Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Toshiba Laptop Windows 8 Outdated Java Warning


  • Please log in to reply
15 replies to this topic

#1 passion4u

passion4u

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:10 PM

Posted 09 November 2014 - 07:18 AM

Hello everyone, I am new to this forum. I am reaching out because I am having trouble going on some websites. When I try to go to some websites (even this one) I get a pop up box with a fake message that states that my Java is outdated and it brings me to a  java update page when I click out of the pop up box. After that it automatically downloads something on its own and it kicks me out the original website I was trying to go to.

 

I hope this makes sense and I was wondering if someone can help me fix this problem. 



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,393 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:10 PM

Posted 09 November 2014 - 08:09 AM

Welcome to BC!

 

NEVER click on any such pop up as you did....NEVER.

 

First, scan with RKill Download (read what it does and doesn't do.) DO NOT reboot after just using RKill.

 

Download Malwarebytes' Anti-Malware from Here

Double-click mbam-setup-2.X.X.XXXX.exe to install the application (X's are the current version number).

  • Make sure a checkmark is placed next to Launch Malwarebytes' Anti-Malware, then click Finish.
  • Once MBAM opens, when it says Your databases are out of date, click the Fix Now button.
  • Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.
  • Click the Scan tab at the top of the program window, select Threat Scan and click the Scan Now button.
  • If you receive a message that updates are available, click the Update Now button (the update will be downloaded, installed, and the scan will start).
  • The scan may take some time to finish,so please be patient.
  • If potential threats are detected, ensure that Quarantine is selected as the Action for all the listed items, and click the Apply Actions button.
  • While still on the Scan tab, click the link for View detailed log, and in the window that opens click the Export button, select Text file (*.txt), and save the log to your Desktop.
  • The log is automatically saved by MBAM and can also be viewed by clicking the History tab and then selecting Application Logs.

POST THE LOG FOR REVIEW.

 

  • download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars...especially Yahoo.

CCleaner - PC Optimization and Cleaning - Free Download

 

 

Download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

ESET SCAN (this scan will take more than an hour...depending on computer resources and size of stored files it can take much longer. But

it is worth it...so plan accordingly)

  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 passion4u

passion4u
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:10 PM

Posted 09 November 2014 - 09:35 AM

Rkill Notepad:




Rkill 2.6.8 by Lawrence Abrams (Grinler)

http://www.bleepingcomputer.com/

Copyright 2008-2014 BleepingComputer.com

More Information about Rkill can be found at this link:

http://www.bleepingcomputer.com/forums/topic308364.html


Program started at: 11/09/2014 08:24:26 AM in x64 mode.

Windows Version: Windows 8.1


Checking for Windows services to stop:


* No malware services found to stop.


Checking for processes to terminate:


* No malware processes found to kill.


Checking Registry for malware related settings:


* No issues found in the Registry.


Resetting .EXE, .COM, & .BAT associations in the Windows Registry.


Performing miscellaneous checks:


* Windows Defender Disabled


  [HKLM\SOFTWARE\Microsoft\Windows Defender]

  "DisableAntiSpyware" = dword:00000001


* Reparse Point/Junctions Found (Most likely legitimate)!


    * C:\Windows\apppatch\spbin => C:\PROGRA~2\SearchProtect\SearchProtect\bin [Dir]


Checking Windows Service Integrity:


* MsKeyboardFilter [Missing Service]

* CSC [Missing Service]

* E1G60 [Missing Service]

* kbldfltr [Missing Service]

* storvsp [Missing Service]

* Vid [Missing Service]

* vmbusr [Missing Service]

* vpcivsp [Missing Service]


Searching for Missing Digital Signatures:


* No issues found.


Checking HOSTS File:


* No issues found.


