Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Slow browser, after virus clean up....


  • Please log in to reply
16 replies to this topic

#1 Bakersfieldboy

Bakersfieldboy

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:10 AM

Posted 18 December 2014 - 12:01 AM

 Hi,i wish i just came here frist, but i went to my old ways

thinking "i could fix it". so after Mailwarebytes,and a eset online. no more virus problem that i can see

eset found 4 after malwerebytes clean them...  My browser seems to not load webpages all the way like if i goto bleeping computer just half of the page

loads. i thought i would reinstall internet explorer 8 but when i went to updates there was nothen ther to uninstall ???

 

 

Hers the log, along with Junkware Removal Tool.  sry for not keeping any other logs

i hope this hepls...

 

 

 

 

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12/16/2014
Scan Time: 4:06:27 PM
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.11.20.06
Rootkit Database: v2014.11.18.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7
CPU: x86
File System: NTFS
User: witt

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 291413
Time Elapsed: 11 min, 38 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 2
PUP.Optional.GorillaPrice, C:\Program Files\gorillaprice\gorillaprice.exe, 908, Delete-on-Reboot, [ea1cbc82512b181e7dfda367bd4631cf]
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\privoxy.exe, 3048, Delete-on-Reboot, [7a8c92ac82fac175a3105cbef2119d63]

Modules: 1
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\mgwz.dll, Delete-on-Reboot, [7a8c92ac82fac175a3105cbef2119d63],

Registry Keys: 22
PUP.Optional.Somoto, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\System Update kb70007, Quarantined, [4fb78eb0225a38fe09ae1485a65b7987],
PUP.Optional.Highlightly, HKLM\SOFTWARE\CLASSES\CLSID\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}, Quarantined, [ca3c5ee02d4faa8cd980f9c728dac53b],
PUP.Optional.Highlightly, HKLM\SOFTWARE\CLASSES\TYPELIB\{EA3802D2-C00A-4478-9319-34075A31C28F}, Quarantined, [ca3c5ee02d4faa8cd980f9c728dac53b],
PUP.Optional.Highlightly, HKLM\SOFTWARE\CLASSES\INTERFACE\{483F56D2-1D67-44A5-A4C5-67DBB724F7A0}, Quarantined, [ca3c5ee02d4faa8cd980f9c728dac53b],
PUP.Optional.Highlightly, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}, Quarantined, [ca3c5ee02d4faa8cd980f9c728dac53b],
PUP.Optional.Highlightly, HKU\S-1-5-21-1955957569-898239701-246926440-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}, Quarantined, [ca3c5ee02d4faa8cd980f9c728dac53b],
PUP.Optional.Highlightly, HKU\S-1-5-21-1955957569-898239701-246926440-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}, Quarantined, [ca3c5ee02d4faa8cd980f9c728dac53b],
PUP.Optional.Highlightly, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{83F2328D-0D6A-42B4-B0C4-02A929EDD4BE}, Quarantined, [ca3c5ee02d4faa8cd980f9c728dac53b],
PUP.Optional.GorillaPrice.A, HKLM\SOFTWARE\GorillaPrice, Quarantined, [b3532816710b0531f81395db3cc7a25e],
PUP.Optional.Highlightly, HKLM\SOFTWARE\Highlightly, Quarantined, [23e3ef4ff78556e010b36d342fd5a45c],
PUP.Optional.GorillaPrice, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\gorillaprice, Quarantined, [ad593c02bac2f93d9c91571fb44fbb45],
PUP.Optional.Highlightly, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\HIGHLIGHTLY, Quarantined, [45c1d6682f4d44f27d476140fc084eb2],
PUP.Optional.GorillaPrice, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\GorillaPrice, Quarantined, [8c7a3a04aece3ef81715a6d0fb08f010],
PUP.Optional.ReMarkit.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Re_markit, Quarantined, [31d52717b9c382b45a08162ae81b669a],
PUP.Optional.VideoHigh.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\video-high, Quarantined, [51b5da64e09cc175edcb5f0b39ca9769],
Malware.Trace, HKU\S-1-5-21-1955957569-898239701-246926440-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DC3_FEXEC, Quarantined, [80865ee01468b77fffdd41d7f4101be5],
PUP.Optional.GorillaPrice.A, HKU\S-1-5-21-1955957569-898239701-246926440-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GorillaPrice, Quarantined, [ab5baa941f5d70c65cae3739a65dc53b],
PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-1955957569-898239701-246926440-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\TidyNetwork, Quarantined, [ab5baa94007cd462698d93d6e61d43bd],
PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-1955957569-898239701-246926440-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\TidyNetwork, Quarantined, [f511f24c4537a492c4953737de25b947],
PUP.Optional.SevereWeatherAlerts.A, HKU\S-1-5-21-1955957569-898239701-246926440-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\SevereWeatherAlerts.exe, Quarantined, [040218260379f0461810188ce81c619f],
PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-1955957569-898239701-246926440-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLAPLUGINS\@tnt2npapi.com/Plugin, Quarantined, [6b9b71cd6e0edc5ae369611493708a76],
PUP.Optional.TidyNetwork.A, HKU\S-1-5-21-1955957569-898239701-246926440-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{3E39FD5A-41BA-495C-B55F-F224DA462DB9}, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],

Registry Values: 6
Backdoor.HMCPol.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|HKLM, C:\Users\witt\AppData\Roaming\windushrd\hsresets.exe, Quarantined, [57af6ed0b4c82e08c0e19d816b99ea16]
Backdoor.HMCPol.Gen, HKU\S-1-5-21-1955957569-898239701-246926440-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|HKCU, C:\Users\witt\AppData\Roaming\windushrd\hsresets.exe, Quarantined, [57af6ed0b4c82e08c0e19d816b99ea16]
PUP.Optional.Highlightly, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\HIGHLIGHTLY|UninstallString, C:\Program Files\Highlightly\Uninstall.exe, Quarantined, [45c1d6682f4d44f27d476140fc084eb2]
PUM.Bad.Proxy, HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, http=127.0.0.1:8118;https=127.0.0.1:8118, Quarantined, [fe083c02304c51e590ed4307c34036ca]
PUM.Bad.Proxy, HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, http=127.0.0.1:8118;https=127.0.0.1:8118, Quarantined, [66a0c777bac2290deb92d07a847f5da3]
Trojan.Agent.AI, HKU\S-1-5-21-1955957569-898239701-246926440-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNONCE|6s5r5k7244n2, C:\Users\witt\6s5r5k7244n2\15997.vbs, Quarantined, [c24499a5255720166be34505f50e47b9]

Registry Data: 1
PUP.Optional.SimplyTech.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|newtab, %appdata%\SimplyTech\home\home.htm, Good: (www.google.com), Bad: (%appdata%\SimplyTech\home\home.htm),Replaced,[07ff142a59235cda86da62e232d37987]

