Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Avast! Popup keeps showing svchost.exe being blocked from a malicious website


  • Please log in to reply
26 replies to this topic

#1 seanpfett

seanpfett

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:55 PM

Posted 25 June 2014 - 12:16 PM

UOSAvSb.png

Hello, Avast! keeps showing popup about malicious URL being blocked from the svchost.exe file. The malware is apparently trying to connect to something and I'm trying to stop it.

Thank you for your help!


Edited by hamluis, 07 July 2014 - 08:16 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


m

#2 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,031 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:02:55 PM

Posted 25 June 2014 - 12:56 PM

What information do you get when you click on More details... ?

 

What is the web site you are being blocked from?


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#3 seanpfett

seanpfett
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:55 PM

Posted 25 June 2014 - 01:27 PM

What information do you get when you click on More details... ?

 

What is the web site you are being blocked from?

I will get back to you momentarily I need to wait for the popup to come back up but I'm pretty sure the site changes every time the popup comes up.



#4 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,031 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:02:55 PM

Posted 25 June 2014 - 01:37 PM

This is popping up without your trying to open a web site?


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#5 seanpfett

seanpfett
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:55 PM

Posted 25 June 2014 - 01:38 PM

This is popping up without your trying to open a web site?

Yes a few days ago I downloaded something accidentally it was most likely malware. Afterwards this popup started showing up every 5 to 10 minutes.



#6 seanpfett

seanpfett
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:55 PM

Posted 25 June 2014 - 01:44 PM

 

This is popping up without your trying to open a web site?

Yes a few days ago I downloaded something accidentally it was most likely malware. Afterwards this popup started showing up every 5 to 10 minutes.

 

Here is what the website is I do not know why it says infekce zablokovana.65qjtmx.png


Edited by seanpfett, 25 June 2014 - 01:45 PM.


#7 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,031 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:02:55 PM

Posted 25 June 2014 - 01:48 PM

Please run the following scans.


Please run the ESET OnlineScan

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

 

Please download AdwCleaner and run it.
 
An image like the one below will open, click on Scan.
 
adwcleaner11_zps48314883.png
 
Once the search is complete a list of the pending items will be displayed.  If you see any which you do not want removed, remove the check mark next to it.  
 
Click on Clean to remove the selected items.  
 
You will receive a message telling you that all programs will be close so that the infections can be removed.  Click on Ok.
 
When the cleaning process is complete a log of what was removed will be presented.  Please copy and the paste this log in your next post.
 
 
Please download Malwarebytes Anti-Malware.  After clicking on the link the download will start automatically.
 
1)  Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.
 
2)  Malwarebytes will automatically open.  If this is the first time you have run this version of Malwarbytes you will see an image like the one below.
 
mbam1_zps95cc812c.png
 
Click on Update Now, after Malwarebytes is updated click on Scan.
 
If this isn't the first time you have run this version, then you will see an image like the one below.  Click on Scan
 
mbam1_zps98e7fba9.png
 
You will be prompted to update Malwarebytes, to do so click on Update Now.
 
 mbam2_zps85f38f0c.png
 
3)  The scan will automatically run now.
 
mbamreplace_zps3ead4824.png
 
 
4)  When the scan is complete the results will be displayed.  Click on Quarantine All, then click on Apply Actions
 
mbam4_zps23e52ad4.png
 
 
5)  To complete any actions taken you will be asked if you want to restart your computer, click on Yes
 
 mbam4_zps490948cc.png
 
6)  Please post the Malwarebytes log.
 
To find your Malwarebytes log,download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  When the log opens, scroll down toward the bottom of the log to Quarantined Items.  Copy and paste this in your next post.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#8 seanpfett

seanpfett
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:55 PM

Posted 25 June 2014 - 02:41 PM

Ok I will do this and get back to you.


Edited by hamluis, 25 June 2014 - 03:29 PM.
Removed unnecessary quotebox - Hamluis.


#9 seanpfett

seanpfett
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:55 PM

Posted 25 June 2014 - 10:30 PM

Mod Edit:  Please...do not use the Quote button to respond...use the Reply To This Topic button at upper right of topic - Hamluis.