Program finished at: 11/09/2014 08:27:49 AM

Execution time: 0 hours(s), 3 minute(s), and 23 seconds(s)






------------------------------------------------------------------------------------


Malware Log:


Malwarebytes Anti-Malware

www.malwarebytes.org


Scan Date: 11/9/2014

Scan Time: 8:30:08 AM

Logfile: Malware log.txt

Administrator: Yes


Version: 2.00.3.1025

Malware Database: v2014.11.09.04

Rootkit Database: v2014.11.08.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled


OS: Windows 8.1

CPU: x64

File System: NTFS

User: AVowToMyself


Scan Type: Threat Scan

Result: Completed

Objects Scanned: 361506

Time Elapsed: 31 min, 26 sec


Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled


Processes: 0

(No malicious items detected)


Modules: 0

(No malicious items detected)


Registry Keys: 11

PUP.Optional.WeCare.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}, Quarantined, [ceeae65394e8bc7ac3d2a248c24023dd],

PUP.Optional.SearchProtect.A, HKU\S-1-5-21-4122188252-2628717371-3389576471-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, Quarantined, [b0085adf6d0f1e18798edad8748e57a9],

PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}, Quarantined, [dade0633196369cd29ee743029db1ce4],

PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\INSTALLEDSDB\{cf2797aa-b7ec-e311-8ed9-005056c00008}, Quarantined, [d0e8ee4b96e676c0a373594b4cb8da26],

PUP.Optional.GorillaPrice.A, HKLM\SOFTWARE\WOW6432NODE\GorillaPrice, Quarantined, [3d7baf8aff7dc373f9bd3033f0132fd1],

PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT, Quarantined, [2a8e72c79edee056aed997af7f841ae6],

PUP.Optional.ConduitSearchProtect, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CltMngSvc, Quarantined, [902843f6512b7eb8c9311a6219eb37c9],

PUP.Optional.WeCare, HKU\S-1-5-21-4122188252-2628717371-3389576471-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\wecarereminder, Quarantined, [605854e5e09c91a511da310e4eb59c64],

PUP.Optional.InstallCore.A, HKU\S-1-5-21-4122188252-2628717371-3389576471-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [ffb9e35685f70f2729861950b54ed828],

PUP.Optional.InstallCore.A, HKU\S-1-5-21-4122188252-2628717371-3389576471-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [9a1e02376c10c670ecff3f4007fdfe02],

PUP.Optional.CouponFactor.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{37476589-E48E-439E-A706-56189E2ED4C4}_is1, Quarantined, [496fac8d0874270fffb8c36543c07888],


Registry Values: 2

PUP.Optional.SearchProtect.A, HKLM\SOFTWARE\WOW6432NODE\SEARCHPROTECT|InstallDir, C:\PROGRA~2\SearchProtect, Quarantined, [2a8e72c79edee056aed997af7f841ae6]

PUP.Optional.InstallCore.A, HKU\S-1-5-21-4122188252-2628717371-3389576471-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0I1N1D1B0L1K1N1O1T0V, Quarantined, [9a1e02376c10c670ecff3f4007fdfe02]


Registry Data: 3

PUP.Optional.Speedial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://speedial.com/?f=1&a=spd_frg_14_21_ie&cd=2XzuyEtN2Y1L1QzuyCyEyD0AtDyEzzzyyCyCtCyE0C0BtB0DtN0D0Tzu0SzzyBtDtN1L2XzutBtFtBtDtFtCtAtFtCtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDyE0ByD0A0B0DtAtG0A0DzytAtG0EtB0EtBtG0C0EyD0AtGtBtC0EyB0DyCtC0AyBtCzztC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByBzytD0C0EzyzztGzztByE0DtG0EtA0F0EtGtCyCyD0FtGyEtA0E0C0CzytD0EyD0Fzz0F2Q&cr=1937357342&ir=, Good: (www.google.com), Bad: (http://speedial.com/?f=1&a=spd_frg_14_21_ie&cd=2XzuyEtN2Y1L1QzuyCyEyD0AtDyEzzzyyCyCtCyE0C0BtB0DtN0D0Tzu0SzzyBtDtN1L2XzutBtFtBtDtFtCtAtFtCtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDyE0ByD0A0B0DtAtG0A0DzytAtG0EtB0EtBtG0C0EyD0AtGtBtC0EyB0DyCtC0AyBtCzztC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByBzytD0C0EzyzztGzztByE0DtG0EtA0F0EtGtCyCyD0FtGyEtA0E0C0CzytD0EyD0Fzz0F2Q&cr=1937357342&ir=),Replaced,[a51368d1354790a67be388ae749145bb]