Folders: 22
PUP.Optional.OffersWizard.A, C:\Program Files\Common Files\Config, Quarantined, [05019ca27a02d363de5674db966d34cc],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs, Quarantined, [e224d569275580b67514ce79a064af51],
PUP.Optional.GorillaPrice, C:\Program Files\gorillaprice, Delete-on-Reboot, [ea1cbc82512b181e7dfda367bd4631cf],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\Common, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\Profiles, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\Profiles\10859, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2, Quarantined, [d92d6cd247353bfbabdc91799172e41c],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\2.0.0.1812, Quarantined, [d92d6cd247353bfbabdc91799172e41c],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\Profiles, Quarantined, [d92d6cd247353bfbabdc91799172e41c],
PUP.Optional.TidyNetwork.A, C:\Program Files\TNT2\Profiles\10859, Quarantined, [d92d6cd247353bfbabdc91799172e41c],
PUP.Optional.SystemUpdater.A, C:\Windows\Microsoft\System Update kb70007, Quarantined, [16f0d866dd9fb284cab046d410f3936d],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy, Delete-on-Reboot, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\developer-manual, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\faq, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\images, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\user-manual, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\templates, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Extutil.A, C:\Users\witt\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, Quarantined, [c34371cda2da6dc9b0c9a37dbf44a45c],
PUP.Optional.Managera.A, C:\Users\witt\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, Quarantined, [e81e142a611bbe787802de423cc7e818],

