Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Week old computer, mega onesoftperday virus


  • Please log in to reply
19 replies to this topic

#1 SRTHemi

SRTHemi

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 20 December 2014 - 10:39 PM

On my flying game site, try to download a sound pack and poof, I get this virus. I've tried to manually remove it the best I can from what I've seen from searches but I only have ie and cannot download anything. Ie is useless. I go to a site then I get jammed with crap from the virus and nothing wil work on ie for me. I created a restore point the day I got the computer but I'm not sure that will even help.
Is there any hope for me

Thanks
SRT

Edited by Queen-Evie, 20 December 2014 - 10:40 PM.
moved from Windows 7 to the appropriate forum for malware help


BC AdBot (Login to Remove)

 


#2 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 21 December 2014 - 04:48 AM

Hello there     :welcome:
 
Welcome to Bleeping Computer, I'm LighthouseParty. Let's run a couple of scans to see what could be causing this.
 
:step1: Please download MiniToolBox to your desktop

  • Double click MiniToolBox.
  • Select the following and then press go.
  • Post the log in your next reply.

Flush DNS
Reset IE Proxy Settings
Reset FF Proxy Settings
List Installed Programs
List Restore Points
 
:step2: Please download Malwarebytes Anti-Malware to your desktop

  • Double click mbam-setup-x.x.x.xxxx and follow the on-screen instructions.
  • On the dashboard, click update now.
  • After that, click scan now - the scan will now begin.
  • When the scan's completed, select apply actions - make sure the action is quarantine.
  • Restart your computer.

How to get the log.

  • On the dashboard, select the history tab and click application logs.
  • Select the log which has the time and date of when you did the scan.
  • Click copy to clipboard and paste it into your reply.

:step3: Please download Security Check to your desktop

  • Double click SecurityCheck and follow the on-screen instructions.
  • A log should open, called checkup.txt.
  • Please post the contents of it in your next reply.

:step4: Non-malware removal steps
 
Run System File Checker - http://support.microsoft.com/KB/929833
Run Disk Check - http://support.microsoft.com/kb/2641432
Run Disk Cleanup - http://windows.microsoft.com/en-gb/windows/delete-files-using-disk-cleanup

Thanks and good luck!



#3 SRTHemi

SRTHemi
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 21 December 2014 - 10:53 AM

MiniToolBox by Farbar  Version: 30-11-2014
Ran by Jason Stone (administrator) on 21-12-2014 at 10:52:18
Running from "C:\Users\Jason Stone\Downloads"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

=========================== Installed Programs ============================
Aces High (remove only) (HKLM-x32\...\Aces High) (Version: Version 2.32 Patch 2 - Hitech Creations, Inc.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
AIM 7 (HKLM-x32\...\AIM_7) (Version:  - )
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Download Updater (AOL LLC) (HKLM-x32\...\SoftwareUpdUtility) (Version:  - )
Futuremark SystemInfo (HKLM-x32\...\{EF7EA37B-C009-4D53-AE2A-FF7C6AEC35CE}) (Version: 4.26.386 - Futuremark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Intel® Chipset Device Software (Version: 10.0.17 - Intel Corporation) Hidden
Intel® Chipset Device Software (x32 Version: 10.0.17 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
Intel® Management Engine Components (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (Version: 10.0.1.1000 - Intel Corporation) Hidden
Intel® ME UninstallLegacy (Version: 1.0.1.0 - Intel Corporation) Hidden
Intel® Smart Connect Technology (HKLM\...\{1D5C9D08-546D-4A7E-B0F1-F33E94257B09}) (Version: 5.0.10.2832 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.19 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.35.127.1 - Intel Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA Control Panel 344.75 (Version: 344.75 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 16.18.9 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.172.1357 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.1 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.14.0702 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA ShadowPlay 16.18.9 (Version: 16.18.9 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 16.18.9 (Version: 16.18.9 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 16.18.9 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.27 (Version: 1.2.27 - NVIDIA Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.77.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7245 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.05 - Creative Technology Limited)
Support PL 1.1 (HKLM-x32\...\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{be0fb33b}) (Version:  - PriceLess)
Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0187 - )
========================= Restore Points ==================================