 

Eset Online Scanner Log

 

===================================

C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll Win32/Toolbar.Conduit.Y potentially unwanted application deleted - quarantined
C:\Program Files (x86)\IObit Apps Toolbar\IE\7.6\iobitappsToolbarIE.dll a variant of Win32/Toolbar.Widgi potentially unwanted application deleted - quarantined
C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\File System\004\t\00\00000000 Win32/Somoto.G potentially unwanted application deleted - quarantined
C:\Users\Judy\AppData\LocalLow\uTorrentControl\ldrtbuTor.dll a variant of Win32/Toolbar.Conduit.P potentially unwanted application deleted - quarantined
C:\Users\Judy\AppData\LocalLow\uTorrentControl\tbuTor.dll a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\Users\Judy\AppData\Roaming\Mozilla\Firefox\extensions\{e9df9360-97f8-4690-afe6-996c80790da4}\chrome\utorrentcontrol.jar Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined
C:\Users\Judy\Documents\BitTorrent-6.4b.exe a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined
C:\Windows\Installer\MSI81C4.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
====================================
Adw Cleaner Log
====================================
# AdwCleaner v3.213 - Report created 25/06/2014 at 22:56:08
# Updated 23/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Judy - JUDY-PC
# Running from : C:\Users\Judy\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\PC Optimizer Pro
Folder Deleted : C:\Program Files (x86)\Application Updater
Folder Deleted : C:\Program Files (x86)\Brand Affinity Technologies
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\IObit Apps Toolbar
Folder Deleted : C:\Program Files (x86)\sweetpacks bundle uninstaller
Folder Deleted : C:\Program Files (x86)\Common Files\Spigot
Folder Deleted : C:\Windows\SysWOW64\SearchProtect
Folder Deleted : C:\Users\Judy\AppData\Local\Conduit
Folder Deleted : C:\Users\Judy\AppData\Local\PackageAware
Folder Deleted : C:\Users\Judy\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Judy\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Judy\AppData\Roaming\DefaultTab
Folder Deleted : C:\Users\Judy\AppData\Roaming\Media Finder
Folder Deleted : C:\Users\Judy\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\@themediafinder.com
Folder Deleted : C:\Users\Judy\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com
Folder Deleted : C:\Users\Judy\AppData\Roaming\YourFileDownloader
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jiekonljbeipfklhchhdjddejaennfnl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ohgcjecomkebbohfjgmncelbhogbbokf
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\IEPlugin.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Key Deleted : HKLM\SOFTWARE\Classes\MF
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YourFile_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_camtasia-studio_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_camtasia-studio_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_voice-changer-software_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_voice-changer-software_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3F39D17D-50C7-4AC4-A63A-CDF6CDBD0C61}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{71E3A30E-9444-49D9-ABDB-B4B531D0BBA3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{16ADEA98-D215-4F51-80AF-5E5ED660B9C0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{03EB0E9C-7A91-4381-A220-9B52B641CDB1}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AE9908C1-3400-4B10-9061-C6C04D96E3D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD4DF010-E2FD-43CE-864A-6BD1EDC59AC2}
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\DefaultTab
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\YourFileDownloader
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKLM\Software\Application Updater
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\DefaultTab
Key Deleted : HKLM\Software\ExpressFiles
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
 
-\\ Mozilla Firefox v
 
[ File : C:\Users\Judy\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]
 
 
-\\ Google Chrome v35.0.1916.153
 
[ File : C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Deleted [Extension] : dednnpigldgdbpgcdpfppmlcnnbjciel
Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
Deleted [Extension] : hbcennhacfaagdopikcegfcobcadeocj
Deleted [Extension] : jiekonljbeipfklhchhdjddejaennfnl
Deleted [Extension] : lpmkgpnbiojfaoklbkpfneikocaobfai
Deleted [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
Deleted [Extension] : niapdbllcanepiiimjjndipklodoedlc
Deleted [Extension] : ohgcjecomkebbohfjgmncelbhogbbokf
 