Files: 314
PUP.Optional.Somoto, C:\Windows\Microsoft\System Update kb70007\WindowsUpdater.exe, Quarantined, [4fb78eb0225a38fe09ae1485a65b7987],
PUP.Optional.Downloader, C:\Program Files\OpenDownloaderManager\iHelper.exe, Quarantined, [be486ed00874092d79066849887945bb],
PUP.Optional.SearchProtect.A, C:\Program Files\OpenDownloaderManager\spdnew.exe, Quarantined, [38ce390591eb79bd2a98c8d36b96629e],
PUP.Optional.WeCare.A, C:\Program Files\OpenDownloaderManager\wecarenew.msi, Quarantined, [8f7791ad552747ef66b20c1356aa18e8],
PUP.Optional.NetFilter, C:\Windows\System32\hfnapi.dll, Quarantined, [0006c777285490a6ad7921a4738ef709],
Adware.SaMon, C:\Windows\System32\MovieMode.48CA2AEFA22D.dll, Quarantined, [7b8ba39bf488c175b6935a269c6537c9],
PUP.Optional.Amonetize, C:\Users\witt\AppData\Local\Temp\Updater.exe, Quarantined, [f01652ec5e1e0e2889fcaa23ea179c64],
PUP.Optional.OutBrowse.A, C:\Users\witt\AppData\Local\Temp\f.exe, Quarantined, [92740638b7c531056a1282a4e61f926e],
PUP.Optional.SpeeDial.A, C:\Users\witt\AppData\Local\Temp\SpeeDial.exe, Quarantined, [996dbd81f18b94a230292f72ac56d927],
PUP.Optional.SearchProtect.A, C:\Users\witt\AppData\Local\Temp\SPSetup.exe, Quarantined, [34d2e55915677db9f7ffe3c32cd58f71],
Trojan.Agent, C:\Users\witt\AppData\Local\Temp\drvinst-1.exe, Quarantined, [62a4d9654537280e6d130353ac54639d],
PUP.Optional.Amonetize, C:\Users\witt\AppData\Local\Temp\drvinst-2.exe, Quarantined, [8185be80abd1b5819e79c599f60a827e],
PUP.Optional.OffersWizard.A, C:\Users\witt\AppData\Local\Temp\drvinst01.exe, Quarantined, [db2b0a349ae27db95016c4bacd387c84],
PUP.Optional.OffersWizard.A, C:\Users\witt\AppData\Local\Temp\drvinstal1.exe, Quarantined, [8a7cb787cfad1521194ded91e02549b7],
PUP.Optional.InstallCore, C:\Users\witt\AppData\Local\Temp\ICReinstall_FileOpenerSetup.exe, Quarantined, [dc2a60de6913aa8c1822d94b4fb6dc24],
PUP.Optional.InstallCore, C:\Users\witt\AppData\Local\Temp\ICReinstall_Mod_Setup.exe, Quarantined, [b3534ef0037953e3f8ab0efbfb0a40c0],
PUP.Optional.Conduit.A, C:\Users\witt\AppData\Local\Temp\nsx6A2B.exe, Quarantined, [dc2a74ca6f0d1b1ba6321d7f44bda060],
PUP.Optional.AirAdInstaller, C:\Users\witt\AppData\Local\Temp\setup.exe, Quarantined, [66a0be8098e4ab8b043ebc7e5fa1f010],
PUP.Optional.Conduit.A, C:\Users\witt\AppData\Local\Temp\3fd73772-9253-4fad-9d53-b7a887564c7a\spidentifierimpl.exe, Quarantined, [d72f0c32bcc02a0c99aab5e9827f1ee2],
Trojan.MSIL, C:\Users\witt\AppData\Local\Temp\is-QE0EB.tmp\5767.exe, Quarantined, [1cea93abc3b982b4e9fd61cd34cde020],
PUP.Optional.Conduit.A, C:\Users\witt\AppData\Local\Temp\52e22149-39b0-47d0-aae5-f37ea223c937\spidentifierimpl.exe, Quarantined, [08feee50a8d444f26ed5b8e60ff240c0],
PUP.Optional.Conduit.A, C:\Users\witt\AppData\Local\Temp\ccd43123-a0b7-4032-b4f4-df25c96759b4\spidentifierimpl.exe, Quarantined, [788e1a24304c0630e75c376726dbc040],
PUP.Optional.HomeTab.A, C:\Users\witt\AppData\Local\Temp\ccd43123-a0b7-4032-b4f4-df25c96759b4\software\HomeTab.exe, Quarantined, [0402f94599e3251115feadef56ab748c],
PUP.DownloadAdmin, C:\Users\witt\AppData\Local\Temp\ccd43123-a0b7-4032-b4f4-df25c96759b4\software\Horizon.exe, Quarantined, [947282bc215b53e37c6c18b336ce0df3],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsdB008.exe, Quarantined, [010597a716660135e4ac043fbc45f907],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsh7838.exe, Quarantined, [a85ee9557408d165eaa69da639c854ac],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsi67EA.exe, Quarantined, [3bcbf945e19bd1656a6e3c60847d19e7],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nskA0F7.exe, Quarantined, [a46251ed9ae24bebcac6e95a49b8fb05],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsm4352.exe, Quarantined, [56b072ccafcdf93d77199fa40ff2c739],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsn67C1.exe, Quarantined, [0303fa445a22023467295ee512ef28d8],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsp3401.exe, Quarantined, [54b27fbf6f0dfd39a1eff74c0af70df3],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsp397D.exe, Quarantined, [22e4ba84d6a60036f69ae16210f1d828],
PUP.Optional.SearchProtect.A, C:\Windows\Temp\nsp7620.exe, Quarantined, [8d79c97580fc7cba1977430028d99967],
PUP.Optional.Conduit.A, C:\Windows\Temp\nsyDDE5.exe, Quarantined, [f70fe25cf785c76fd800108c946d31cf],
Misused.Legit.AI, C:\Users\witt\6s5r5k7244n2\Update.exe, Quarantined, [63a35de1126a350124600597e9189e62],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\Player-Chrome (4).exe, Quarantined, [34d2e05eff7d092df7e32b3ca35e9967],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\Player-Chrome (5).exe, Quarantined, [a16541fdbfbd1a1c2baf076041c0e11f],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\Player-Chrome (6).exe, Quarantined, [5aac86b8ef8d989e934797d02fd2936d],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\Player-Chrome (7).exe, Quarantined, [986edd61f28a6fc7a6342146a55c0df3],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\Player-Chrome (8).exe, Quarantined, [03032b136616999d5288194e31d009f7],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\Player-Chrome (9).exe, Quarantined, [ce38bb83ccb0b680e9f192d533cedf21],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\Player-Chrome.exe, Quarantined, [c93d4cf279033303da006304877a08f8],
PUP.Optional.Domalq, C:\Users\witt\Downloads\Player.exe, Quarantined, [6d995de189f3f73f5086dd67f907d32d],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (15).exe, Quarantined, [927447f7a3d9ce68142e2218b54bcd33],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (16).exe, Quarantined, [b65058e6710b7cba1d25ad8d7b85ec14],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (17).exe, Quarantined, [5caa0b33a4d8d66073cf49f16a9619e7],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (18).exe, Quarantined, [6e9882bc453741f580c2ed4dc13fa45c],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (19).exe, Quarantined, [cf37e25cea92b87e8db5d862a15fda26],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (2).exe, Quarantined, [c93d86b8760604323d050337a957fd03],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (20).exe, Quarantined, [4bbbff3fa9d3280e9fa3b78302fe6b95],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (21).exe, Quarantined, [cc3a8fafacd05adce062fe3cd12fdf21],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\Setup (22).exe, Quarantined, [b74f87b7a9d33ef80fcb8fd8d8295da3],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\Setup (23).exe, Quarantined, [82841628e5970d294e8c99ced52c3ac6],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\Setup (24).exe, Quarantined, [da2c211dc8b4fd39ab2f7cebb64bfe02],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (25).exe, Quarantined, [8086fb43453784b2a2a0cd6d36ca34cc],
PUP.Optional.Bundlore, C:\Users\witt\Downloads\setup (26).exe, Quarantined, [2bdbe658b3c99b9b44d06abbc73e718f],
PUP.Optional.Bundlore, C:\Users\witt\Downloads\setup (27).exe, Quarantined, [2ed853eb80fc6ec854c034f163a232ce],
PUP.Optional.Bundlore, C:\Users\witt\Downloads\setup (28).exe, Quarantined, [ec1a94aa9ae2f83eec28b075d233b44c],
PUP.Optional.Bundlore, C:\Users\witt\Downloads\setup (29).exe, Quarantined, [798d44fae9933ff7ba5a8a9be223956b],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (3).exe, Quarantined, [f0160d31d4a8191d0240b98116eac739],
PUP.Optional.FlashPro, C:\Users\witt\Downloads\flashplayerpro-setup (4).exe, Quarantined, [986ea09e4f2d0e28d175a57f22e3ae52],
PUP.Optional.FlashPro, C:\Users\witt\Downloads\flashplayerpro-setup (5).exe, Quarantined, [80860c32bebec373bb8bd74d73929c64],
PUP.Optional.FlashPro, C:\Users\witt\Downloads\flashplayerpro-setup (6).exe, Quarantined, [47bf8ab4730956e0c97d6abab64fee12],
PUP.Optional.FlashPro, C:\Users\witt\Downloads\flashplayerpro-setup (7).exe, Quarantined, [4eb80638d0ac59ddce7876ae54b19e62],
