Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

PUP.Optional.BestBuy.A - Possible next steps?


  • Please log in to reply
5 replies to this topic

#1 PopSmith

PopSmith

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:12 AM

Posted 12 September 2014 - 09:30 PM

I decided to do a Malwarebytes scan today and it caught a "PUP.Optional.BestBuy.A". I just want to make sure I'm not infected with anything else but am not totally sure where to go from here. My computer is running Windows 7.

 

Here is my Malwarebytes log:

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 9/12/2014
Scan Time: 7:10:18 PM
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.09.12.09
Rootkit Database: v2014.09.12.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Ch0nG
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 340067
Time Elapsed: 9 min, 52 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 12
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\content_scripts, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\images, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\langs, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\reg_syntax, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\samples, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\_metadata, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
 
Files: 179
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cplklnmnlbnpmjogncfgfijoopmnlemp_0.localstorage, Delete-on-Reboot, [caffc923e9928da9cd8fdb3b7192748c], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cplklnmnlbnpmjogncfgfijoopmnlemp_0.localstorage-journal, Quarantined, [e5e434b833481e1847152de9df24827e], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\AlertFoxLoginDialog.html, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\AlertFoxLoginDialog.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\AsyncFileIO.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\badge.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\beforePlay.html, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\beforePlay.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\bg.html, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\bg.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\browse.html, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\browse.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\communicator.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\context.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\extractDialog.html, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\extractDialog.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\fileView.html, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\fileView.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\folderView.html, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\folderView.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\loginDialog.html, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\loginDialog.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\macroView.html, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\macroView.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\manifest.json, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\mktree.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\mplayer.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\mrecorder.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\nm_connector.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\npimr.dll, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\options.html, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\options.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\panel.html, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\panel.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\passwordDialog.html, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\passwordDialog.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\rijndael.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\sandbox.html, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\sandbox.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\SOAPClient.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\treeView.html, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\treeView.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\utils.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\version.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\content_scripts\bookmarks_handler.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\content_scripts\connector.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\content_scripts\player.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\content_scripts\recorder.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\content_scripts\si_listener.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editor.html, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editor.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\saveAsDialog.html, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\saveAsDialog.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\imacro.css, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\imacro.html, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\imacro.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\license_apache.txt, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\license_bsd.txt, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\license_lgpl.txt, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\autocompletion.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\edit_area.css, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\edit_area.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\edit_area_functions.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\edit_area_loader.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\elements_functions.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\highlight.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\keyboard.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\manage_area.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\regexp.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\reg_syntax.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\resize_area.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\search_replace.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\template.html, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\images\autocompletion.gif, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\images\close.gif, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\images\fullscreen.gif, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\images\go_to_line.gif, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\images\help.gif, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\images\highlight.gif, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\images\load.gif, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\images\move.gif, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\images\newdocument.gif, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\images\opacity.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\images\processing.gif, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\images\redo.gif, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\images\reset_highlight.gif, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\images\save.gif, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\images\search.gif, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\images\smooth_selection.gif, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\images\spacer.gif, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\images\statusbar_resize.gif, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\images\undo.gif, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\images\word_wrap.gif, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\langs\bg.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\langs\cs.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\langs\de.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\langs\dk.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\langs\en.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\langs\eo.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\langs\es.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\langs\fi.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\langs\fr.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\langs\hr.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\langs\it.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\langs\ja.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\langs\mk.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\langs\nl.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\langs\pl.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\langs\pt.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\langs\ru.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\langs\sk.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\langs\zh.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\reg_syntax\imacro.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\editor\editarea\edit_area\reg_syntax\js.js, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\samples\Address.csv, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\samples\ArchivePage.iim, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\samples\Eval.iim, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\samples\Extract.iim, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\samples\ExtractAndFill.iim, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\samples\ExtractRelative.iim, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\samples\ExtractTable.iim, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\samples\ExtractURL.iim, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\samples\FillForm-XPath.iim, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\samples\FillForm.iim, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\samples\Frame.iim, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\samples\Loop-Csv-2-Web.iim, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\samples\Open6Tabs.iim, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\samples\Profiler.xsl, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\samples\SaveAs.iim, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\samples\SlideShow.iim, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\samples\Stopwatch.iim, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\samples\TagPosition.iim, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\folder-up.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\AlertFoxLoginDialog.css, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\beforePlay.css, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\browse.css, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\browse.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\cancel.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\capture.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\close.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\common.css, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\disk.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\edit-disabled.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\edit.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\editor.css, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\extractDialog.css, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\folder-index.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\folderClosed.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\folderOpen.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\help.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\imglog.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\lock.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\loginDialog.css, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\logo128.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\logo16.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\logo19.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\logo24.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\logo38.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\logo48.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\loop-disabled.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\loop.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\macroView.css, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\mycomputer.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\ok.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\options.css, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\panel.css, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\passwordDialog.css, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\pause.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\play-disabled.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\play.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\record.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\save.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\saveas.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\saveAsDialog.css, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\settings.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\stop.png, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\treeView.css, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\skin\waiting_16x16.gif, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
PUP.Optional.BestBuy.A, C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\8.0.7_0\_metadata\verified_contents.json, Quarantined, [8841eb0145362214f03927b937cb2ed2], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

