Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: context menu hiding behind active window

29 Mar 2015   #11
Gator

Dual Boot: Windows 8.1 & Server 2012r2 VMs: Kali Linux, Backbox, Matriux, Windows 8.1
 
 

I would like to see the log of Malwarebytes. Are we saying Malwarebytes found 49 instances of a rootkit, or you ran the scan with rootkit enabled and you got 49 hits total? Im not certain but I think when you perform a custom scan it does a deeper scan than the quick scan by default, so finding 49 instances of something isn't that concerning.. 49 instances of a rootkit specifically? Time to wipe and reinstall.


My System SpecsSystem Spec
.
30 Mar 2015   #12
Riddick51PB

Windows 7 Ultimate x64
 
 

here's the malwarebytes log. i don't know the severity of the issues found. i can do a reinstall if that's what you all recommend.


Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Scan Date: 3/29/2015
Scan Time: 8:26:28 PM
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.03.30.01
Rootkit Database: v2015.03.26.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Riddick51PB

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 543506
Time Elapsed: 16 min, 48 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 41
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{1112dad7-ff1a-4335-9f07-a6ad0837d324}, Quarantined, [76aa29210a80df57576a55e3fb07e719],
PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{1112DAD7-FF1A-4335-9F07-A6AD0837D324}, Quarantined, [76aa29210a80df57576a55e3fb07e719],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\P1112dad7_ff1a_4335_9f07_a6ad0837d324_.P1112dad7_ff1a_4335_9f07_a6ad0837d324_, Quarantined, [76aa29210a80df57576a55e3fb07e719],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\P1112dad7_ff1a_4335_9f07_a6ad0837d324_.P1112dad7_ff1a_4335_9f07_a6ad0837d324_. 9, Quarantined, [76aa29210a80df57576a55e3fb07e719],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P1112dad7_ff1a_4335_9f07_a6ad0837d324_.P1112dad7_ff1a_4335_9f07_a6 ad0837d324_, Quarantined, [76aa29210a80df57576a55e3fb07e719],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P1112dad7_ff1a_4335_9f07_a6ad0837d324_.P1112dad7_ff1a_4335_9f07_a6 ad0837d324_.9, Quarantined, [76aa29210a80df57576a55e3fb07e719],
PUP.Optional.Multiplug, HKU\S-1-5-21-2719538298-1715437929-973194817-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{1112DAD7-FF1A-4335-9F07-A6AD0837D324}, Quarantined, [76aa29210a80df57576a55e3fb07e719],
PUP.Optional.Multiplug, HKU\S-1-5-21-2719538298-1715437929-973194817-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1112DAD7-FF1A-4335-9F07-A6AD0837D324}, Quarantined, [76aa29210a80df57576a55e3fb07e719],
PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{1112DAD7-FF1A-4335-9F07-A6AD0837D324}, Quarantined, [76aa29210a80df57576a55e3fb07e719],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{1112DAD7-FF1A-4335-9F07-A6AD0837D324}\INPROCSERVER32, Quarantined, [76aa29210a80df57576a55e3fb07e719],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{40a471db-a12b-4107-be22-8089c29b89fe}, Quarantined, [9c84bb8fd8b2c96dc6fbdd5b34ce2ad6],
PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{40A471DB-A12B-4107-BE22-8089C29B89FE}, Quarantined, [9c84bb8fd8b2c96dc6fbdd5b34ce2ad6],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\P40a471db_a12b_4107_be22_8089c29b89fe_.P40a471db_a12b_4107_be22_8089c29b89fe_, Quarantined, [9c84bb8fd8b2c96dc6fbdd5b34ce2ad6],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\P40a471db_a12b_4107_be22_8089c29b89fe_.P40a471db_a12b_4107_be22_8089c29b89fe_. 9, Quarantined, [9c84bb8fd8b2c96dc6fbdd5b34ce2ad6],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P40a471db_a12b_4107_be22_8089c29b89fe_.P40a471db_a12b_4107_be22_80 89c29b89fe_, Quarantined, [9c84bb8fd8b2c96dc6fbdd5b34ce2ad6],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\CLASSES\P40a471db_a12b_4107_be22_8089c29b89fe_.P40a471db_a12b_4107_be22_80 89c29b89fe_.9, Quarantined, [9c84bb8fd8b2c96dc6fbdd5b34ce2ad6],
PUP.Optional.Multiplug, HKU\S-1-5-21-2719538298-1715437929-973194817-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{40A471DB-A12B-4107-BE22-8089C29B89FE}, Quarantined, [9c84bb8fd8b2c96dc6fbdd5b34ce2ad6],