PUP.Optional.InstallCore.A, C:\Users\witt\Downloads\flashplayerpro-setup.exe, Quarantined, [41c5023cd4a83402c54b67bd689da957],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\flashplayerpro_Setup (1).exe, Quarantined, [0cfaba84cbb1ce68c812293e4bb6e917],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\flashplayerpro_Setup (2).exe, Quarantined, [7f8756e8ec904aec67739fc847ba50b0],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\flashplayerpro_Setup (3).exe, Quarantined, [fc0a27171e5eef47a6345e092ad7ee12],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\flashplayerpro_Setup.exe, Quarantined, [e125e559611b072f7e5c0b5c6a97cc34],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\Flash_Player_Pro_Setup (1).exe, Quarantined, [a1651b23562640f68753303713eed62a],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (31).exe, Quarantined, [c83eeb53720a21150141ce6cc33dc040],
PUP.Optional.Firseria, C:\Users\witt\Downloads\Setup (32).exe, Quarantined, [a46295a995e7df573ee62a71a45d926e],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (33).exe, Quarantined, [3bcbda644b31e353fa482f0b69974bb5],
PUP.Optional.Firseria, C:\Users\witt\Downloads\Setup (34).exe, Quarantined, [11f57fbf116b46f019184359bf42a957],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\setup (35).exe, Quarantined, [ac5a60de5c20171fdbff4720738e2cd4],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\setup (36).exe, Quarantined, [18ee0836c2ba63d3e4f61552af5228d8],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (37).exe, Quarantined, [25e1f04e502c41f5172b8eace51b2bd5],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (38).exe, Quarantined, [51b57fbf2755bf7754ee67d3d22efa06],
PUP.Optional.Bechiro, C:\Users\witt\Downloads\Setup (39).exe, Quarantined, [4abcc47a5d1f87afe5913f81cd37b64a],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (4).exe, Quarantined, [5ea877c7b7c51224c37f53e7ec142cd4],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (40).exe, Quarantined, [cb3b6ed03646c96d54ee2911d62aa957],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (41).exe, Quarantined, [ac5a88b67507a690f54d8ab05ba5946c],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (42).exe, Quarantined, [c4429f9f740849eddc66f446a15f23dd],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (43).exe, Quarantined, [8e7860de93e91521ab977ac0b05049b7],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (44).exe, Quarantined, [47bf0b33daa21b1b7bc7a09adc24cc34],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (45).exe, Quarantined, [d234e15dccb0280ebb87003a619f20e0],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (46).exe, Quarantined, [2bdb3b03e19b0432f44eea50ad53e11f],
PUP.Optional.Soft32.A, C:\Users\witt\Downloads\directx 9 redistributable setup.exe, Quarantined, [9d696ed0bac2132392816fe3966b7888],
PUP.Optional.DomaIQ, C:\Users\witt\Downloads\directx.exe, Quarantined, [10f6fe40c0bc1c1a70050b3a12eee61a],
PUP.Optional.DomalQ, C:\Users\witt\Downloads\horizon.exe, Quarantined, [61a5281645379c9abf47cb4050b5a45c],
PUP.Optional.Amonetize, C:\Users\witt\Downloads\Dx9 Graphics Card Downloader__3687_i630419951_il13935914.exe, Quarantined, [d333b98585f746f011178c2c926f3ec2],
PUP.Optional.QualityScore, C:\Users\witt\Downloads\direct-x-9 (1).exe, Quarantined, [f41252ec5b21cf67df638db9c53b7987],
PUP.Optional.QualityScore, C:\Users\witt\Downloads\direct-x-9 (2).exe, Quarantined, [3fc784ba8def75c18ab8b98de81835cb],
PUP.Optional.QualityScore, C:\Users\witt\Downloads\direct-x-9 (3).exe, Quarantined, [f80e112d205cc670cd75380e23ddaa56],
PUP.Optional.QualityScore, C:\Users\witt\Downloads\direct-x-9 (4).exe, Quarantined, [56b062dcf587b18522200c3a29d7fe02],
PUP.Optional.QualityScore, C:\Users\witt\Downloads\direct-x-9 (5).exe, Quarantined, [5caaf34b6b1170c675cdc28429d736ca],
PUP.Optional.QualityScore, C:\Users\witt\Downloads\direct-x-9 (6).exe, Quarantined, [e224da644c30c670360c93b334cc25db],
PUP.Optional.QualityScore, C:\Users\witt\Downloads\direct-x-9 (7).exe, Quarantined, [09fd52ec7a02063045fd2125946c44bc],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\Player-Chrome (1).exe, Quarantined, [699dc37b8af244f241991453c938b947],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\Player-Chrome (10).exe, Quarantined, [f511ed51d1ab6acc479322451be6e61a],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\Player-Chrome (11).exe, Quarantined, [30d6241afa8279bd8555085f8081d32d],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\Player-Chrome (12).exe, Quarantined, [e12553eb9ce03df971697aed56abef11],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\Player-Chrome (13).exe, Quarantined, [a66089b58bf1bb7bc2186ff8fe0345bb],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\Player-Chrome (14).exe, Quarantined, [48be8cb2d0ac86b0904aa2c5e9189070],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\Player-Chrome (15).exe, Quarantined, [5fa779c51a6288aebb1ff96edf2221df],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\Player-Chrome (16).exe, Quarantined, [9f67d26c83f92e086377f86f57aa11ef],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\Player-Chrome (17).exe, Quarantined, [75910d315923979fc9110463e71a02fe],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\Player-Chrome (18).exe, Quarantined, [6a9c78c6235981b50eccd98e29d8bc44],
PUP.Optional.IBryte, C:\Users\witt\Downloads\Player-Chrome (19).exe, Quarantined, [4abce35b691384b2955ed5e3fd04d32d],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\Player-Chrome (2).exe, Quarantined, [1aec013dea926bcb2eacc5a234cd0ef2],
PUP.Optional.Bundlore, C:\Users\witt\Downloads\setup (14).exe, Quarantined, [fa0c300e34487eb8239d028a857c629e],
PUP.Optional.QualityScore, C:\Users\witt\Downloads\direct-x-9.exe, Quarantined, [7492af8f1c6010261a28e95dbd43a65a],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (30).exe, Quarantined, [45c1de604e2e3ff74bf763d7dc24659b],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (1).exe, Quarantined, [10f699a5720a4aec6ad8bc7e17e9936d],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (10).exe, Quarantined, [e71ff24c80fccb6b5de54eec0bf5b34d],
PUP.Optional.Bundlore, C:\Users\witt\Downloads\setup (11).exe, Quarantined, [e323f14dfd7f86b0724e7e0e6998649c],
PUP.Optional.Bundlore, C:\Users\witt\Downloads\setup (12).exe, Quarantined, [9d692c123646171fedd3f19bb94822de],
PUP.Optional.Bundlore, C:\Users\witt\Downloads\setup (13).exe, Quarantined, [32d4201ec7b530064a76fb917e839a66],
PUP.Optional.Softonic.A, C:\Users\witt\Downloads\SoftonicDownloader_for_pinnacle-videospin.exe, Quarantined, [ac5a132b522a39fd46fe48f2778a8080],
PUP.Optional.Softonic.A, C:\Users\witt\Downloads\Softonic_downloader_unity-web-player.exe, Quarantined, [49bd003ed7a5a195a4a0003ab9481ee2],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (48).exe, Quarantined, [e12554ea0874b086dd6581b924dc0af6],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (5).exe, Quarantined, [d72f85b96c1061d577cb2515ca369c64],
PUP.Optional.Bechiro, C:\Users\witt\Downloads\Setup (6).exe, Quarantined, [2ed8a797e894eb4b97df6858778dd030],
PUP.Optional.Bechiro, C:\Users\witt\Downloads\Setup (7).exe, Quarantined, [fd09e45a423a78be7df9a020798ba25e],
PUP.Optional.Bechiro, C:\Users\witt\Downloads\Setup (8).exe, Quarantined, [17ef70ce4339a3935d190bb539cbb54b],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (9).exe, Quarantined, [4fb7d16d2458fd3975cd74c6ae529769],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup.exe, Quarantined, [db2bb589443837ffed5576c410f00ef2],
PUP.Optional.OpenCandy, C:\Users\witt\Downloads\SetupImgBurn_2.5.8.0.exe, Quarantined, [a75fa19db7c5b87eee18c7ae5baa3ac6],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\update.exe, Quarantined, [fe0882bc1567ef47a3376601ba475da3],
PUP.Optional.AirAdInstaller, C:\Users\witt\Downloads\Setup (47).exe, Quarantined, [0ff773cb2e4e082e330f6ccea25e1be5],
PUP.Optional.InstallCore, C:\Users\witt\Downloads\FileOpenerSetup.exe, Quarantined, [5caa122c1c6041f549f13fe5ab5aed13],
