I use your MBAM and it performs very well (at the end there is the result of scanning)but still there is a virus in the location system 32. when i use my pen drive to copy a file let say an pdf file, a song file or an application from the system, the computer doesn't copy the original file insted it shows me a shortut file whose location is this: cmd(C:\Windows\system 32).Even at this location i ve performed 2 time scan but all are good for nothing. Please help how can i solve this issue ?...
.
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
Database version: v2013.04.04.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Protection: Enabled
05-12-2013 02:40:56
MBAM-log-2013-12-05 (03-55-41).txt
Scan type: Full scan (C:\|D:\|H:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 567395
Time elapsed: 1 hour(s), 12 minute(s), 41 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 20
HKCR\CLSID\{25927741-5E5B-4D27-8D8B-9188FE64373F} (PUP.SearchYa) -> No action taken.
HKCR\ironsource.searchyaHlpr.1 (PUP.SearchYa) -> No action taken.
HKCR\ironsource.searchyaHlpr (PUP.SearchYa) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25927741-5E5B-4D27-8D8B-9188FE64373F} (PUP.SearchYa) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{25927741-5E5B-4D27-8D8B-9188FE64373F} (PUP.SearchYa) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25927741-5E5B-4D27-8D8B-9188FE64373F} (PUP.SearchYa) -> No action taken.
HKCR\CLSID\{33AA308B-B565-4376-AC66-59EE9B6AD13E} (PUP.SearchYa) -> No action taken.
HKCR\ironsource.searchyadskBnd.1 (PUP.SearchYa) -> No action taken.
HKCR\ironsource.searchyadskBnd (PUP.SearchYa) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{33AA308B-B565-4376-AC66-59EE9B6AD13E} (PUP.SearchYa) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{33AA308B-B565-4376-AC66-59EE9B6AD13E} (PUP.SearchYa) -> No action taken.
HKCR\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840} (PUP.Funmoods) -> No action taken.
HKCR\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} (PUP.Funmoods) -> No action taken.
HKCR\esrv.funmoodsESrvc.1 (PUP.Funmoods) -> No action taken.
HKCR\esrv.funmoodsESrvc (PUP.Funmoods) -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} (PUP.FunMoods) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A} (PUP.Funmoods) -> No action taken.
HKCU\SOFTWARE\InstallCore\funmoods (PUP.FunMoods) -> No action taken.
HKLM\SOFTWARE\InstallCore\funmoods (PUP.FunMoods) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.InstallBrain) -> No action taken.
Registry Values Detected: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{33AA308B-B565-4376-AC66-59EE9B6AD13E} (PUP.SearchYa) -> Data: SearchYa Toolbar -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{33AA308B-B565-4376-AC66-59EE9B6AD13E} (PUP.SearchYa) -> Data: -> No action taken.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 10
C:\Program Files (x86)\Ironsource\searchya\1.5.13.0\bh\searchya.dll (PUP.SearchYa) -> No action taken.
C:\Program Files (x86)\Ironsource\searchya\1.5.13.0\searchyaTlbr.dll (PUP.SearchYa) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt1C4.tmp (PUP.Dealio.TB) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtE82C.tmp (PUP.Dealio.TB) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtF0C4.tmp (PUP.Dealio.TB) -> No action taken.
C:\Users\*********\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage (PUP.Funmoods) -> No action taken.
C:\Users\*********\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage (PUP.Funmoods) -> No action taken.
C:\Users\**********\AppData\Roaming\Funmoods\UpdateProc\UpdateTask.exe (PUP.FunMoods) -> No action taken.
C:\Users\**********\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage (PUP.FunMoods) -> No action taken.
C:\Users\***********\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage (PUP.FunMoods) -> No action taken.
(end)
.
Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org
Database version: v2013.04.04.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Protection: Enabled
05-12-2013 02:40:56
MBAM-log-2013-12-05 (03-55-41).txt
Scan type: Full scan (C:\|D:\|H:\|Q:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 567395
Time elapsed: 1 hour(s), 12 minute(s), 41 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 20
HKCR\CLSID\{25927741-5E5B-4D27-8D8B-9188FE64373F} (PUP.SearchYa) -> No action taken.
HKCR\ironsource.searchyaHlpr.1 (PUP.SearchYa) -> No action taken.
HKCR\ironsource.searchyaHlpr (PUP.SearchYa) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{25927741-5E5B-4D27-8D8B-9188FE64373F} (PUP.SearchYa) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{25927741-5E5B-4D27-8D8B-9188FE64373F} (PUP.SearchYa) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25927741-5E5B-4D27-8D8B-9188FE64373F} (PUP.SearchYa) -> No action taken.
HKCR\CLSID\{33AA308B-B565-4376-AC66-59EE9B6AD13E} (PUP.SearchYa) -> No action taken.
HKCR\ironsource.searchyadskBnd.1 (PUP.SearchYa) -> No action taken.
HKCR\ironsource.searchyadskBnd (PUP.SearchYa) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{33AA308B-B565-4376-AC66-59EE9B6AD13E} (PUP.SearchYa) -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{33AA308B-B565-4376-AC66-59EE9B6AD13E} (PUP.SearchYa) -> No action taken.
HKCR\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840} (PUP.Funmoods) -> No action taken.
HKCR\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} (PUP.Funmoods) -> No action taken.
HKCR\esrv.funmoodsESrvc.1 (PUP.Funmoods) -> No action taken.
HKCR\esrv.funmoodsESrvc (PUP.Funmoods) -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} (PUP.FunMoods) -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A} (PUP.Funmoods) -> No action taken.
HKCU\SOFTWARE\InstallCore\funmoods (PUP.FunMoods) -> No action taken.
HKLM\SOFTWARE\InstallCore\funmoods (PUP.FunMoods) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\IBUpdaterService (PUP.InstallBrain) -> No action taken.
Registry Values Detected: 2
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{33AA308B-B565-4376-AC66-59EE9B6AD13E} (PUP.SearchYa) -> Data: SearchYa Toolbar -> No action taken.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{33AA308B-B565-4376-AC66-59EE9B6AD13E} (PUP.SearchYa) -> Data: -> No action taken.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 10
C:\Program Files (x86)\Ironsource\searchya\1.5.13.0\bh\searchya.dll (PUP.SearchYa) -> No action taken.
C:\Program Files (x86)\Ironsource\searchya\1.5.13.0\searchyaTlbr.dll (PUP.SearchYa) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wt1C4.tmp (PUP.Dealio.TB) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtE82C.tmp (PUP.Dealio.TB) -> No action taken.
C:\Windows\System32\config\systemprofile\AppData\LocalLow\Application Updater\temp\~wtF0C4.tmp (PUP.Dealio.TB) -> No action taken.
C:\Users\*********\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage (PUP.Funmoods) -> No action taken.
C:\Users\*********\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage (PUP.Funmoods) -> No action taken.
C:\Users\**********\AppData\Roaming\Funmoods\UpdateProc\UpdateTask.exe (PUP.FunMoods) -> No action taken.
C:\Users\**********\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage (PUP.FunMoods) -> No action taken.
C:\Users\***********\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage (PUP.FunMoods) -> No action taken.
(end)