PUP.Optional.Multiplug, HKU\S-1-5-21-2719538298-1715437929-973194817-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{40A471DB-A12B-4107-BE22-8089C29B89FE}, Quarantined, [9c84bb8fd8b2c96dc6fbdd5b34ce2ad6],
PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{40A471DB-A12B-4107-BE22-8089C29B89FE}, Quarantined, [9c84bb8fd8b2c96dc6fbdd5b34ce2ad6],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{40A471DB-A12B-4107-BE22-8089C29B89FE}, Quarantined, [9c84bb8fd8b2c96dc6fbdd5b34ce2ad6],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{40A471DB-A12B-4107-BE22-8089C29B89FE}\INPROCSERVER32, Quarantined, [9c84bb8fd8b2c96dc6fbdd5b34ce2ad6],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{5591778b-6cf6-4344-8109-f89fd009d415}, Quarantined, [44dc88c249415dd9f0d1cf69649e7090],
PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{5591778B-6CF6-4344-8109-F89FD009D415}, Quarantined, [44dc88c249415dd9f0d1cf69649e7090],
PUP.Optional.Multiplug, HKU\S-1-5-21-2719538298-1715437929-973194817-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{5591778B-6CF6-4344-8109-F89FD009D415}, Quarantined, [44dc88c249415dd9f0d1cf69649e7090],
PUP.Optional.Multiplug, HKU\S-1-5-21-2719538298-1715437929-973194817-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{5591778B-6CF6-4344-8109-F89FD009D415}, Quarantined, [44dc88c249415dd9f0d1cf69649e7090],
PUP.Optional.Multiplug, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5591778B-6CF6-4344-8109-F89FD009D415}, Quarantined, [44dc88c249415dd9f0d1cf69649e7090],
PUP.Optional.Multiplug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5591778B-6CF6-4344-8109-F89FD009D415}, Quarantined, [44dc88c249415dd9f0d1cf69649e7090],
PUP.Optional.Multiplug, HKLM\SOFTWARE\CLASSES\CLSID\{5591778B-6CF6-4344-8109-F89FD009D415}\INPROCSERVER32, Quarantined, [44dc88c249415dd9f0d1cf69649e7090],
PUP.Optional.IntelliTerm.A, HKLM\SOFTWARE\WOW6432NODE\IntelliTerm_1.10.0.8, Quarantined, [70b061e93852ee48caa9d77449bc619f],
PUP.Optional.IntelliTerm.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\itnfd_1_10_0_8, Quarantined, [819f0f3b3a5085b19fd222297e87768a],
PUP.Optional.Squeaky.A, HKU\S-1-5-21-2719538298-1715437929-973194817-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Squeaky, Quarantined, [7da3f1593a50f73f6078c3fa0bf8e41c],
PUP.Optional.CouponPeak.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{41F978F3-431A-4464-A789-5C0692D562FB}, Quarantined, [af71bc8eb7d3a591e2a16b3a3ec533cd],
PUP.Optional.CouponPeak.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{138E44EF-8988-4DC7-8F48-FBC4FCEF83D1}, Quarantined, [af71bc8eb7d3a591e2a16b3a3ec533cd],
PUP.Optional.CouponPeak.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{BB50CC62-09E1-4DD9-912C-F1DA4D6D71D8}, Quarantined, [af71bc8eb7d3a591e2a16b3a3ec533cd],
PUP.Optional.CouponPeak.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E481A870-86C7-44E1-97DF-E759FC147CBE}, Quarantined, [af71bc8eb7d3a591e2a16b3a3ec533cd],
PUP.Optional.CouponPeak.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FE332809-93C1-48DF-929F-AEC0BC4BFCFE}, Quarantined, [af71bc8eb7d3a591e2a16b3a3ec533cd],
PUP.Optional.CouponPeak.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{138E44EF-8988-4DC7-8F48-FBC4FCEF83D1}, Quarantined, [af71bc8eb7d3a591e2a16b3a3ec533cd],
PUP.Optional.CouponPeak.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{BB50CC62-09E1-4DD9-912C-F1DA4D6D71D8}, Quarantined, [af71bc8eb7d3a591e2a16b3a3ec533cd],
PUP.Optional.CouponPeak.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E481A870-86C7-44E1-97DF-E759FC147CBE}, Quarantined, [af71bc8eb7d3a591e2a16b3a3ec533cd],
PUP.Optional.CouponPeak.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FE332809-93C1-48DF-929F-AEC0BC4BFCFE}, Quarantined, [af71bc8eb7d3a591e2a16b3a3ec533cd],
PUP.Optional.CouponPeak.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{41F978F3-431A-4464-A789-5C0692D562FB}, Quarantined, [af71bc8eb7d3a591e2a16b3a3ec533cd],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 1
PUP.Optional.CouponPeak.A, C:\Program Files (x86)\CouponpeAk, Quarantined, [af71bc8eb7d3a591e2a16b3a3ec533cd],