PUP.Optional.InstallCore.A, C:\Users\witt\Downloads\flashplayerpro-setup (1).exe, Quarantined, [d432043a9ddf0234d7390c1817eea858],
PUP.Optional.InstallCore.A, C:\Users\witt\Downloads\flashplayerpro-setup (2).exe, Quarantined, [c541ac92c1bbe4524dc3dd47e71ee818],
PUP.Optional.InstallCore.A, C:\Users\witt\Downloads\flashplayerpro-setup (3).exe, Quarantined, [0bfb55e9a0dceb4b9a76e3413bca34cc],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\Flash_Player_Pro_Setup.exe, Quarantined, [0bfb4df1ceaea0963c9e37309d6427d9],
PUP.Optional.Monetizer, C:\Users\witt\Downloads\Goat Simulator Online Demo__3038_i793588099_il3389875.exe, Quarantined, [33d38faf88f4ef470a7a4d5502ff32ce],
PUP.Optional.DownloadAdmin, C:\Users\witt\Downloads\horizon-setup (1).exe, Quarantined, [778fcf6f80fc4bebd3804029de23b34d],
PUP.Optional.DownloadAdmin, C:\Users\witt\Downloads\horizon-setup (2).exe, Quarantined, [1de9fd417804d85e242f95d43fc29a66],
PUP.Optional.DownloadAdmin, C:\Users\witt\Downloads\horizon-setup.exe, Quarantined, [52b488b6423aa4926fe46cfd14ed6a96],
PUP.Optional.Bandoo, C:\Users\witt\Downloads\iLividSetup-r772-n-bc (1).exe, Quarantined, [7294bd81fa8261d5c225051e79884cb4],
PUP.Optional.Bandoo, C:\Users\witt\Downloads\iLividSetup-r772-n-bc.exe, Quarantined, [c640c579abd160d65691e043cc357a86],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\Player-Chrome (3).exe, Quarantined, [aa5cb5895a22e84ea43681e67b86a957],
PUP.Optional.OptimumInstaller.A, C:\Users\witt\Downloads\Minecraft_Game_Downloader.exe, Quarantined, [699da19d5527fb3beeecea7dc041728e],
PUP.Optional.Amonetize, C:\Users\witt\Downloads\Hack v.1.7.2__7128_il20748.exe, Quarantined, [37cfaa94acd0c670f632deda0cf538c8],
PUP.Optional.Amonetize, C:\Users\witt\AppData\Local\14683\a22753.exe, Quarantined, [0600b886196365d1f5907e4ff50ced13],
PUP.Optional.Amonetize, C:\Users\witt\AppData\Local\41\a18467.exe, Quarantined, [9472a59916664aecefa406aba35e2ad6],
PUP.Optional.Somoto, C:\Windows\Installer\15baab.msi, Quarantined, [60a6c777304c66d09225465369989d63],
PUP.Optional.SnapDo.A, C:\Windows\Installer\890a33.msi, Quarantined, [ee18d866aad22e0854ee7d2131d0c838],
PUP.Optional.OffersWizard.A, C:\Program Files\Common Files\Config\ver.xml, Quarantined, [05019ca27a02d363de5674db966d34cc],
PUP.Optional.OffersWizard.A, C:\Program Files\Common Files\Config\data.xml, Quarantined, [05019ca27a02d363de5674db966d34cc],
PUP.Optional.OffersWizard.A, C:\Program Files\Common Files\Config\uninstinethnfd.exe, Quarantined, [05019ca27a02d363de5674db966d34cc],
PUP.Optional.TidyNetwork.A, C:\Windows\System32\Tasks\TidyNetwork Update, Quarantined, [51b52f0f36467cba4c2557fc4fb43ac6],
PUP.Optional.MovieMode.A, C:\Windows\System32\MovieMode.48CA2AEFA22D.dll, Quarantined, [d234b08e94e8c37316d45c0211f27e82],
PUP.Optional.MindSpark.A, C:\Users\witt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_dailyfitnesscenter.dl.tb.ask.com_0.localstorage, Quarantined, [e02647f782fa32040af2b1afa45ff10f],
PUP.Optional.MindSpark.A, C:\Users\witt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_dailyfitnesscenter.dl.tb.ask.com_0.localstorage-journal, Quarantined, [59ad3905205c50e6ba42adb314ef33cd],
PUP.Optional.CrossRider.A, C:\Users\witt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lndipknmjijnalnkamonmljeaojdbpna_0.localstorage, Quarantined, [1aec4af481fb8da9e6fb5b0c8281d828],
PUP.Optional.CrossRider.A, C:\Users\witt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lndipknmjijnalnkamonmljeaojdbpna_0.localstorage-journal, Quarantined, [9b6b53eb2d4f5dd9528f4126ac5728d8],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-10-18-7.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-11-04-3.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-10-19-1.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-10-20-2.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-10-21-3.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-10-22-4.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-10-23-5.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-10-24-6.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-10-25-7.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-10-26-1.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-10-27-2.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-10-28-3.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-10-29-4.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-10-30-5.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-11-01-7.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-11-02-1.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-11-03-2.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-11-05-4.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-11-06-5.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-11-07-6.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-11-08-7.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-11-09-1.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-11-10-2.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-11-11-3.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-11-12-4.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-11-13-5.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-11-16-1.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-11-18-3.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-11-20-5.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-11-23-1.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-11-24-2.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-11-26-4.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-11-27-5.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-11-28-6.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-11-30-1.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-12-05-6.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-12-09-3.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-12-12-6.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-12-13-7.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-12-15-2.dc, Quarantined, [e224d569275580b67514ce79a064af51],
Stolen.Data, C:\Users\witt\AppData\Roaming\dclogs\2014-12-16-3.dc, Quarantined, [e224d569275580b67514ce79a064af51],
PUP.Optional.ReMarkable.A, C:\Users\witt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage, Quarantined, [e02645f9ff7d1e18ba91555c0ef60bf5],
PUP.Optional.ReMarkable.A, C:\Users\witt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal, Quarantined, [f511c07e621aea4c4407d0e12ed6ce32],
Backdoor.HMCPol.Gen, C:\Users\witt\AppData\Roaming\windushrd\hsresets.exe, Quarantined, [57af6ed0b4c82e08c0e19d816b99ea16],
Trojan.Agent.AI, C:\Users\witt\6s5r5k7244n2\15997.vbs, Quarantined, [c24499a5255720166be34505f50e47b9],
