(10-06-2015, 03:35 PM)Compton Wrote: Scan with Malwarebytes' Anti-Malware
Please download Malwarebytes Anti-Malware and save it to your desktop.
- Install the progam and select update.
- Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.
- Click the Scan tab, choose Threat Scan is checked and click Scan Now.
- If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
- Upon completion of the scan (or after the reboot), click the History tab.
- Click Application Logs and double-click the Scan Log.
- At the bottom click Export and choose Text file.
Save the file to your desktop and include its content in your next reply.
Thanks for your help. I was shocked at the amount of results but I'm not sure if I should remove them or not.
Here are the results...
Malwarebytes Anti-Malware
http://www.malwarebytes.org
Scan Date: 06/10/2015
Scan Time: 20:59
Logfile: file.txt
Administrator: Yes
Version: 2.1.8.1057
Malware Database: v2015.10.06.05
Rootkit Database: v2015.10.06.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Asus
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 360781
Time Elapsed: 34 min, 1 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 9
PUP.Optional.GetNow, HKLM\SOFTWARE\CLASSES\TYPELIB\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}, , [b9049ab9b9d23bfb267fd421877b51af],
PUP.Optional.GetNow, HKLM\SOFTWARE\CLASSES\INTERFACE\{237FDFDB-3722-470E-8BA8-90196DABE967}, , [b9049ab9b9d23bfb267fd421877b51af],
PUP.Optional.GetNow, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{237FDFDB-3722-470E-8BA8-90196DABE967}, , [b9049ab9b9d23bfb267fd421877b51af],
PUP.Optional.GetNow, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{237FDFDB-3722-470E-8BA8-90196DABE967}, , [b9049ab9b9d23bfb267fd421877b51af],
PUP.Optional.GetNow, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}, , [b9049ab9b9d23bfb267fd421877b51af],
PUP.Optional.GetNow, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}, , [b9049ab9b9d23bfb267fd421877b51af],
PUP.Optional.MyStart, HKLM\SOFTWARE\WOW6432NODE\mystarttb, , [477654ffa7e49d9921134a741fe52ed2],
PUP.Optional.GetNowUpdater, HKU\S-1-5-21-3153954475-3655212625-4016578082-1001\SOFTWARE\GetNowUpdater, , [f6c72b286a212214b442d9d4ae5654ac],
PUP.Optional.Squeaky, HKU\S-1-5-21-3153954475-3655212625-4016578082-1001\SOFTWARE\Squeaky, , [b50867ecaedd2d09664f6a64e420d729],
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 30
PUP.Optional.OpenCandy, C:\Users\Asus\AppData\Roaming\OpenCandy, , [9924173c4744cd69575a7e8d9b68946c],
PUP.Optional.OpenCandy, C:\Users\Asus\AppData\Roaming\OpenCandy\40755940CFE44C6FAA64627D76647B1B, , [9924173c4744cd69575a7e8d9b68946c],
PUP.Optional.OpenCandy, C:\Users\Asus\AppData\Roaming\OpenCandy\40F82C65363B499EB91E35D950B2EAF2, , [9924173c4744cd69575a7e8d9b68946c],
PUP.Optional.BrowserHelper, C:\Users\Asus\AppData\Local\Temp\bhfiles, , [4b7294bfed9e9c9a8ffd46d240c3ee12],
PUP.Optional.BrowserHelper, C:\Users\Asus\AppData\Local\Temp\bhfiles\x86, , [4b7294bfed9e9c9a8ffd46d240c3ee12],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\html_res, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\accessible, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\audio, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\bearer, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\designer, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\iconengines, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\imageformats, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\mediaservice, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\platforms, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\playlistformats, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\position, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\printsupport, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\qml1tooling, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\qmltooling, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\sensorgestures, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\sensors, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\sqldrivers, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Local\GetnowUninstall, , [ceefc3903f4ce74f4c57d354f60d15eb],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Local\GetNowUpdater, , [6558cc87107ba78fdacaee39ba4913ed],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Local\GetNowUpdater\inst, , [6558cc87107ba78fdacaee39ba4913ed],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Local\GetNowUpdater\inst\Bootstrapper, , [6558cc87107ba78fdacaee39ba4913ed],
PUP.Optional.IHlpr, C:\Users\Asus\AppData\Roaming\IHlpr\40755940CFE44C6FAA64627D76647B1B, , [c3fa1b38f6952a0c81529d8cab58da26],
PUP.Optional.IHlpr, C:\Users\Asus\AppData\Roaming\IHlpr\40F82C65363B499EB91E35D950B2EAF2, , [6e4f4d064e3d0f272aa97bae937007f9],