PUP.Optional.Speedial.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://speedial.com/?f=1&a=spd_frg_14_21_ie&cd=2XzuyEtN2Y1L1QzuyCyEyD0AtDyEzzzyyCyCtCyE0C0BtB0DtN0D0Tzu0SzzyBtDtN1L2XzutBtFtBtDtFtCtAtFtCtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDyE0ByD0A0B0DtAtG0A0DzytAtG0EtB0EtBtG0C0EyD0AtGtBtC0EyB0DyCtC0AyBtCzztC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByBzytD0C0EzyzztGzztByE0DtG0EtA0F0EtGtCyCyD0FtGyEtA0E0C0CzytD0EyD0Fzz0F2Q&cr=1937357342&ir=, Good: (www.google.com), Bad: (http://speedial.com/?f=1&a=spd_frg_14_21_ie&cd=2XzuyEtN2Y1L1QzuyCyEyD0AtDyEzzzyyCyCtCyE0C0BtB0DtN0D0Tzu0SzzyBtDtN1L2XzutBtFtBtDtFtCtAtFtCtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDyE0ByD0A0B0DtAtG0A0DzytAtG0EtB0EtBtG0C0EyD0AtGtBtC0EyB0DyCtC0AyBtCzztC2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyByBzytD0C0EzyzztGzztByE0DtG0EtA0F0EtGtCyCyD0FtGyEtA0E0C0CzytD0EyD0Fzz0F2Q&cr=1937357342&ir=),Replaced,[c6f2f04985f72d09a1bdc472a65ff808]

PUP.Optional.Trovi.A, HKU\S-1-5-21-4122188252-2628717371-3389576471-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://www.trovi.com/?gd=&ctid=CT3320418&octid=EB_ORIGINAL_CTID&ISID=MC27476F8-DE37-4E2E-8029-EE3518B42FAB&SearchSource=55&CUI=&UM=5&UP=SP2DD05E08-772A-477A-AB46-6A5C074C3FA6&SSPV=, Good: (www.google.com), Bad: (http://www.trovi.com/?gd=&ctid=CT3320418&octid=EB_ORIGINAL_CTID&ISID=MC27476F8-DE37-4E2E-8029-EE3518B42FAB&SearchSource=55&CUI=&UM=5&UP=SP2DD05E08-772A-477A-AB46-6A5C074C3FA6&SSPV=),Replaced,[4276ec4d5b211a1c9958b97c3acbc33d]


Folders: 26

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\bin, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\bin, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\SearchProtect\rep, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\bin, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\rep, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Users\AVowToMyself\AppData\Local\SearchProtect, Quarantined, [0cac09303d3f280e6900c94b35ce867a],

PUP.Optional.SearchProtect.A, C:\Users\AVowToMyself\AppData\Local\SearchProtect\SearchProtect, Quarantined, [0cac09303d3f280e6900c94b35ce867a],

PUP.Optional.SearchProtect.A, C:\Users\AVowToMyself\AppData\Local\SearchProtect\SearchProtect\rep, Quarantined, [0cac09303d3f280e6900c94b35ce867a],

PUP.Optional.SearchProtect.A, C:\Users\AVowToMyself\AppData\Local\SearchProtect\SearchProtect\STG, Quarantined, [0cac09303d3f280e6900c94b35ce867a],

PUP.Optional.SearchProtect.A, C:\Users\AVowToMyself\AppData\Local\SearchProtect\UI, Quarantined, [0cac09303d3f280e6900c94b35ce867a],

PUP.Optional.SearchProtect.A, C:\Users\AVowToMyself\AppData\Local\SearchProtect\UI\rep, Quarantined, [0cac09303d3f280e6900c94b35ce867a],

PUP.Optional.Extutil.A, C:\Users\AVowToMyself\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, Quarantined, [7147f54491ebaa8c4a7158bec3406799],

PUP.Optional.Managera.A, C:\Users\AVowToMyself\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, Quarantined, [f2c6c475275566d0b606de38fa099c64],

PUP.Optional.CouponFactor.A, C:\ProgramData\CouponFactor, Quarantined, [496fac8d0874270fffb8c36543c07888],


Files: 88

PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe, Quarantined, [35836ccdacd08ea8a5b68db345bcab55],

PUP.Optional.OptimizerPro, C:\Program Files (x86)\Optimizer Pro\OptProSchedule.exe, Quarantined, [447481b888f442f4a0bc2917fc05a759],

PUP.Optional.Conduit.A, C:\Users\AVowToMyself\AppData\Local\Temp\nspFC67.exe, Quarantined, [bdfbbe7bbcc0b77fc025fc9ef60b13ed],

