162cde4ee716ed45bb],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MindDabble_4pEI\Installr, Delete-on-Reboot, [14ec4524740820162cde4ee716ed45bb],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MindDabble_4pEI\Installr\1.bin, Delete-on-Reboot, [14ec4524740820162cde4ee716ed45bb],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MindDabble_4pEI\Installr\1.bin\chrome, Quarantined, [14ec4524740820162cde4ee716ed45bb],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p, Delete-on-Reboot, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar, Delete-on-Reboot, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg, Delete-on-Reboot, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI, Delete-on-Reboot, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI\Installr, Delete-on-Reboot, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI\Installr\Cache, Quarantined, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.BrowserManager.A, C:\Program Files (x86)\FUPM Browser, Quarantined, [13edf376502c9c9aaaa7004c7a894eb2],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8, Quarantined, [f9072f3a770551e500ede07c20e3847c],

Files: 88
PUP.Optional.IBryte, C:\Users\Patti\Downloads\Driver_Update_Setup.exe, Quarantined, [4db3c1a8ee8ea78f64090cb2f20f649c],
PUP.Optional.OptimunInstaller, C:\Users\Patti\Downloads\fl_setup.exe, Quarantined, [38c83e2bafcd57dfbd424cfdf30d2dd3],
PUP.Optional.OptimumInstaller.A, C:\Users\Patti\Downloads\Java_Updater_Setup (1).exe, Quarantined, [a45c3b2e8defd4621824da93bb4637c9],
PUP.Optional.OptimumInstaller.A, C:\Users\Patti\Downloads\Java_Updater_Setup (2).exe, Quarantined, [30d0482133496fc7d26a3c31d13036ca],
PUP.Optional.iBryte, C:\Users\Patti\Downloads\Java_Updater_Setup (3).exe, Quarantined, [5fa100691d5f063005e7c3fb57aab14f],
PUP.Optional.iBryte, C:\Users\Patti\Downloads\Java_Updater_Setup (5).exe, Quarantined, [c33d1752cdaf73c37b716757c73ade22],
PUP.Optional.OptimumInstaller.A, C:\Users\Patti\Downloads\Java_Updater_Setup.exe, Quarantined, [7987e782324ae94dd7653934a0615da3],
PUP.Optional.iBryte, C:\Users\Patti\Downloads\Java_Updater_Setup (4).exe, Quarantined, [11ef3e2bdca0b87e6c8015a9ab567987],
PUP.Optional.ChromeHitory.A, C:\Users\Patti\AppData\Local\ChromeHitoryDB, Quarantined, [817f2940265689ad15f52044c43f926e],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ldb.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lobm.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\btmarrow.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\cancel.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\config.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\continue.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\dispatch.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\divider.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\gcancel.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\index.htm, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\infobar.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\jquery.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\la.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lbcs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lbms.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lca.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lcfc.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lcm.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lcs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lcso.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lctn.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ldbg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lddg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lff.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lffb.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lgs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lgw.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lha.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lhp.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lia.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\liwon.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lkazulah.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmd.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmfc.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmh.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmma.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmosh.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmwf.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmws.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\loryte.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lpss.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lqc.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lrb.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lrg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lrr.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lsc.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lscr.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lsi.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lssd.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ltrs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ltvf.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lvs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lwb.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lwf.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lzwinky.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\mgaddons.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ok.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\overlay.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\pid.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\qstring.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\shield.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\spacer.swf, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\toolbar.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\yelgrey.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\yellowbg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\zEnable.css, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\zEnable.htm, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\zEnable.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI\Installr\Cache\08AB7C0F.exe, Quarantined, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI\Installr\Cache\files.ini, Quarantined, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\64.ico, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\libeay32.dll, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\nfapi.dll, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\nfregdrv.exe, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\ProtocolFilters.dll, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\ssleay32.dll, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\xtloowpkjv64.exe, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.Conduit, C:\Users\Patti\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "suggest_url": "http://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}",), Replaced,[7f81c0a96d0f1323b13f6952de272ed2]

Physical Sectors: 0
(No malicious items detected)

(end)Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12/30/2014
Scan Time: 4:08:36 PM
Logfile: Malware Scan 1.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.30.08
Rootkit Database: v2014.12.30.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows Vista Service Pack 2
CPU: x64
File System: NTFS
User: Patti

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 349706
Time Elapsed: 8 min, 45 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.CouponArific.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\couponarific, Quarantined, [3dc3c5a487f5f145b44dafba5da6cf31],

Registry Values: 1
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|m3ffxtbr@mywebsearch.com, C:\Program Files (x86)\MyWebSearch\bar\1.bin, Quarantined, [26da77f283f90b2baf33c0cca2613cc4]