Files: 53
PUP.Optional.Yappyz, C:\Users\Asus\AppData\Roaming\Angry_Birds\Angry_Birds.exe, , [68557ed58b0088ae20d77a49a160a55b],
PUP.Optional.MindSpark, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_premierdownloadmanager.dl.tb.ask.com_0.localstorage, , [b20b8dc65f2c55e15fe39524ab59be42],
PUP.Optional.MindSpark, C:\Users\Asus\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_premierdownloadmanager.dl.tb.ask.com_0.localstorage-journal, , [06b7a5ae76158babf34fdddce420c040],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\html_res\store.html, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\html_res\style.css, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\html_res\updater.html, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\accessible\qtaccessiblequick.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\accessible\qtaccessiblewidgets.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\audio\qtaudio_windows.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\bearer\qgenericbearer.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\bearer\qnativewifibearer.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\designer\qaxwidget.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\designer\qdeclarativeview.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\designer\qquickwidget.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\designer\qwebview.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\iconengines\qsvgicon.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\imageformats\qdds.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\imageformats\qgif.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\imageformats\qicns.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\imageformats\qico.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\imageformats\qjp2.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\imageformats\qjpeg.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\imageformats\qmng.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\imageformats\qsvg.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\imageformats\qtga.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\imageformats\qtiff.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\imageformats\qwbmp.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\imageformats\qwebp.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\mediaservice\dsengine.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\mediaservice\qtmedia_audioengine.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\mediaservice\wmfengine.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\platforms\qminimal.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\platforms\qoffscreen.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\platforms\qwindows.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\playlistformats\qtmultimedia_m3u.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\position\qtposition_positionpoll.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\printsupport\windowsprintersupport.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\qml1tooling\qmldbg_inspector.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\qml1tooling\qmldbg_tcp_qtdeclarative.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\qmltooling\qmldbg_qtquick2.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\qmltooling\qmldbg_tcp.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\sensorgestures\qtsensorgestures_plugin.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\sensorgestures\qtsensorgestures_shakeplugin.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\sensors\qtsensors_dummy.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\sensors\qtsensors_generic.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\sqldrivers\qsqlite.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\sqldrivers\qsqlmysql.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\sqldrivers\qsqlodbc.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Roaming\GetnowUpdater\plugins\sqldrivers\qsqlpsql.dll, , [b805d47f2f5c2f07742e6cbb00032fd1],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Local\GetNowUpdater\autoupdateAppInfo.txt, , [6558cc87107ba78fdacaee39ba4913ed],
PUP.Optional.GetNowUpdater, C:\Users\Asus\AppData\Local\GetNowUpdater\inst\Bootstrapper\GetNowUpdaterUninstall.exe, , [6558cc87107ba78fdacaee39ba4913ed],
PUP.Optional.IHlpr, C:\Users\Asus\AppData\Roaming\IHlpr\40755940CFE44C6FAA64627D76647B1B\qms.exe, , [c3fa1b38f6952a0c81529d8cab58da26],
PUP.Optional.IHlpr, C:\Users\Asus\AppData\Roaming\IHlpr\40F82C65363B499EB91E35D950B2EAF2\TuneUpUtilities_UK_Exp2.exe, , [6e4f4d064e3d0f272aa97bae937007f9],
Physical Sectors: 0
(No malicious items detected)
(end)