PUP.Optional.Conduit.A, C:\Users\AVowToMyself\AppData\Local\Temp\nss35E8.exe, Quarantined, [ae0aff3a35479f97f8ed52483fc2f50b],

PUP.Optional.Conduit.A, C:\Windows\Temp\nsa5117.exe, Quarantined, [d6e2ad8c82fabd79e005683237ca09f7],

PUP.Optional.Conduit.A, C:\Windows\Temp\nsb446E.exe, Quarantined, [d0e885b488f4ad8985607129e819837d],

PUP.Optional.Conduit.A, C:\Windows\Temp\nsfFBC7.exe, Quarantined, [378152e76e0e3bfb7d686535a35e44bc],

PUP.Optional.Conduit.A, C:\Windows\Temp\nsg3E01.exe, Quarantined, [d9dff049bebeb77f6085adedfa07817f],

PUP.Optional.Conduit.A, C:\Windows\Temp\nsgF942.exe, Quarantined, [9d1b3dfccdaf1a1cffe64f4b03fe40c0],

PUP.Optional.Conduit.A, C:\Windows\Temp\nsm2D40.exe, Quarantined, [338567d2de9e80b68164a2f810f103fd],

PUP.Optional.Conduit.A, C:\Windows\Temp\nsm66A.exe, Quarantined, [81371326304ca59118cd9efc11f02bd5],

PUP.Optional.Conduit.A, C:\Windows\Temp\nst11CA.exe, Quarantined, [378126130d6fe353db0a4b4f50b12ed2],

PUP.Optional.Conduit.A, C:\Windows\Temp\nsu5ED.exe, Quarantined, [eace1e1b6c10a294edf853471de49a66],

PUP.Optional.Conduit.A, C:\Windows\Temp\nsvE331.exe, Quarantined, [65532415f983a2949d48237727dab947],

PUP.Optional.Conduit.A, C:\Windows\Temp\nsvF095.exe, Quarantined, [2d8be158f587e650a93c77237c850af6],

PUP.Optional.Conduit.A, C:\Windows\Temp\nsx55B8.exe, Quarantined, [92261b1ec6b6bb7b39acacee19e88e72],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\EULA.txt, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\Main\rep\SystemRepository.dat, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings.html, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\style.css, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-selected.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-default.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-onclick.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Apply-Rollover.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-uninstall.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg-with-logo.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bg.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgNotif.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettings.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgSettingsDS.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\bgUninstall.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnBlue.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnClose.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\btnSilver.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\button-bg.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_checked.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\checkbox_def.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-def.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\close-win-over-click.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\gray-bg.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez-def.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\hez.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\icon-win.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\info-icon.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-rollover.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\menu-selected.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-def.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button-selected.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\radio-button2.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\Settings-icon.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\text-field.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\v.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\Images\x.png, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\defaults.js, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\dialogUtils.js, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\jquery.1.7.1.min.js, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\json2.min.js, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\main.js, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\libs\SPDialogAPI.js, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\defaults.js, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.css, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.html, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protection\protection.js, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\defaults.js, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.css, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.html, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\protectionDS\protectionDS.js, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\defaults.js, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.css, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.html, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\settings\settings.js, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\defaults.js, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.css, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.html, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect.A, C:\Program Files (x86)\SearchProtect\UI\dialogs\uninstall\uninstall.js, Quarantined, [18a03405ec90cb6bffee13766d97fc04],

PUP.Optional.SearchProtect, C:\Windows\apppatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb, Quarantined, [c5f387b21b612e0866b43c6832d240c0],

PUP.Optional.SearchProtect.A, C:\Users\AVowToMyself\AppData\Local\SearchProtect\SearchProtect\rep\Cvc.dat, Quarantined, [0cac09303d3f280e6900c94b35ce867a],

PUP.Optional.SearchProtect.A, C:\Users\AVowToMyself\AppData\Local\SearchProtect\SearchProtect\rep\UserRepository.dat, Quarantined, [0cac09303d3f280e6900c94b35ce867a],

PUP.Optional.SearchProtect.A, C:\Users\AVowToMyself\AppData\Local\SearchProtect\SearchProtect\rep\UserSettings.dat, Quarantined, [0cac09303d3f280e6900c94b35ce867a],