*************************
 
AdwCleaner[R0].txt - [11882 octets] - [25/06/2014 22:34:55]
AdwCleaner[S0].txt - [11757 octets] - [25/06/2014 22:56:08]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11818 octets] ##########
=======================================
Malwarebytes Anti-Malware Log
=======================================
================
Quarantined Items:
===================
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1390831036295
Vendor: PUP.Optional.Yontoo.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\manifest.json
Vendor: PUP.Optional.Yontoo.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\CLASSES\YontooIEClient.Api
Vendor: PUP.Optional.CrossRider.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKU\S-1-5-21-1709428771-2952108263-4025640577-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider
Vendor: PUP.Optional.DefaultTab.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Common Files\Spigot\Search Settings\yandex_ff.xml
Vendor: PUP.Optional.ShopAtHome.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\CLASSES\Toolbar.1
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Windows\Temp\nssEEE5.exe
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.css
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png
Vendor: PUP.Optional.Yontoo.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\CLASSES\INTERFACE\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\Img
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Windows\Temp\nst43DE.exe
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Common Files\Spigot\Search Settings\baidu_ff.xml
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Common Files\Spigot\Search Settings\wth166.dll
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\background.js
Vendor: Stolen.Data, Date: 2014/06/23 08:29:24, Type: Folder, Location: C:\Users\Judy\AppData\Roaming\dclogs
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png
Vendor: PUP.Optional.Yontoo.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\CLASSES\TYPELIB\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Vendor: PUP.Optional.Jollywallet.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKU\S-1-5-21-1709428771-2952108263-4025640577-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\JollyWallet
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\protection
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Users\Judy\AppData\Local\SearchProtect\SearchProtect\STG
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Windows\Temp\nshE266.exe
Vendor: PUP.Optional.ShopAtHome.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\CLASSES\Toolbar
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png
Vendor: PUP.Optional.uTorrentControl.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\uTorrentControl
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: Registry Value, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\PROGRAM FILES (X86)\COMMON FILES\SPIGOT\SEARCH SETTINGS\SEARCHSETTINGS.EXE
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\SearchProtect\SearchProtect\bin
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_1\amazon-48.png
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png
Vendor: PUP.Optional.uTorentControl.A, Date: 2014/06/24 00:03:03, Type: Registry Value, Location: HKU\S-1-5-21-1709428771-2952108263-4025640577-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{E9DF9360-97F8-4690-AFE6-996C80790DA4}
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\MANIFEST-002443
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Windows\Temp\nssBCFD.exe
Vendor: PUP.Optional.Yontoo.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Vendor: PUP.Optional.Yontoo.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\empty-favicon.ico
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\000005.sst
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Windows\Temp\nsx4F0D.exe
Vendor: PUP.Optional.uTorentControl.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5716B037-6714-4930-8DF2-BFCDFB18A78A}
Vendor: PUP.Optional.uTorentControl.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E9DF9360-97F8-4690-AFE6-996C80790DA4}
Vendor: PUP.Optional.BetterSurf.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\CLASSES\APPID\YontooIEClient.DLL
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Windows\Temp\nscB407.exe
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\CURRENT
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat
Vendor: PUP.Optional.uTorrentControl.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\uTorrentControl\toolbar.cfg
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png
Vendor: PUP.Optional.SweetIM.A, Date: 2014/06/23 08:29:24, Type: Registry Key, Location: HKCU\SOFTWARE\SWEETIM
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Common Files\Spigot\Search Settings\yahoo_ff.xml
Vendor: PUP.Optional.Yontoo.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Vendor: PUP.Optional.1ClickDownLoader.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\jplinpmadfkdgipabgcdchbdikologlh
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang\res1036.ini
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\LOG.old
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.html
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: Registry Value, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\SHAREDDLLS|C:\PROGRAM FILES (X86)\APPLICATION UPDATER\APPLICATIONUPDATER.EXE
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\newtab.js
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\SearchProtect\Main\bin
Vendor: PUP.Optional.FreeCauseTB.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKU\S-1-5-21-1709428771-2952108263-4025640577-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\FREECAUSE\Toolbars
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Windows\Temp\nsx13A4.exe
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png
Vendor: PUP.Optional.uTorentControl.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{E9DF9360-97F8-4690-AFE6-996C80790DA4}
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1391460776553
Vendor: PUP.Optional.Conduit.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Users\Judy\AppData\Local\Conduit\CT3072254
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\bubble.js
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe
Vendor: PUP.Optional.Yontoo.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKU\S-1-5-21-1709428771-2952108263-4025640577-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\SearchProtect\SearchProtect\Logs
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\redirect.html
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx166.dll
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Common Files\Spigot\Search Settings\searchcom_ff.xml
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\redirect.js
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\settings