14-12-2014 02:47:18 Installed iTunes
14-12-2014 20:00:10 Windows Update
15-12-2014 00:00:06 Windows Backup
15-12-2014 01:32:33 Removed iTunes
17-12-2014 20:00:15 Windows Update
18-12-2014 20:00:15 Windows Update
21-12-2014 15:41:42 Removed PCBooster

**** End of log ****



#4 SRTHemi

SRTHemi
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 21 December 2014 - 11:04 AM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12/21/2014
Scan Time: 10:56:30 AM
Logfile: hiv.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.21.03
Rootkit Database: v2014.12.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Jason Stone

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 352587
Time Elapsed: 3 min, 16 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 1
PUP.Optional.Supporter.A, C:\Program Files (x86)\Supporter\Supporter.dll, Delete-on-Reboot, [bbbcdd88e795b2843a7d5cfa7390ce32],

Registry Keys: 41
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, Quarantined, [c5b202637dffcf6759725d7cb64cf30d],
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, Quarantined, [c5b202637dffcf6759725d7cb64cf30d],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-3674066198-3742439094-2438166504-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, Quarantined, [ef88b4b1fe7e072f588afadaa75beb15],
PUP.Optional.ShopSave.A, HKU\S-1-5-21-3674066198-3742439094-2438166504-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{033BE5FC-ED4C-48A0-8F07-E0128384D828}, Quarantined, [c6b1bda876067cbaaac2d7fc5aa8be42],
PUP.Optional.Iminent.A, HKU\S-1-5-21-3674066198-3742439094-2438166504-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, Quarantined, [2e494e17205cc175ef0c35d820e3c838],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, Quarantined, [2e494e17205cc175ef0c35d820e3c838],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, Quarantined, [e79097cedaa21f17bea830de8b7857a9],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, Quarantined, [6710c79e710bb77fd19647c7f50ee61a],
PUP.Optional.Sanbreel.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\{f9f63dc8-69eb-4401-b96f-f478137556a8}Gw64, Quarantined, [4d2abda8ceae77bfa07190e0bb485ca4],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\Iminent, Quarantined, [7403b1b4f686999dd6634d4d35cedb25],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent, Quarantined, [96e1a5c077053501ef586e5629db14ec],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, Quarantined, [40374124483476c0e455ddbd6d9621df],
PUP.Optional.OneSoftPerDay.A, HKLM\SOFTWARE\WOW6432NODE\ONESOFTPERDAY, Quarantined, [3146c0a5e894b482d04a93d39e6501ff],
PUP.Optional.SearchSnacks.A, HKLM\SOFTWARE\WOW6432NODE\SearchSnacks_1.10.0.3, Quarantined, [81f62e37ceae1b1b700817497e851ee2],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Iminent, Quarantined, [4b2c13524339a39368dfe9db5aaad729],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, Quarantined, [4f28036297e567cfdd77086a17ec46ba],
PUP.Optional.Booster.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{be0fb33b}, Quarantined, [80f7194cabd170c66803da9bd3301be5],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, Quarantined, [c9aed98c601ce55165e471612cd88779],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, Quarantined, [9fd8a5c0c9b32313d773646ed72d41bf],
PUP.Optional.Supporter.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\be0fb33b, Quarantined, [bbbcb0b5e09cef47a3155ef8649f56aa],
PUP.Optional.SearchSnacks.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\ssnfd_1_10_0_3, Quarantined, [1067dc89b2caca6c4733035d6e950bf5],
PUP.Optional.HDPlus.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HDtubeV1.6V21.12, Quarantined, [581f7ce9413baa8c1fdb571e09fafb05],
PUP.Optional.Tuto4PC.A, HKU\S-1-5-21-3674066198-3742439094-2438166504-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\TutoTag, Quarantined, [e59294d1a0dc47ef2755fdd5ff0541bf],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3674066198-3742439094-2438166504-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Quarantined, [0a6d382d4f2da096d4c1972ccd372ad6],
PUP.Optional.MultiIE.A, HKU\S-1-5-21-3674066198-3742439094-2438166504-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, Quarantined, [6d0a91d46f0d1d194c6b05c7b351639d],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdate, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\globalUpdatem, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Update3WebControl.4, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, Quarantined, [482f362f3a423afc920f2219d42fad53],