PUP.Optional.SearchProtect.A, C:\Users\AVowToMyself\AppData\Local\SearchProtect\UI\rep\UIRepository.dat, Quarantined, [0cac09303d3f280e6900c94b35ce867a],

PUP.Optional.Extutil.A, C:\Users\AVowToMyself\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js, Quarantined, [7147f54491ebaa8c4a7158bec3406799],

PUP.Optional.Extutil.A, C:\Users\AVowToMyself\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js, Quarantined, [7147f54491ebaa8c4a7158bec3406799],

PUP.Optional.Extutil.A, C:\Users\AVowToMyself\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json, Quarantined, [7147f54491ebaa8c4a7158bec3406799],

PUP.Optional.Managera.A, C:\Users\AVowToMyself\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js, Quarantined, [f2c6c475275566d0b606de38fa099c64],

PUP.Optional.Managera.A, C:\Users\AVowToMyself\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json, Quarantined, [f2c6c475275566d0b606de38fa099c64],

PUP.Optional.CouponFactor.A, C:\ProgramData\CouponFactor\CouponFactor.exe, Quarantined, [496fac8d0874270fffb8c36543c07888],


Physical Sectors: 0

(No malicious items detected)



(end)



 



#4 passion4u

passion4u
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:10 PM

Posted 09 November 2014 - 09:46 AM

# AdwCleaner v4.100 - Report created 09/11/2014 at 09:41:07
# DB v2014-11-07.1
# Updated 08/11/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : AVowToMyself - OFFICE
# Running from : C:\Users\AVowToMyself\Downloads\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
[#] Service Deleted : 70e6ca8c
[#] Service Deleted : CltMngSvc
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\tperFectcoUpon
Folder Deleted : C:\ProgramData\e44844015beeae78
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Folder Deleted : C:\Program Files (x86)\Optimizer Pro
Folder Deleted : C:\Program Files (x86)\tperFectcoUpon
Folder Deleted : C:\Users\AVowToMyself\AppData\Roaming\Optimizer Pro
Folder Deleted : C:\Users\AVowToMyself\Documents\Optimizer Pro
File Deleted : C:\Users\AVowToMyself\Desktop\Optimizer Pro.lnk
File Deleted : C:\Users\AVowToMyself\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\AVowToMyself\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [fastclean]
Key Deleted : HKLM\SOFTWARE\Classes\tperfectccoupaon.tperfectccoupaon
Key Deleted : HKLM\SOFTWARE\Classes\tperfectccoupaon.tperfectccoupaon.1.3
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5B796A18-DE77-2CC1-967A-A26C64964AE8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5B796A18-DE77-2CC1-967A-A26C64964AE8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5B796A18-DE77-2CC1-967A-A26C64964AE8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5B796A18-DE77-2CC1-967A-A26C64964AE8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5B796A18-DE77-2CC1-967A-A26C64964AE8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\optimi~1\optpro~1.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.ask.com
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17344
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Secondary Start Pages]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Secondary_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Secondary Start Pages]
 
-\\ Google Chrome v35.0.1916.153
 
[C:\Users\AVowToMyself\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
[C:\Users\AVowToMyself\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : flpcjncodpafbgdpnkljologafpionhb
[C:\Users\AVowToMyself\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : mkfokfffehpeedafpekjeddnmnjhmcmk
 
*************************
 
AdwCleaner[R0].txt - [5776 octets] - [09/11/2014 09:36:38]
AdwCleaner[R1].txt - [5777 octets] - [09/11/2014 09:37:41]
AdwCleaner[S0].txt - [5463 octets] - [09/11/2014 09:41:07]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5523 octets] ##########


#5 passion4u

passion4u
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:10 PM

Posted 09 November 2014 - 09:52 AM

Thank you for your support with this so far. I just downloaded CCleaner. Do I just go to the cleaner tab and then click run cleaner? The system already has certain boxes under the windows tab and application tab checked off.



#6 passion4u

passion4u
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:10 PM

Posted 09 November 2014 - 10:30 AM

I completed the CCleaner Scan and Below are the notes for the JRT:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.7 (11.08.2014:1)
OS: Windows 8.1 x64
Ran by AVowToMyself on Sun 11/09/2014 at 10:17:59.86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\AVowToMyself\appdata\local\free youtube downloader"
Successfully deleted: [Folder] "C:\Program Files (x86)\free youtube downloader"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 11/09/2014 at 10:27:48.35
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#7 buddy215

buddy215

  • Moderator
  • 13,393 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:10 PM

Posted 09 November 2014 - 11:02 AM

Using CCleaner's default settings is okay.