 



BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,140 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:12 PM

Posted 12 September 2014 - 09:55 PM

Many Potentially Unwanted Programs (PUPs) (to include toolbars, add-ons/plug-ins, and browser extensions) can be removed from within its program group Uninstall shortcut in Start Menu > All Programs or by using Add/Remove Programs or Programs and Features in Control Panel, so always check there first. With most adware/junkware it is strongly recommended to deal with it like a legitimate program and uninstall from Programs and Features or Add/Remove Programs in the Control Panel. In most cases, using the uninstaller of the adware not only removes it more effectively, but it also restores any changed configuration.

Alternatively, you can use a third-party utility like Revo Uninstaller Free or Portable and follow these instructions for using it. Revo will do a more thorough job of searching for and removing related registry entries, files and folders.

Note: Some programs can be difficult to remove if their services and running processes are not disabled or turned off prior to attempting removal because they are in use. As such, it is easier to uninstall after booting into safe mode so there are less processes which can interfere with uninstalling the program.

Remove anything else (newly installed programs) you do not recognize.

The next place to check is your browser extensions and add-ons/plug-ins.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,140 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:12 PM

Posted 12 September 2014 - 09:55 PM

After doing the above...continue as follows:

Please download and use the following tools (in the order listed) which will search for and remove many potentially unwanted programs (PUPs), adware, toolbars, browser hijackers, extensions, add-ons and other junkware as well as related registry entries (values, keys) and remnants.

RKill created by Grinler (aka Lawrence Abrams), the site owner of BleepingComputer.
AdwCleaner created by Xplode.
Junkware Removal Tool created by thisisu.

1. Double-click on RKill to launch the tool. A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully. A log file will be created and saved to the root directory, C:\RKill.log. Copy and paste the contents of RKill.log in your next reply.

Important: Do not reboot your computer until you complete the next step.

2. Double-click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
-- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


Close all open programs and shut down any protection/security software to avoid potential conflicts.

3. Double-click on JRT.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log file named JRT.txt will automatically open and be saved to your Desktop.
  • Copy and paste the contents of JRT.txt in your next reply.
.
4. As a final step, rescan again with Malwarebytes Anti-Malware and post the log.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 PopSmith

PopSmith
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:12 AM

Posted 12 September 2014 - 10:53 PM

Thank you so much for the quick replies. As requested here are the logs:

 

Rkill 2.6.8 by Lawrence Abrams (Grinler)
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 09/12/2014 09:08:04 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * C:\Users\Ch0nG\Downloads\Thorcoin\Thorcoin-qt.exe (PID: 2596) [UP-HEUR]
 
1 proccess terminated!
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * Windows Defender Disabled
 
   [HKLM\SOFTWARE\Microsoft\Windows Defender]
   "DisableAntiSpyware" = dword:00000001
 
 * Windows Firewall Disabled
 
   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000
 
 * Reparse Point/Junctions Found (Most likely legitimate)!
 