Vendor: PUP.Optional.uTorentControl.A, Date: 2014/06/24 00:03:03, Type: Registry Value, Location: HKU\S-1-5-21-1709428771-2952108263-4025640577-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{E9DF9360-97F8-4690-AFE6-996C80790DA4}
Vendor: PUP.Optional.DefaultTab.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\kdidombaedgpfiiedeimiebkmbilgmlc
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Users\Judy\AppData\Local\SearchProtect\UI\rep
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Windows\Temp\nso9B71.exe
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Users\Judy\AppData\Local\SearchProtect\UI
Vendor: PUP.Optional.uTorrentControl.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\uTorrentControl\tbuTor.dll
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Windows\Temp\nso9B04.exe
Vendor: PUP.Optional.Conduit.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Conduit\CT3072254\uTorrentControlAutoUpdateHelper.exe
Vendor: PUP.Optional.uTorentControl.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\CLASSES\Toolbar.CT3072254
Vendor: PUP.Optional.JollyWallet.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\JollyWallet\Chrome\JollyWallet.crx
Vendor: PUP.Optional.uTorrentControl.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\uTorrentControl\SharedAppsContextMenu.xml
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_1\background.js
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble\defaults.js
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css
Vendor: PUP.Optional.Softonic.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKU\S-1-5-21-1709428771-2952108263-4025640577-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader
Vendor: PUP.Optional.uTorrentControl.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\uTorrentControl\OtherAppsContextMenu.xml
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\LOG
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1391036587677
Vendor: PUP.Optional.Yontoo.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\CLASSES\YontooIEClient.Api.1
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\background.html
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Windows\Temp\nszE416.exe
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/25 19:27:55, Type: Registry Value, Location: HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT|InstallDir
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\SearchProtect\UI\bin
Vendor: Malware.Trace, Date: 2014/06/23 08:29:24, Type: Registry Key, Location: HKCU\Software\DC3_FEXEC
Vendor: PUP.Optional.uTorrentControl.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\uTorrentControl\ToolbarContextMenu.xml
Vendor: PUP.Optional.uTorentControl.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKU\S-1-5-21-1709428771-2952108263-4025640577-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{E9DF9360-97F8-4690-AFE6-996C80790DA4}
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\SearchProtect\UI\rep\UIRepository.dat
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html
Vendor: PUP.Optional.BetterSurf.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\YontooIEClient.DLL
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png
Vendor: PUP.Optional.Yontoo.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\CLASSES\YontooIEClient.Layers
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\libs
Vendor: PUP.Optional.uTorrentControl.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\uTorrentControl Toolbar
Vendor: PUP.Optional.uTorrentControl.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\uTorrentControl\uTorrentControlToolbarHelper.exe
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\CURRENT
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Users\Judy\AppData\Local\SearchProtect
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\mhkaekfpcppmmioggniknbnbdbcigpkk
Vendor: PUP.Optional.JollyWallet.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Users\Judy\AppData\Local\JollyWallet\Chrome
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Windows\Temp\nshBA00.exe
Vendor: PUP.Optional.uTorrentControl.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\uTorrentControl\uninstall.exe
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js
Vendor: PUP.Optional.Yontoo.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Application Updater
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/25 19:27:55, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\hbcennhacfaagdopikcegfcobcadeocj
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang\res1040.ini
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Windows\Temp\nsr8DC1.exe
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Common Files\Spigot\Search Settings\baidu_ie.xml
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Windows\Temp\nshE237.exe
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\SearchProtect\SearchProtect\rep\Cvc.dat
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\css
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Windows\Temp\nsh8DD1.exe
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\config.json
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Windows\Temp\nsjFF60.exe
Vendor: PUP.Optional.InstallBrain.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\InstallIQ
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Common Files\Spigot\Search Settings\yandex_ie.xml
Vendor: PUP.Optional.uTorrentControl.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\uTorrentControl
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\SearchProtect\Main\rep
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Windows\Temp\nsn4F6C.exe
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings.exe
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\Common Files\Spigot\Search Settings\Res
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\SearchProtect
Vendor: PUP.Optional.Somoto.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\Downloads\t-cmt84_downloader-bwMbRjbC.exe
Vendor: PUP.Optional.uTorrentControl.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\uTorrentControl\ldrtbuTor.dll
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\newtab.html
Vendor: PUP.Optional.SweetIM.A, Date: 2014/06/23 08:29:24, Type: Registry Value, Location: HKLM\Software\SweetIM|simapp_id
Vendor: PUP.Optional.Yontoo.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\CLASSES\INTERFACE\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\SearchProtect\UI\rep
Vendor: PUP.Optional.uTorentControl.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKU\S-1-5-21-1709428771-2952108263-4025640577-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{E9DF9360-97F8-4690-AFE6-996C80790DA4}
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pfndaklgolladniicklehhancnlgocpp
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png
Vendor: PUP.Optional.uTorentControl.A, Date: 2014/06/24 00:03:03, Type: Registry Value, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{e9df9360-97f8-4690-afe6-996c80790da4}
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_1\manifest.json
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Users\Judy\AppData\Local\SearchProtect\SearchProtect