Registry Data: 0
(No malicious items detected)

Folders: 13
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MindDabble_4pEI, Delete-on-Reboot, [14ec4524740820162cde4ee716ed45bb],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MindDabble_4pEI\Installr, Delete-on-Reboot, [14ec4524740820162cde4ee716ed45bb],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MindDabble_4pEI\Installr\1.bin, Delete-on-Reboot, [14ec4524740820162cde4ee716ed45bb],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MindDabble_4pEI\Installr\1.bin\chrome, Quarantined, [14ec4524740820162cde4ee716ed45bb],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p, Delete-on-Reboot, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar, Delete-on-Reboot, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg, Delete-on-Reboot, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI, Delete-on-Reboot, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI\Installr, Delete-on-Reboot, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI\Installr\Cache, Quarantined, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.BrowserManager.A, C:\Program Files (x86)\FUPM Browser, Quarantined, [13edf376502c9c9aaaa7004c7a894eb2],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8, Quarantined, [f9072f3a770551e500ede07c20e3847c],

Files: 88
PUP.Optional.IBryte, C:\Users\Patti\Downloads\Driver_Update_Setup.exe, Quarantined, [4db3c1a8ee8ea78f64090cb2f20f649c],
PUP.Optional.OptimunInstaller, C:\Users\Patti\Downloads\fl_setup.exe, Quarantined, [38c83e2bafcd57dfbd424cfdf30d2dd3],
PUP.Optional.OptimumInstaller.A, C:\Users\Patti\Downloads\Java_Updater_Setup (1).exe, Quarantined, [a45c3b2e8defd4621824da93bb4637c9],
PUP.Optional.OptimumInstaller.A, C:\Users\Patti\Downloads\Java_Updater_Setup (2).exe, Quarantined, [30d0482133496fc7d26a3c31d13036ca],
PUP.Optional.iBryte, C:\Users\Patti\Downloads\Java_Updater_Setup (3).exe, Quarantined, [5fa100691d5f063005e7c3fb57aab14f],
PUP.Optional.iBryte, C:\Users\Patti\Downloads\Java_Updater_Setup (5).exe, Quarantined, [c33d1752cdaf73c37b716757c73ade22],
PUP.Optional.OptimumInstaller.A, C:\Users\Patti\Downloads\Java_Updater_Setup.exe, Quarantined, [7987e782324ae94dd7653934a0615da3],
PUP.Optional.iBryte, C:\Users\Patti\Downloads\Java_Updater_Setup (4).exe, Quarantined, [11ef3e2bdca0b87e6c8015a9ab567987],
PUP.Optional.ChromeHitory.A, C:\Users\Patti\AppData\Local\ChromeHitoryDB, Quarantined, [817f2940265689ad15f52044c43f926e],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ldb.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lobm.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\btmarrow.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\cancel.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\config.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\continue.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\dispatch.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\divider.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\gcancel.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\index.htm, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\infobar.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\jquery.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\la.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lbcs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lbms.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lca.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lcfc.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lcm.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lcs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lcso.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lctn.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ldbg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lddg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lff.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lffb.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lgs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lgw.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lha.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lhp.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lia.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\liwon.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lkazulah.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmd.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmfc.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmh.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmma.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmosh.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmwf.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lmws.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\loryte.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lpss.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lqc.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lrb.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lrg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lrr.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lsc.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lscr.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lsi.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lssd.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ltrs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ltvf.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lvs.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lwb.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lwf.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\lzwinky.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\mgaddons.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\ok.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\overlay.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\pid.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\qstring.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\shield.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\spacer.swf, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\toolbar.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\yelgrey.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\yellowbg.png, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\zEnable.css, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\zEnable.htm, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4p\bar\ie9mesg\COMMON\zEnable.js, Quarantined, [a65a7eebf5873ef861efd566f211c937],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI\Installr\Cache\08AB7C0F.exe, Quarantined, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.MindSpark.A, C:\Users\Patti\AppData\LocalLow\MindDabble_4pEI\Installr\Cache\files.ini, Quarantined, [966a94d5671552e4c48c58e3e61d629e],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\64.ico, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\libeay32.dll, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\nfapi.dll, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\nfregdrv.exe, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\ProtocolFilters.dll, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\ssleay32.dll, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.AdPeak.A, C:\Program Files (x86)\0892CCEA-3029-46F2-BD98-F3177431F5F8\xtloowpkjv64.exe, Quarantined, [f9072f3a770551e500ede07c20e3847c],
PUP.Optional.Conduit, C:\Users\Patti\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "suggest_url": "http://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}",), Replaced,[7f81c0a96d0f1323b13f6952de272ed2]

Physical Sectors: 0
(No malicious items detected)


 

 

(end)

Link to post
Share on other sites

I still cannot download any files or programs under Google Chrome, but since I can under Internet Explorer I don't think it will be a problem. My husband says it is running much faster than it was; I think it is somewhat better also. 