Files: 7
PUP.Optional.Multiplug, C:\Program Files (x86)\CouponpeAk\avNB2wd2TBHYYs.x64.dll, Quarantined, [76aa29210a80df57576a55e3fb07e719],
PUP.Optional.Multiplug, C:\Program Files (x86)\ExxteraShopPer\FWNO0TVR9CiF6q.x64.dll, Quarantined, [9c84bb8fd8b2c96dc6fbdd5b34ce2ad6],
PUP.Optional.Multiplug, C:\Program Files (x86)\shopNdroup\6tkQyBmnwHsOfS.x64.dll, Quarantined, [44dc88c249415dd9f0d1cf69649e7090],
PUP.Optional.Multiplug.A, C:\Program Files (x86)\CouponpeAk\avNB2wd2TBHYYs.dll, Quarantined, [e43c56f44743c076e1baa68bcb376b95],
PUP.Optional.CouponPeak.A, C:\Program Files (x86)\CouponpeAk\avNB2wd2TBHYYs.dat, Quarantined, [af71bc8eb7d3a591e2a16b3a3ec533cd],
PUP.Optional.CouponPeak.A, C:\Program Files (x86)\CouponpeAk\avNB2wd2TBHYYs.tlb, Quarantined, [af71bc8eb7d3a591e2a16b3a3ec533cd],
PUP.Optional.Binkiland.A, C:\Users\Riddick51PB\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences, Good: (), Bad: ( "homepage": "http://binkiland.com/?f=1&a=bnk_ir_15_07&cd=2XzuyEtN2Y1L1QzutDtDtByDtBtB0C0CtByC0EyC0A0A0D0EtN0D0Tzu0StCtCtAyCtN1L2XzutAt FyBtFyBtFyDtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StD0BtD0CtA0ByEzytGyCtDtA0EtGyD0ByDyCtGyDyD0 AtBtGyBtByEtCtD0B0FyB0C0AyCtC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0CtB0A0DtA0C0DyCtG0E0D0B0AtGyE0EzzyBtG0BtAzzy EtGyEtCyBzy0F0EyB0AyB0A0Bzy2Q&cr=498679009&ir=",), Replaced,[c55b54f6f397c86e9414152431d521df]

Physical Sectors: 0
(No malicious items detected)


(end)
My System SpecsSystem Spec
30 Mar 2015   #13
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

One hellofa list you got their.
They all seem to be PUP's. I would have them on my system. I would remove them all from my system, reboot and run Malwarebytes again. I don't see any rootkits. Then I would do a quick clean using Ccleaner without using the Registry section.
Reboot and see how things work.

Then I would use AdwCleaner from the Bleeping Computer site. Make sure you tick on the big blue box Download Now @ Bleeping Computer and no where else.

AdwCleaner Download


PUP (potentially unwanted program)


context menu hiding behind active window-adwcleaner-1-2-.jpg


My System SpecsSystem Spec
.

30 Mar 2015   #14
Riddick51PB

Windows 7 Ultimate x64
 
 

i thank you all for your advice and helpful links which i will no doubt use in the future.

for right now, i'm gonna reinstall win7 and be done with all this (for at least a week i hope laff)
My System SpecsSystem Spec
30 Mar 2015   #15
Layback Bear

Windows 7 Pro. 64/SP-1
 
 

Clean install is a great idea.

Here is a tutorial by Brink that will help guide you if need be.

Clean Install Windows 7
My System SpecsSystem Spec
Reply

 context menu hiding behind active window




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Advanced Window Color and Appearance - Add to Desktop Context Menu
How to Add or Remove "Advanced Window Color and Appearance" from Desktop Context Menu in Windows 7 This tutorial will show you how to add or remove "Advanced Window Color and Appearance" (advanced appearance settings) from the desktop context menu for all users in Windows 7. You must be...
Tutorials
How do I move context menu items into a cascading context menu?
Okay, I'm not sure if this can be done as easily as I'm hoping. What I'm wanting to do is move already existing context menu items into a cascading context menu to organize and reduce clutter. For instance, I would have a cascading menu named "Scan with" and inside it would be avast! Internet...
Customization
shortcut keys to context menu on command window lost in win 7
In windows XP, I used to be able use "ALT + E + S" to programmatically grab the contents of a command window. This does not work in Windows 7. When you right click on the title, the "Edit" selection no longer has the "E" underlined, indicating the shortcut key to use. Does anyone know if...
General Discussion
Open Excel workbook in active window rather than first window
Hi, I have recently upgraded to Windows 7 and Office 2010 and though I'm starting to get used to all the changes there is one thing which is really bugging me. When I have two separate Excel windows open and open an Excel file from Windows Explorer the file will open in the first window not...
Microsoft Office
Flip 3D (Window Switcher) in I.E / Firefox context menu
I want to add Flip (window switcher) 3D to my web context menu. I had contact with somebody (elsewhere) who told me he was on this site who'd adapted what he'd done on WinXP and was adapting it for win7 and nearly cracked it. The scripts, reg entries, whatever, he sent me were as he said, in...
Customization


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 23:50.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App