PUP.Optional.GorillaPrice, C:\Program Files\gorillaprice\gorillaprice.exe, Delete-on-Reboot, [ea1cbc82512b181e7dfda367bd4631cf],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\Autorun.inf, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\crx.tar, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\GameApps.ini, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\GameConsole.exe, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\GameEngine.dll, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\GLOBALUNINSTALL.TNT, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\hmac.1.dll, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\iestage2.1.dll, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\IEToolbar.dll, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\IEToolbar64.dll, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\INSTALL.TNT, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\LastSession.log, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\log.dll, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\MinecraftShims64.dll, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\npTNT2.dll, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\PARTNER.TNT, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\passport.dll, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\passport64.dll, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\pinnedSearch.htm, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\pinnedSearch_FindWide.htm, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\pinnedSearch_Freshy.htm, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\progress.1.dll, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\regsvr.1.dll, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\RemoteSkin.wms, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\sqlite.1.dll, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\TNT2User.exe, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\TNT2UserPS.dll, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\TNT2UserPS64.dll, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\TntMagicDel.dll, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\UnInjLib.dll, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\UnInjLib64.dll, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\UNINSTALL.TNT, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\UninstallDlg.1.dll, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\untar.1.dll, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\UPDATE.TNT, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\xpi.tar, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\2.0.0.1812\zipunzip.1.dll, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\Profiles\10859\os10859.xml, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\Profiles\10859\partner.dat, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\Profiles\10859\toolbar10859@freshy.com.xpi, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.TidyNetwork.A, C:\Users\witt\AppData\Local\TNT2\Profiles\10859\yah10859.xml, Quarantined, [0ff798a69ce0a0968bfb44c641c2f40c],
PUP.Optional.SystemUpdater.A, C:\Windows\Microsoft\System Update kb70007\Installer.dll, Quarantined, [16f0d866dd9fb284cab046d410f3936d],
PUP.Optional.SystemUpdater.A, C:\Windows\Microsoft\System Update kb70007\InstallerLibrary.dll, Quarantined, [16f0d866dd9fb284cab046d410f3936d],
PUP.Optional.SystemUpdater.A, C:\Windows\Microsoft\System Update kb70007\win32.reg, Quarantined, [16f0d866dd9fb284cab046d410f3936d],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\AUTHORS.txt, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\config.txt, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\default.action, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\default.filter, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\LICENSE.txt, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\match-all.action, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\mgwz.dll, Delete-on-Reboot, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\privoxy.exe, Delete-on-Reboot, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\privoxy.log, Delete-on-Reboot, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\privoxy_uninstall.exe, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\README.txt, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\trust.txt, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\user.action, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\user.action_empty, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\user.filter, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\user.filter_old, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\p_doc.css, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\developer-manual\coding.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\developer-manual\cvs.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\developer-manual\documentation.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\developer-manual\index.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\developer-manual\introduction.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\developer-manual\newrelease.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\developer-manual\testing.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\developer-manual\webserver-update.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\faq\configuration.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\faq\contact.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\faq\copyright.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\faq\general.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\faq\index.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\faq\installation.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\faq\misc.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\faq\trouble.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\images\files-in-use.jpg, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\images\proxy_setup.jpg, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\user-manual\actions-file.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\user-manual\appendix.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\user-manual\config.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\user-manual\configuration.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\user-manual\contact.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\user-manual\copyright.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\user-manual\files-in-use.jpg, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\user-manual\filter-file.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\user-manual\index.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\user-manual\installation.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\user-manual\introduction.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\user-manual\proxy2.jpg, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\user-manual\proxy_setup.jpg, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\user-manual\p_doc.css, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\user-manual\quickstart.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\user-manual\seealso.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\user-manual\startup.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\user-manual\templates.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\doc\user-manual\whatsnew.html, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\templates\cgi-style.css, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\templates\connect-failed, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\templates\mod-local-help, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\templates\mod-support-and-service, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\templates\mod-title, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\templates\mod-unstable-warning, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\templates\no-such-domain, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Privoxy.A, C:\Program Files\MSR\Privoxy\templates\url-info-osd.xml, Quarantined, [7a8c92ac82fac175a3105cbef2119d63],
PUP.Optional.Extutil.A, C:\Users\witt\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js, Quarantined, [c34371cda2da6dc9b0c9a37dbf44a45c],
PUP.Optional.Extutil.A, C:\Users\witt\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js, Quarantined, [c34371cda2da6dc9b0c9a37dbf44a45c],
PUP.Optional.Extutil.A, C:\Users\witt\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json, Quarantined, [c34371cda2da6dc9b0c9a37dbf44a45c],
PUP.Optional.Managera.A, C:\Users\witt\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js, Quarantined, [e81e142a611bbe787802de423cc7e818],
PUP.Optional.Managera.A, C:\Users\witt\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json, Quarantined, [e81e142a611bbe787802de423cc7e818],