If you downloaded CCleaner after running the AdwCleaner program, then when Eset finishes rerun AdwCleaner and JRT.

 

After Eset finishes its scan Open CCleaner and click on Tools and then click on Uninstall. At the bottom right of that page you

will see a button when clicked will allow you to copy and paste the list of programs installed on your computer back here. Please

post that list.

 

I see in MBAM's log that it did not scan for rootkits. Please change the settings for MBAM to allow it to do that and rescan.

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Disabled ( per instructions.. Click the Settings tab at the top, and then in the left column, select Detections and Protections, and if not already checked place a checkmark in the selection box for Scan for rootkits.)

Heuristics: Enabled

PUP: Enabled

PUM: Enabled


Edited by buddy215, 09 November 2014 - 11:10 AM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#8 passion4u

passion4u
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:10 PM

Posted 09 November 2014 - 06:31 PM

ESET Scan:
 
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptimizerPro.exe.vir Win32/SpeedingUpMyPC.O application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProCrashSvc.dll.vir a variant of Win32/SProtector.F potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll.vir a variant of Win64/SProtector.A potentially unwanted application deleted - quarantined
C:\Users\AVowToMyself\Downloads\FileZilla_3.8.0_win32-setup.exe a variant of Win32/InstallCore.OK potentially unwanted application deleted - quarantined
C:\Users\AVowToMyself\Downloads\Gorilla_Uninstaller_Download_File (1).exe a variant of Win32/AdWare.GorillaPrice.C application cleaned by deleting - quarantined
C:\Users\AVowToMyself\Downloads\Gorilla_Uninstaller_Download_File.exe a variant of Win32/AdWare.GorillaPrice.C application cleaned by deleting - quarantined