Thank you so much for the help! Is there anything else I need to do?

Link to post
Share on other sites

Good. Then just try with Chrome reinstall.
 
 
Glad I could help. We will delete all used tools and I'll give you some tips to harden your security and learn how to protect yourself :)
 
 

Recommended reading:

 
 
icon_exclaim.gifMUST READ - security tips:

icon_exclaim.gifMUST READ - general maintenance:

The Importance of Software Updating:

 

 
In order to stay protected it is very important that you regularly update all of your software. Cybercriminals depend on the apathy of users around software updates to keep their malicious endeavor running.
 
Operating systems, such as Windows, and applications, such as Adobe Reader or JAVA, are used by tens of millions of computers and devices around the world, making them a huge target for cybercriminals. Downloading updates and installing them can sometimes be tedious, but the advantages you get from the updates are certainly worth it.

Recommended additional software:

 
 
icon_arrow.gifTFC - to clean unneeded temporary files.
icon_arrow.gifMalwarebytes' Anti-Malware - to scan your system from time to time in search for malware.
icon_arrow.gifMalwarebytes' Anti-Exploit - to prevent plenty of mostly exploited vulnerabilities.
icon_arrow.gifMcShield - to prevent infections spread by removable media.
icon_arrow.gifUnchecky - to prevent from installing additional foistware, implemented in legitimate installations.
icon_arrow.gifAdblock - to surf the web without annoying ads! 
 
 

Post-cleanup procedures:

 

 
Download DelFix by Xplode and save it to your desktop.

  • Run the tool by right click on the 51a5ce45263de-delfix.png icon and Run as administrator option.
  • Make sure that these ones are checked:
    • Remove disinfection tools
    • Purge system restore
    • Reset system settings
  • Push Run.
  • The program will run for a few seconds and display a notepad report. You do not need to attach it.

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning. 
 
 
 


My help is free for everybody.

If you're happy with the help provided and/or wish to buy me a beer for the assistance you received, then you can consider a donation: 
btn_donateCC_LG.gif

 

Thank you!

 
 
Stay safe,
TwinHeadedEagle   :)

Link to post
Share on other sites

I am still working on what you sent me above. I really appreciate all the information. Another question for you- I have an external hard drive that is scheduled to automatically update. In case some of the infected files are copied onto it, should I wipe it clean and start over, or even buy a new one?

Link to post
Share on other sites

Glad I could help. We will delete all used tools and I'll give you some tips to harden your security and learn how to protect yourself :)
 
 

Recommended reading:

 
 
icon_exclaim.gifMUST READ - security tips:

icon_exclaim.gifMUST READ - general maintenance:

The Importance of Software Updating:

 

 
In order to stay protected it is very important that you regularly update all of your software. Cybercriminals depend on the apathy of users around software updates to keep their malicious endeavor running.
 
Operating systems, such as Windows, and applications, such as Adobe Reader or JAVA, are used by tens of millions of computers and devices around the world, making them a huge target for cybercriminals. Downloading updates and installing them can sometimes be tedious, but the advantages you get from the updates are certainly worth it.

Recommended additional software:

 
 
icon_arrow.gifTFC - to clean unneeded temporary files.
icon_arrow.gifMalwarebytes' Anti-Malware - to scan your system from time to time in search for malware.
icon_arrow.gifMalwarebytes' Anti-Exploit - to prevent plenty of mostly exploited vulnerabilities.
icon_arrow.gifMcShield - to prevent infections spread by removable media.
icon_arrow.gifUnchecky - to prevent from installing additional foistware, implemented in legitimate installations.
icon_arrow.gifAdblock - to surf the web without annoying ads! 
 
 

Post-cleanup procedures:

 

 
Download DelFix by Xplode and save it to your desktop.

  • Run the tool by right click on the 51a5ce45263de-delfix.png icon and Run as administrator option.
  • Make sure that these ones are checked:
    • Remove disinfection tools
    • Purge system restore
    • Reset system settings
  • Push Run.
  • The program will run for a few seconds and display a notepad report. You do not need to attach it.

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning. 
 
 
 


My help is free for everybody.

If you're happy with the help provided and/or wish to buy me a beer for the assistance you received, then you can consider a donation: 
btn_donateCC_LG.gif

 

Thank you!

 
 
Stay safe,
TwinHeadedEagle   :)

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.