Physical Sectors: 0
(No malicious items detected)


(end)

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x86
Ran by witt on Tue 12/16/2014 at 19:27:59.88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{21511F23-86D7-4782-A8D8-214B630029FA}



~~~ Files

Successfully deleted: [File] "C:\Users\witt\appdata\local\google\chrome\user data\default\local storage\http_www.ask.com_0.localstorage"
Successfully deleted: [File] "C:\Users\witt\appdata\local\google\chrome\user data\default\local storage\http_www.ask.com_0.localstorage-journal"
Successfully deleted: [File] "C:\Users\witt\desktop\live pc help.lnk"
Successfully deleted: [File] C:\Windows\prefetch\SPEEDUPMYPC.EXE-370FD07F.pf



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 12/16/2014 at 19:44:46.85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



BC AdBot (Login to Remove)

 


#2 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 18 December 2014 - 01:46 AM

Hello there     :welcome:
 
Welcome to Bleeping Computer, I'm LighthouseParty. Let's run a couple of scans to see what could be causing this.
 
:step1: Please download MiniToolBox to your desktop

  • Double click MiniToolBox.
  • Select the following and then press go.
  • Post the log in your next reply.

Flush DNS
Reset IE Proxy Settings
Reset FF Proxy Settings
List Installed Programs
List Restore Points
 
:step2: Please download Malwarebytes Anti-Malware to your desktop

  • Double click mbam-setup-x.x.x.xxxx and follow the on-screen instructions.
  • On the dashboard, click update now.
  • After that, click scan now - the scan will now begin.
  • When the scan's completed, select apply actions - make sure the action is quarantine.
  • Restart your computer.

How to get the log.

  • On the dashboard, select the history tab and click application logs.
  • Select the log which has the time and date of when you did the scan.
  • Click copy to clipboard and paste it into your reply.

Thank you also for the previous Malwarebytes log.

 

:step3: Please download Security Check to your desktop

  • Double click SecurityCheck and follow the on-screen instructions.
  • A log should open, called checkup.txt.
  • Please post the contents of it in your next reply.

:step4: Non-malware removal steps
 
Run System File Checker - http://support.microsoft.com/KB/929833
Run Disk Check - http://support.microsoft.com/kb/2641432
Run Disk Cleanup - http://windows.microsoft.com/en-gb/windows/delete-files-using-disk-cleanup

Thanks and good luck!



#3 buddy215

buddy215

  • Moderator
  • 13,262 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee

Posted 18 December 2014 - 09:43 AM

MBAM has identified backdoors. Any information/ data/ passwords/ banking/ credit cards, etc. must be considered

to have been compromised.

 

Read info here: When should I re-format? How should I reinstall? Security | DSLReports, ISP Information


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#4 Bakersfieldboy

Bakersfieldboy
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:10 PM

Posted 18 December 2014 - 07:04 PM

Jumping to step 4, No problems in system or drive test.....

 

Here's the log's

 

 

MiniToolBox by Farbar  Version: 30-11-2014
Ran by witt (administrator) on 18-12-2014 at 15:34:27
Running from "E:\New folder"
Microsoft Windows 7 Home Premium   (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

"Reset IE Proxy Settings": IE Proxy Settings were reset.


=========================== Installed Programs ============================

8BitMMO (HKLM\...\Steam App 250420) (Version:  - Archive Entertainment)
abgx360 v1.0.6 (HKLM\...\abgx360) (Version:  - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe AIR (Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.38 - Adobe Systems Incorporated)
Amnesia - The Dark Descent Demo (HKLM\...\{576CA494-F771-4B10-9AF0-8ED4A7AFB0CC}_is1) (Version: 1.0.1 - Frictional Games)
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.39 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.100.82.63 - Broadcom Corporation)
Cisco EAP-FAST Module (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
Fraps (remove only) (HKLM\...\Fraps) (Version:  - )
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Happy Wars (HKLM\...\Steam App 246280) (Version:  - Toylogic inc.)
Haunt the House: Terrortown (HKLM\...\air.com.sfbgames.HauntTheHouseTerrortown) (Version: 1.0.1 - UNKNOWN)
Haunt the House: Terrortown (Version: 1.0.1 - UNKNOWN) Hidden
Heroes & Generals (HKLM\...\Heroes & Generals) (Version: 1.0.6.1 - Reto-Moto)
Horizon v2.7.9.0 (HKLM\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.9.0 - Daring Development Inc.)
HxD Hex Editor °æ±¾ 1.7.7.0 (HKLM\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Expression Encoder 4 (HKLM\...\Encoder_4.0.3205.0) (Version: 4.0.3205.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 (Version: 4.0.3205.0 - Microsoft Corporation) Hidden
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM\...\{F9EC30D1-F688-4708-9850-CB5120074AAA}) (Version: 4.0.3205.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MirrorOp Receiver (HKLM\...\MirrorOp Receiver_is1) (Version: 0.2.11.4 - Awind Inc.)
Mod Manager Packages (HKCU\...\Mod Manager Packages) (Version:  - )
Modio (HKLM\...\{3DA224A5-666B-4941-8998-2F19C6D126A5}_is1) (Version:  - GameTuts)
Muvic Smartbar (HKLM\...\{AA236AFD-B26E-4BC7-9A13-76BD5F9887AC}) (Version: 10.211.58.15493 - PinWid Ltd.)
Muvic Smartbar Engine (HKCU\...\{942e7f8b-571f-44f4-ba3c-dfc15cc2aef2}) (Version: 10.211.58.15493 - PinWid Ltd.)
NBTExplorer (HKLM\...\{06107EDA-5B85-4CEC-AB1E-8350DEC15231}) (Version: 2.7.4.0 - Justin Aquadro)
ROBLOX Player for witt (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
Severe Weather Alerts (HKCU\...\Severe Weather Alerts) (Version: 1.23.0.0 - Weather Notifications, LLC)
Steam (HKLM\...\Steam) (Version:  - Valve Corporation)
TidyNetwork (HKCU\...\TidyNetwork) (Version:  - TidyNetwork)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
WinRAR 5.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
Wondershare Video Editor(Build 3.6.2) (HKLM\...\Wondershare Video Editor_is1) (Version:  - Wondershare Software)
World of Tanks (HKLM\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version:  - Wargaming.net)
Worldwide Web Research (HKLM\...\Worldwide Web Research11.041.44) (Version: 11.041.44 - Media Codecs Interactive LLC)
Yet Another Zombie Defense (HKLM\...\Steam App 270550) (Version:  - Awesome Games Studio)
========================= Restore Points ==================================

25-09-2014 02:36:27 Installed iClone
25-09-2014 02:44:20 Installed iClone
04-11-2014 23:31:11 Installed DirectX
17-12-2014 01:43:16 Checkpoint by HitmanPro
17-12-2014 01:44:36 Checkpoint by HitmanPro
17-12-2014 04:18:23 Removed Facebook Video Calling 3.1.0.521
17-12-2014 20:40:19 Removed Java 7 Update 60

**** End of log ****
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12/18/2014
Scan Time: 3:39:03 PM
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.18.05
Rootkit Database: v2014.12.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7
CPU: x86
File System: NTFS
User: witt

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 293049
Time Elapsed: 9 min, 24 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Results of screen317's Security Check version 0.99.93  
 Windows 7  x86 (UAC is enabled)  
 Out of date service pack!!
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
 



#5 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 19 December 2014 - 01:50 AM

You don't currently have Windows 7 SP1 installed.. here's instructions on how to install it, through Windows Update.

  1. Make sure your computer is connected to the Internet.

  2. Click the Start button 4f6cbd09-148c-4dd8-b1f2-48f232a2fd33_818, click All Programs, and then click Windows Update.
  3. In the left pane, click Check for updates.

  4. If any important updates are found, click the link to view available updates. In the list of updates, select Service Pack for Microsoft Windows (KB976932), and then click OK.

  5. Click Install updates. 18abb370-ac1e-4b6b-b663-e028a75bf05b_48. If you're prompted for an administrator password or confirmation, type the password or provide confirmation.

  6. Follow the instructions on your screen.

  7. After the installation is complete, log on to your computer at the Windows logon prompt. You might see a notification indicating whether the update was successful.

Source: http://windows.microsoft.com/en-US/windows7/install-windows-7-service-pack-1



#6 Bakersfieldboy

Bakersfieldboy
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:10 AM