#9 passion4u

passion4u
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:10 PM

Posted 09 November 2014 - 06:34 PM

Adobe Reader XI (11.0.09) Adobe Systems Incorporated 11/9/2014 184 MB 11.0.09
AMD Catalyst Install Manager Advanced Micro Devices, Inc. 9/21/2013 26.0 MB 8.0.915.0
AMD Quick Stream AppEx Networks 9/21/2013 9.70 MB 3.4.4.2
Apple Application Support Apple Inc. 8/25/2014 96.1 MB 3.0.6
Apple Mobile Device Support Apple Inc. 8/25/2014 22.7 MB 7.1.2.6
Apple Software Update Apple Inc. 8/25/2014 2.38 MB 2.1.3.127
AVG 2014 AVG Technologies 9/2/2014 2014.0.4765
Bonjour Apple Inc. 8/25/2014 2.00 MB 3.0.0.10
CCleaner Piriform 11/9/2014 4.19
Cisco EAP-FAST Module Cisco Systems, Inc. 9/21/2013 1.53 MB 2.2.14
Cisco LEAP Module Cisco Systems, Inc. 9/21/2013 632 KB 1.0.19
Cisco PEAP Module Cisco Systems, Inc. 9/21/2013 1.22 MB 1.1.6
DTS Sound DTS, Inc. 9/21/2013 4.09 MB 1.01.2700
ESET Online Scanner v3 11/9/2014
FileZilla Client 3.8.0 Tim Kosse 5/19/2014 17.8 MB 3.8.0
Free YouTube Downloader 4.0.283 HOW Inc. 8/25/2014 60.8 MB
Google Chrome Google Inc. 6/13/2014 35.0.1916.153
Google Drive Google, Inc. 6/18/2014 36.6 MB 1.16.6866.4367
Google Talk Plugin Google 6/9/2014 13.2 MB 5.4.2.18903
iTunes Apple Inc. 8/25/2014 220 MB 11.3.1.2
Malwarebytes Anti-Malware version 2.0.3.1025 Malwarebytes Corporation 11/9/2014 56.7 MB 2.0.3.1025
McAfee Security Scan Plus McAfee, Inc. 11/9/2014 10.2 MB 3.0.285.6
Microsoft Silverlight Microsoft Corporation 7/27/2014 100 MB 5.1.30514.0
Microsoft SkyDrive Microsoft Corporation 3/2/2014 25.1 MB 16.4.6013.0910
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 6/24/2014 13.2 MB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 6/24/2014 10.1 MB 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 Microsoft Corporation 7/21/2014 13.7 MB 10.0.30319
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 Microsoft Corporation 7/21/2014 9.90 MB 10.0.30319
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 Microsoft Corporation 9/21/2013 20.4 MB 11.0.50727.1
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 Microsoft Corporation 9/21/2013 17.3 MB 11.0.50727.1
Microsoft XNA Framework Redistributable 4.0 Microsoft Corporation 9/12/2013 9.44 MB 4.0.20823.0
Norton Anti-Theft Symantec Corporation 3/4/2014 1.10.0.9
Norton Internet Security Symantec Corporation 3/1/2014 21.6.0.32
OpenOffice 4.1.0 Apache Software Foundation 6/24/2014 331 MB 4.10.9764
PlayReady PC Runtime amd64 Microsoft Corporation 9/21/2013 2.05 MB 1.3.0
Realtek Card Reader Realtek Semiconductor Corp. 9/21/2013 6.2.9200.39052
Realtek Ethernet Controller Driver Realtek 9/21/2013 8.18.621.2013
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 9/21/2013 6.0.1.7023
REALTEK Wireless LAN Driver REALTEK Semiconductor Corp. 9/21/2013 1.83 MB 2.00.0002
Synaptics Pointing Device Driver Synaptics Incorporated 10/24/2014 46.4 MB 17.0.10.51
Toshiba App Place Toshiba 9/21/2013 538 KB 1.0.6.3
TOSHIBA Application Installer Toshiba Corporation 9/12/2013 3.77 MB 9.0.2.4
TOSHIBA Audio Enhancement Toshiba Corporation 9/21/2013 1.81 MB 2.0.17.0
Toshiba Book Place K-NFB Reading Technology, Inc. 9/21/2013 97.5 MB 3.3.9661
TOSHIBA eco Utility Toshiba Corporation 9/21/2013 24.6 MB 2.2.0.6404
TOSHIBA Function Key Toshiba Corporation 9/21/2013 37.5 MB 1.1.0001.6403
TOSHIBA Password Utility Toshiba Corporation 9/21/2013 3.36 MB v2.1.0.14
TOSHIBA Quality Application TOSHIBA 9/21/2013 1.0.9.3
TOSHIBA Recovery Media Creator Toshiba Corporation 9/12/2013 3.1.02.55065006
TOSHIBA Service Station Toshiba Corporation 9/21/2013 2.88 MB 2.6.8
TOSHIBA Start TOSHIBA America Information Systems, Inc 9/21/2013 1.00.02
TOSHIBA System Driver Toshiba Corporation 9/21/2013 5.68 MB 1.00.0030
TOSHIBA System Settings Toshiba Corporation 9/21/2013 4.02 MB 1.1.2.32001
TOSHIBA User's Guide TOSHIBA 9/21/2013 1.00.02
TOSHIBA VIDEO PLAYER Toshiba Corporation 9/21/2013 46.7 MB 5.3.27.102
TOSHIBARegistration TOSHIBA 9/12/2013 1.1.6
Visual Studio 2012 x64 Redistributables AVG Technologies 8/10/2014 12.9 MB 14.0.0.1
Visual Studio 2012 x86 Redistributables AVG Technologies CZ, s.r.o. 8/10/2014 10.5 MB 14.0.0.1
WildTangent Games WildTangent 9/12/2013 1.0.4.0
WW4U USB Platform 1.0 Wellworks For You 10/7/2014 2.49 MB 1.0


#10 buddy215

buddy215

  • Moderator
  • 13,393 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:10 PM

Posted 09 November 2014 - 07:04 PM

Uninstall Free YouTube Downloader 4.0.283 HOW Inc. 8/25/2014 60.8 MB

Uninstall McAfee Security Scan Plus McAfee, Inc. 11/9/2014 10.2 MB 3.0.285.6

Uninstall either Norton Internet Security or AVG...bad idea to have more than one antivirus installed...

Uninstall both Visual studio unless you actually use it.

