Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 2014-12-23 Scan Time: 18:47:00 Logfile: Scan Log MBAM 01.txt Administrator: Yes Version: 2.00.4.1028 Malware Database: v2014.11.20.06 Rootkit Database: v2014.11.18.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Joanna Scan Type: Threat Scan Result: Completed Objects Scanned: 371196 Time Elapsed: 20 min, 29 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 7 PUP.Optional.RadRater.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{316CDECF-3A39-4FAC-B224-29059A0FE5A7}, Quarantined, [26e0af8f3a4211254901d0ea788ac739], PUP.Optional.RadRater.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{316CDECF-3A39-4FAC-B224-29059A0FE5A7}, Quarantined, [26e0af8f3a4211254901d0ea788ac739], PUP.Optional.WordProser.A, HKLM\SOFTWARE\WOW6432NODE\WordProser_1.10.0.5, Quarantined, [a165da64b4c8999d3b3f8ab263a06b95], PUP.Optional.RadRater.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Rad Rater, Quarantined, [d3336ed0dca00c2acfab2e165ea5926e], PUP.Optional.RadRater.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util Rad Rater, Quarantined, [8d79a79785f77db94536ae96e71cd828], PUP.Optional.RadRater.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Rad Rater, Quarantined, [30d69ea07a026bcb86f30f3555aed22e], PUP.Optional.HomeTab.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\SIMPLYTECH\HomeTab, Quarantined, [9175b5896418003671343d177c87c937], Registry Values: 1 PUP.Optional.SearchCertified.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURI, http://search.certified-toolbar.com?si=85023&st=bs&tid=29472&ver=6.9&ts=1418913371798&tguid=85023-29472-1418913371798-A8E4B9ACDDAD25FFCBC7B1FA2D3F852B&q=%s, Quarantined, [8383a8967efe191d27ad391cda29ab55] Registry Data: 2 PUP.Optional.SimplyTech.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|newtab, %appdata%\SimplyTech\home\home.htm, Good: (www.google.com), Bad: (%appdata%\SimplyTech\home\home.htm),Replaced,[1fe789b5116b43f30b551e260ff653ad] PUP.Optional.SearchCertifiedTB.A, HKU\S-1-5-21-2865235807-1952630281-2589921185-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURI, http://search.certified-toolbar.com?si=85023&st=bs&tid=29472&ver=6.9&ts=1418913371798&tguid=85023-29472-1418913371798-A8E4B9ACDDAD25FFCBC7B1FA2D3F852B&q=%s, Good: (www.google.com), Bad: (http://search.certified-toolbar.com?si=85023&st=bs&tid=29472&ver=6.9&ts=1418913371798&tguid=85023-29472-1418913371798-A8E4B9ACDDAD25FFCBC7B1FA2D3F852B&q=%s),Replaced,[c3438bb339434bebfac1aca346bf2cd4] Folders: 2 PUP.Optional.SmileysWeLove.A, C:\Users\Joanna\AppData\Local\Temp\swlfiles, Quarantined, [b650fe40b4c8be782d7f3de163a09c64], PUP.Optional.SmileysWeLove.A, C:\Users\Joanna\AppData\Local\Temp\swlfiles\x86, Quarantined, [b650fe40b4c8be782d7f3de163a09c64], Files: 10 PUP.Optional.WordProser.A, C:\Users\Joanna\AppData\Local\Temp\ZOG\Setup.exe, Quarantined, [f21447f74e2eec4ade1e701111f4ba46], PUP.Optional.Babylon.A, C:\Users\Joanna\Downloads\Babylon10_setup.exe, Quarantined, [6c9a93abb8c45bdbfc07b867dc244eb2], PUP.Optional.Babylon.A, C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml, Quarantined, [45c190aea2da79bd6ce3b8b8b05314ec], PUP.Optional.SmileysWeLove.A, C:\Users\Joanna\AppData\Local\Temp\swlfiles\BrowserHelper.exe.config, Quarantined, [b650fe40b4c8be782d7f3de163a09c64], PUP.Optional.SmileysWeLove.A, C:\Users\Joanna\AppData\Local\Temp\swlfiles\BrowserHelper.pdb, Quarantined, [b650fe40b4c8be782d7f3de163a09c64], PUP.Optional.SmileysWeLove.A, C:\Users\Joanna\AppData\Local\Temp\swlfiles\browserhelperff.log, Quarantined, [b650fe40b4c8be782d7f3de163a09c64], PUP.Optional.SmileysWeLove.A, C:\Users\Joanna\AppData\Local\Temp\swlfiles\channel_generic.json.old, Quarantined, [b650fe40b4c8be782d7f3de163a09c64], PUP.Optional.SmileysWeLove.A, C:\Users\Joanna\AppData\Local\Temp\swlfiles\smileyswelove.xpi, Quarantined, [b650fe40b4c8be782d7f3de163a09c64], PUP.Optional.SmileysWeLove.A, C:\Users\Joanna\AppData\Local\Temp\swlfiles\smileyswelovetoolbar.crx, Quarantined, [b650fe40b4c8be782d7f3de163a09c64], PUP.Optional.SmileysWeLove.A, C:\Users\Joanna\AppData\Local\Temp\swlfiles\x86\SQLite.Interop.dll, Quarantined, [b650fe40b4c8be782d7f3de163a09c64], Physical Sectors: 0 (No malicious items detected) (end)