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1389826554386
Vendor: Stolen.Data, Date: 2014/06/23 08:29:24, Type: File, Location: C:\Users\Judy\AppData\Roaming\dclogs\2013-12-30-2.dc
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_1
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Windows\Temp\nsjFF5F.exe
Vendor: PUP.Optional.Yontoo.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Yontoo\YontooLayers.crx
Vendor: PUP.Optional.Iminent.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\Iminent
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\Main\bin\SPtool.dll_1391036587615
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Windows\Temp\nsoE07D.exe
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png
Vendor: PUP.Optional.Yontoo.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Users\Judy\AppData\Local\SearchProtect\SearchProtect\Logs
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS
Vendor: PUP.Optional.JollyWallet.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Users\Judy\AppData\Local\JollyWallet
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_1\amazon-19.png
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Common Files\Spigot\Search Settings\config.ini
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\LOG.old
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\dea-48.png
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png
Vendor: PUP.Optional.Yontoo.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKU\S-1-5-21-1709428771-2952108263-4025640577-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\Common Files\Spigot\GC
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Windows\Temp\nsx14BD.exe
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\bubble
Vendor: PUP.Optional.Yontoo.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js
Vendor: PUP.Optional.SweetIM.A, Date: 2014/06/23 08:29:24, Type: Registry Value, Location: HKCU\Software\SweetIM|simapp_id
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\SearchProtect\UI
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\SearchProtect\SearchProtect\rep
Vendor: PUP.Optional.uTorentControl.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5716B037-6714-4930-8DF2-BFCDFB18A78A}
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\LOG
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/25 12:22:36, Type: Registry Key, Location: HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png
Vendor: PUP.Optional.Yontoo.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Yontoo\YontooIEClient.dll
Vendor: PUP.Optional.uTorentControl.A, Date: 2014/06/24 00:03:03, Type: Registry Value, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{E9DF9360-97F8-4690-AFE6-996C80790DA4}
Vendor: PUP.Optional.Yontoo.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKU\S-1-5-21-1709428771-2952108263-4025640577-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\SearchProtect\Main
Vendor: PUP.Optional.Yontoo.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\Yontoo
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\SearchProtect\Main\Logs
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj\MANIFEST-000877
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat
Vendor: PUP.Optional.Yontoo.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\CLASSES\YontooIEClient.Layers.1
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp\1.0_1\amazon-128.png
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\util.js
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Common Files\Spigot\Search Settings\searchcom_ie.xml
Vendor: PUP.Optional.uTorrentControl.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\uTorrentControl\GottenAppsContextMenu.xml
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang\res1031.ini
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Windows\Temp\nsy29C9.exe
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Windows\Temp\nsxE41B.exe
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Users\Judy\AppData\Local\SearchProtect\SearchProtect\rep
Vendor: PUP.Optional.uTorentControl.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\uTorrentControl\prxtbuTor.dll
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang\res1033.ini
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\Img\search-icon.png
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\icdlfehblmklkikfigmjhbmmpmkmpooj
Vendor: PUP.Optional.uTorentControl.A, Date: 2014/06/24 00:03:03, Type: Registry Value, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{e9df9360-97f8-4690-afe6-996c80790da4}
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp\000005.sst
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Common Files\Spigot\Search Settings\Lang\res1034.ini
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Windows\Installer\567d1.msi
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\jquery.js
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
Vendor: PUP.Optional.SweetIM.A, Date: 2014/06/23 08:29:24, Type: Registry Key, Location: HKLM\SOFTWARE\SWEETIM
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Users\Judy\AppData\Local\SearchProtect\Logs
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Common Files\Spigot\Search Settings\yahoo_ie.xml
Vendor: PUP.Optional.Yontoo.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\Yontoo\OptChrome.exe
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Windows\Temp\nsmE3DC.exe
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\css\newtab.css
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\dea-128.png
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png
Vendor: PUP.Optional.Yontoo.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\niapdbllcanepiiimjjndipklodoedlc
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css
Vendor: PUP.Optional.Yontoo.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Vendor: PUP.Optional.uTorentControl.A, Date: 2014/06/24 00:03:03, Type: Registry Value, Location: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{E9DF9360-97F8-4690-AFE6-996C80790DA4}
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\EULA.txt
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\SearchProtect\SearchProtect
Vendor: PUP.Optional.Spigot.A, Date: 2014/06/24 00:03:03, Type: Folder, Location: C:\Program Files (x86)\Common Files\Spigot\Search Settings
Vendor: PUP.Optional.SlickSavings.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Users\Judy\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj\1.3_0\Img\no_thumb.png
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js
Vendor: PUP.Optional.DefaultTab.A, Date: 2014/06/24 00:03:03, Type: Registry Key, Location: HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DefaultTab
Vendor: PUP.Optional.SearchProtect.A, Date: 2014/06/24 00:03:03, Type: File, Location: C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png
===============================================================
END OF FILE
===============================================================
 