Posted 19 December 2014 - 12:18 PM

yes ive updated it al ready,,,



#7 Bakersfieldboy

Bakersfieldboy
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male

Posted 19 December 2014 - 12:22 PM

Problems sill there,browsere loads half way, like bleeping computer the top part of page loads but nothen eles.

try reseting broswers do defalt setting

deleted any addons

reinstalling flash (adobe)



#8 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 19 December 2014 - 01:12 PM

Hello there,

 

From the Security Log you provided me with, it seems you don't have an anti-virus installed. This can be quite dangerous, so I recommend you install Avast Free Antivirus.

:step1: Please uninstall some programs
 
There's currently some programs on your PC that we need to remove, for the time-being at least. Press the Windows + R key on your keyboard and type in appwiz.cpl and press enter. Navigate to each of the following below one-by-one and click uninstall:

  • Google Toolbar for Internet Explorer
  • Muvic Smartbar
  • Muvic Smartbar Engine
  • TidyNetwork

If any programs listed above aren't in Programs and Features, you can just skip them.

 

:step2: Please download rKill to your desktop

  • Double click it (Win 7, 8 and Vista users, right-click and select run as admin)
  • The tool will run and then a log file should open.
  • Please post the contents of it in your next reply.

Please don't restart your computer before running the next step.

:step3: Please download AdwCleaner to your desktop

  • Double click adwcleaner_x.xxx.exe. (Win 7, 8 and Vista users, right-click and select run as admin)
  • If prompted, click I agree.
  • Click scan. When it's finished, select clean.
  • Allow AdwCleaner to restart your computer.
  • Once your computer's restarted, a log should appear.
  • Please post this in your next reply.

:step4: Please download Junkware Removal Tool to your desktop

  • Double click JRT.exe. (Win 7, 8 and Vista users, right-click and select run as admin)
  • Press any key and the scan will begin.
  • At the end, a log will open. Please post this in your next reply.

:step5: Please visit the ESET Online Scanner webpage
:exclame: Internet Explorer MUST be used for this step.  :exclame:

  • Click the checkbox next to 'Yes, I accept the Terms of Use' and click start.
  • Select the checkboxes which are displayed in the picture below.

jqnp8z.png

  • Press start and the scan will now begin - this scan will take a long time.
  • When the scand finished, select list threats and then export.
  • Choose a name for the log (e.g ESET) and click save (to your desktop)
  • Press the back button and then click finish. Please include the contents of the log in your reply.

Edited by LighthouseParty, 19 December 2014 - 01:13 PM.


#9 Bakersfieldboy

Bakersfieldboy
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:10 AM

Posted 19 December 2014 - 08:29 PM

Ok, runing eset again but i have ran it and it comes up clean.

also things are getting alot worst the browser is unstable now to the point i have to ctrl+alt+del end the task (internet explorer)

and rerun it. for it to load half the page lol.

here are the logs so far.......

 

 also can not delete

  • Muvic Smartbar
  • Muvic Smartbar Engine  

 

I tryed using Ui clean and My uninstall but still not able to get them todelete

the other to i was able to.

 

Rkill 2.6.8 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/19/2014 04:19:08 PM in x86 mode.
Windows Version: Windows 7 Home Premium

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 12/19/2014 04:19:37 PM
Execution time: 0 hours(s), 0 minute(s), and 28 seconds(s)

+)))))))))))))))))))))))))))))))))))))))))))+

 

# AdwCleaner v4.105 - Report created 19/12/2014 at 16:28:16
# Updated 08/12/2014 by Xplode
# Database : 2014-12-16.1 [Live]
# Operating System : Windows 7 Home Premium  (32 bits)
# Username : witt - WITT-PC
# Running from : E:\Folder A\DIR\virus\adwcleaner_4.105.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files\MSR
Folder Deleted : C:\Program Files\Check Point Software Technologies LTD
Folder Deleted : C:\Users\witt\AppData\Roaming\Check Point Software Technologies LTD

***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99E29823-2F67-41C3-8AA5-6425097A771F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16385


*************************

AdwCleaner[R0].txt - [28021 octets] - [16/12/2014 15:29:18]
AdwCleaner[R1].txt - [2247 octets] - [16/12/2014 19:51:19]
AdwCleaner[R2].txt - [1491 octets] - [19/12/2014 16:25:56]
AdwCleaner[S0].txt - [26969 octets] - [16/12/2014 15:32:24]
AdwCleaner[S1].txt - [1426 octets] - [19/12/2014 16:28:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1486 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x86
Ran by witt on Fri 12/19/2014 at 17:14:02.12
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1955957569-898239701-246926440-1000\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 12/19/2014 at 17:15:27.95
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

if eset get done will post but have try it 3 times the last coming up with nothen
 



#10 Bakersfieldboy

Bakersfieldboy
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:10 AM

Posted 19 December 2014 - 09:47 PM

ESETSmartInstaller@High as downloader log:
Can not read file from internet.ESETSmartInstaller@High as downloader log:
Can not read file from internet.# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=ffa8b077bf2156459525ed6de92a9417
# engine=21641
# end=finished
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-12-20 02:31:13
# local_time=2014-12-19 06:31:13 (-0800, Pacific Standard Time)
# country="United States"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 0 170587464 0 0
# scanned=95895
# found=1
# cleaned=1
# scan_time=2113
sh=9836798B534E5BEF8A8C0F20D568D3670DF4034A ft=1 fh=80ff5eab5a0e7bc0 vn="a variant of MSIL/RunElevated.A potentially unsafe application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\MyPC Backup\Configuration Updater.exe.vir"
 



#11 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 20 December 2014 - 06:07 AM

Can you confirm what happens when you try to uninstall them?

 

Click here for instructions on how to reset Internet Explorer.



#12 Bakersfieldboy

Bakersfieldboy
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male

Posted 20 December 2014 - 11:20 AM

i Have try the reset already a vew times. no help, it goes thew process like normal but does not help.

when i try to uninstall a applacation ,ill click on the program. then click unistall, but thats as far as it goes. nothen,

     a mater of fact if i click on uninstall iam abel to click on somethig eles and uninstall that (what ever) usually your not.

it would say, sry another program is being unistalled please wait,not thoes words but you understand i hope.

 

 

sry.i would goto

 

Control Panel\All Control Panel Items\Programs and Features, ive tryed other unistall software as i said befor same with all uninsatll progrmas


Edited by Bakersfieldboy, 20 December 2014 - 11:35 AM.


#13 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 20 December 2014 - 11:24 AM

Hello there,
 
You could try to boot into safe mode and then uninstall the programs.

:step1: Please download Temporary File Cleaner to your desktop

  • Double click it (Win 7, 8 and Vista users, right-click and select run as admin)]
  • Click start and wait for it to finish.

:step2: Please download Malwarebytes Anti-Rootkit to your desktop

  • Double click it and click ok (Make sure to extract it to your desktop)
  • When it opens, click next and then update.
  • After it's updated, click next and then scan.
  • If malware is detected, select clean, then restart your computer.
  • Open 'MBAR' on your desktop and paste the contens in your reply of the following logs:
  • mbar-log-xx.xx.xx.txt and system-log.txt.


#14 Bakersfieldboy

Bakersfieldboy
  • Topic Starter

  • Members
  • 68 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:10 AM

Posted 20 December 2014 - 11:51 AM

Why ?> try to boot into safe mode computers running fine in normal mode.

   is there something you want me to disable ?

 

ran rootkit already comes up clean.If you need log i wll rerun it.



#15 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 20 December 2014 - 11:56 AM

You mentioned you can't uninstall the programs.. I wanted to see if you were able to do it in Safe Mode. However, as you are still receiving issues after the steps I provide you with, I think you may need advanced tools, such as FRST, to help you resolve this issue.

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users