Visual Studio 2012 x64 Redistributables AVG Technologies 8/10/2014 12.9 MB 14.0.0.1
Visual Studio 2012 x86 Redistributables AVG Technologies CZ, s.r.o. 8/10/2014 10.5 MB 14.0.0.1
Uninstall unless you actually play those games WildTangent Games WildTangent 9/12/2013 1.0.4.0
 
 
Nothing malicious has been found....just a ton of adware. Almost all freeware comes piggybacked with adware.
Suggest you run MBAM and AdwCleaner after any install of freeware and choose custom install or uncheck offers of toolbars, etc.
 
How is the computer doing...still getting a popup for Java?
 
Let me know if MBAM finds a rootkit or other malware during the scan.
 
Open CCleaner and click on Tools and then choose Startups. At the top of that page you will see a series of buttons. Click on the Tasks button. Then click on
the button that allows you to copy and paste that lists of tasks in your next reply.

Edited by buddy215, 09 November 2014 - 07:05 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#11 passion4u

passion4u
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:10 PM

Posted 09 November 2014 - 08:11 PM

Hello,

 

I re-scanned MBAM and included Roolkits. Nothing was found.

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 11/9/2014
Scan Time: 7:38:44 PM
Logfile: MBAM 2.txt
Administrator: Yes
 
Version: 2.00.3.1025
Malware Database: v2014.11.09.08
Rootkit Database: v2014.11.08.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: AVowToMyself
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 356616
Time Elapsed: 28 min, 31 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


#12 passion4u

passion4u
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:10 PM

Posted 09 November 2014 - 08:24 PM

Yes Task 0614tUpdateInfo AVG Technologies C:\ProgramData\Avg_Update_0614t\0614t_AVG-Secure-Search-Update.exe /SETINFO /CMPID=0614t /INFORETRY=3
Yes Task CCleanerSkipUAC Piriform Ltd "C:\Program Files\CCleaner\CCleaner.exe" $(Arg0)
Yes Task GoogleUpdateTaskMachineCore Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskMachineUA Google Inc. C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
Yes Task GoogleUpdateTaskUserS-1-5-21-4122188252-2628717371-3389576471-1001Core Google Inc. C:\Users\AVowToMyself\AppData\Local\Google\Update\GoogleUpdate.exe /c
Yes Task GoogleUpdateTaskUserS-1-5-21-4122188252-2628717371-3389576471-1001UA Google Inc. C:\Users\AVowToMyself\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
No Task Optimize Start Menu Cache Files-S-1-5-21-4122188252-2628717371-3389576471-1001


#13 passion4u

passion4u
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:10 PM

Posted 09 November 2014 - 08:27 PM

Everything is so much faster. I was never able to navigate this fast on my computer so I am loving the new speed.

 

Unfortunately, I am still getting the java messages on some websites.

 

Thank you a lot for everything so far though. It's greatly appreciated.



#14 buddy215

buddy215

  • Moderator
  • 13,393 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:07:10 PM

Posted 09 November 2014 - 09:38 PM

You are welcome...

 

Disable all of the tasks. I see one is already disabled...says No..Optimize Start Menu...

 

Since this popup is showing up in Chrome, try resetting Chrome.

Google Chrome gives you the option to reset your browser settings in one easy click. In some cases, programs that you install can change your Chrome settings without your knowledge. You may see additional extensions and toolbars or a different search engine. Resetting your browser settings will reset the unwanted changes caused by installing other programs. However, your saved bookmarks and passwords will not be cleared or changed.

Reset your browser settings
  1. In the top-right corner of the browser window, click the Chrome menu
  2. Select Settings.
  3. At the bottom, click Show advanced settings.
  4. Under the section "Reset settings,” click Reset settings.
  5. In the dialog that appears, click Reset.

 

 

If disabling the Tasks and resetting Chrome doesn't stop the pop up, it will require use of tools and expertise to find it that

are not allowed in this forum.

 

Start a new topic after creating a DDS log by following instruction #6 found here: Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help - Virus, Trojan, Spyware, and Malware Removal Logs

 

Post the DDS log along with a description of the problem in the Virus, Trojan, Spyware, and Malware Removal Logs Forum - BleepingComputer.com

 

Do not bump your topic once it is posted. Wait for a response. It could be a few days.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#15 passion4u

passion4u
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:08:10 PM

Posted 10 November 2014 - 05:38 AM

Resetting chrome helped. That problem is no longer happening. Thanks again!






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users