The problem is still progressing after all of the cleanups. Thank You for your help so far.

Edited by hamluis, 26 June 2014 - 08:24 AM.
Removed unnecessary quotebox - Hamluis.


#10 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,031 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:02:55 PM

Posted 26 June 2014 - 02:30 PM


65qjtmx.png

 

This means "infection blocked" in Czech.  Why it is reporting in Czech, I have no idea.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#11 seanpfett

seanpfett
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:55 PM

Posted 26 June 2014 - 11:34 PM

 

65qjtmx.png

 

This means "infection blocked" in Czech.  Why it is reporting in Czech, I have no idea.

 

Any idea how to get rid of the popup then it is still continuing.



#12 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,031 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:02:55 PM

Posted 27 June 2014 - 07:30 AM

Download Avast, but do not install it yet.

 

Take your computer off line and uninstall your current copy of Avast, then install the new download.

 

seanpfett, you don't need quote my previous posts.  Just click in the topic text box, write the text you want to post, then click on post.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#13 seanpfett

seanpfett
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:55 PM

Posted 28 June 2014 - 09:23 PM

My avast is up to date and everything. What will installing it again do? Sorry I took so long to respond.



#14 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,031 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:02:55 PM

Posted 29 June 2014 - 07:35 AM

The reason for your topic was to try to stop these popups.  There is a chance that the download was corrupt, uninstalling and reinstalling it should resolve the issue.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#15 seanpfett

seanpfett
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:06:55 PM

Posted 29 June 2014 - 01:04 PM

I re installed it and immediately the popup appeared again from www.getmeegan.com.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users