     * C:\Windows\softwaredistribution => R:\Windows\softwaredistribution [Dir]
 
Checking Windows Service Integrity: 
 
 * Windows Firewall (MpsSvc) is not Running.
   Startup Type set to: Manual
 
 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Manual
 
 * Windows Firewall Authorization Driver (mpsdrv) is not Running.
   Startup Type set to: Manual
 
 * WMPNetworkSvc [Missing Service]
 * WSearch [Missing Service]
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * HOSTS file entries found: 
 
  127.0.0.1 pornhub.com
  127.0.0.1 spankwire.com
  127.0.0.1 www.pornhub.com
  127.0.0.1 www.spankwire.com
 
Program finished at: 09/12/2014 09:08:33 PM
Execution time: 0 hours(s), 0 minute(s), and 28 seconds(s)

 

# AdwCleaner v3.310 - Report created 12/09/2014 at 21:12:03
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Ch0nG - CH0NG-PC
# Running from : R:\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Found : C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17280
 
 
-\\ Google Chrome v38.0.2125.58
 
[ File : C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R1].txt - [899 octets] - [12/09/2014 21:12:03]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [958 octets] ##########
 
# AdwCleaner v3.310 - Report created 12/09/2014 at 21:14:30
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Ch0nG - CH0NG-PC
# Running from : R:\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Deleted : C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Deleted : C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17280
 
 
-\\ Google Chrome v38.0.2125.58
 
[ File : C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://whatismyipaddress.com/search-results?cx=partner-pub-2377419349862372%3At35o8u-g9e6&cof=FORID%3A9&ie=ISO-8859-1&q={searchTerms}&sa=Search
 
*************************
 
AdwCleaner[R1].txt - [1037 octets] - [12/09/2014 21:12:03]
AdwCleaner[S1].txt - [1351 octets] - [12/09/2014 21:14:30]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1411 octets] ##########

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Ch0nG on Fri 09/12/2014 at 21:23:56.73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 09/12/2014 at 21:30:51.40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 9/12/2014
Scan Time: 9:36:16 PM
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.09.12.09
Rootkit Database: v2014.09.12.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Ch0nG
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 340205
Time Elapsed: 10 min, 47 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#5 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,140 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:12 PM

Posted 13 September 2014 - 07:05 AM

Try doing an online scan to see if it finds anything else that the other scans may have missed.

Please perform a scan with Eset Online Anti-virus Scanner.
If using Mozilla Firefox, you will be prompted to download and use the ESET Smart Installer. Just double-click on esetsmartinstaller_enu.exe to install.
Vista/Windows 7/8 users need to run Internet Explorer/Firefox as Administrator.
To do this, right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run As Administrator from the context menu.

  • Click the green esetOnline.png button.
  • Read the End User License Agreement and check the box:
  • Check esetAcceptTerms.png.
  • Click the esetStart.png button.
  • Accept any security warnings from your browser and allow the download/installation of any require files.
  • Under scan settings, check esetScanArchives.png and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Click the Start button.
  • ESET will install itself, download virus signature database updates, and begin scanning your computer.
  • The scan can take some time to complete...close all programs and do NOT use the computer while the scan is running.
    If given the option (when threats are found), choose "Quarantine" instead of delete.
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop as ESETScan.txt.
  • Push the esetBack.png button, then Finish.
  • Copy and paste the contents of ESETScan.txt in your next reply. If no threats are found, there is no option to create a log.

-- Note: If you recognize any of the detections as legitimate programs, it's possible they are "false positives" and you can ignore them or get a second opinion if you're not sure. Eset's detection rate is high and can include legitimate files which it considers suspicious, a Risk Tool, Hacking Tool, Potentially Unwanted Program, a possible threat or even Malware (virus/trojan) when that is not always the case. Be careful what you choose to remove. If in doubt, ask before taking action.
 


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#6 PopSmith

PopSmith
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:10:12 AM

Posted 14 September 2014 - 04:16 PM

Thank you again for the help. It looks like the ESET scanner found a couple things, here is the log:

 

C:\Temp\JDSetup130478020974672909.exe a variant of Win32/InstallCore.LN potentially unwanted application deleted - quarantined
C:\Temp\JDSetup130506543732803805.exe a variant of Win32/InstallCore.LN potentially unwanted application deleted - quarantined
C:\Temp\is-158PK.tmp\FoxitInstaller_FXTV5_.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application deleted - quarantined
C:\Users\Ch0nG\AppData\Local\Google\Chrome\User Data\Default\File System\002\t\00\00000004 Win32/InstalleRex.M potentially unwanted application deleted - quarantined
C:\Users\Ch0nG\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\QAM8KG1X\JDownloaderSetup_CH[2].exe a variant of Win32/InstallCore.LN potentially unwanted application deleted - quarantined





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users