Registry Values: 4
PUP.Optional.Iminent.A, HKU\S-1-5-21-3674066198-3742439094-2438166504-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, Quarantined, [2e494e17205cc175ef0c35d820e3c838],
PUP.Optional.Iminent.A, HKU\S-1-5-21-3674066198-3742439094-2438166504-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}, Quarantined, [9fd822431e5e87afdf1cb25b857e8977],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Quarantined, [4f28036297e567cfdd77086a17ec46ba]
PUP.Optional.OneSoftPerDay.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|ospd_us_541, Quarantined, [b0c7f075621aab8bb36955119a69748c],

Registry Data: 0
(No malicious items detected)

Folders: 15
PUP.Optional.Supporter.A, C:\Program Files (x86)\Supporter, Delete-on-Reboot, [bbbcdd88e795b2843a7d5cfa7390ce32],
Rogue.Multiple, C:\ProgramData\1078601655, Quarantined, [fb7cf76ef983c76fa6ca021028dbd42c],
Rogue.Multiple, C:\ProgramData\2355320829, Quarantined, [d4a3095c0775d1656e02060cac57ff01],
PUP.Optional.Iminent.A, C:\Users\Jason Stone\AppData\Local\Temp\Iminent, Quarantined, [4b2c1154a1db072f1805a280c43fee12],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{722B2014-1A9A-4414-9A0D-B7CCF132F698}, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.A, C:\Users\Jason Stone\AppData\Local\Temp\comh.460624, Quarantined, [195e6401fe7efc3afdc038031de610f0],
PUP.Optional.MultiPlug.A, C:\ProgramData\PriceLess, Quarantined, [81f67bea403c3501bf218abc52b1c43c],
PUP.Optional.MultiPlug.A, C:\Program Files (x86)\PriceLess, Quarantined, [6314c2a305771224a53c36104cb738c8],
PUP.Optional.ShopSave.A, C:\Program Files (x86)\ShopSave Toolbar, Quarantined, [f483ec79aece4de9100b3e09748ff10f],
PUP.Optional.PlumoWeb.A, C:\Users\Jason Stone\AppData\Local\Temp\PlumoWeb, Quarantined, [91e6f76ea5d7f6405ac59cb6fe0547b9],

Files: 42
PUP.Optional.HDTube.A, C:\Users\Jason Stone\AppData\Roaming\NNTILK.exe, Quarantined, [e6915c099ae26dc93c9dceda5fa62fd1],
PUP.Optional.Iminent, C:\Users\Jason Stone\AppData\Local\Temp\uninstall.exe9318b, Quarantined, [d1a6c0a5e6962511e51e1313ac55c13f],
PUP.Optional.Conduit.A, C:\Users\Jason Stone\AppData\Local\Temp\nsfEBC9.exe, Quarantined, [df98b2b35626e74f4699495778891fe1],
PUP.Optional.SearchSnacks.A, C:\Users\Jason Stone\AppData\Local\Temp\WPR\searchsnacks.exe, Quarantined, [cea978ed1468d26417a2ebedb24f7789],
PUP.Optional.CrossRider.A, C:\Users\Jason Stone\AppData\Local\Temp\~nsu.tmp\Au_.exe, Quarantined, [700784e1d5a7d4620c345ee2f50b53ad],
PUP.Optional.Tuto4PC.A, C:\Users\Jason Stone\AppData\Local\Temp\is-N3KP2.tmp\package_iminent_p_installer_multilang.exe, Quarantined, [e98e94d1e696fc3a1654816de31e2fd1],
PUP.Optional.Tuto4PC.A, C:\Users\Jason Stone\AppData\Local\Temp\is-N3KP2.tmp\package_superpc_installer_multilang.exe, Quarantined, [1a5dbda8a8d4b284cb9fc02e837e0ff1],
PUP.Optional.Supporter.A, C:\Program Files (x86)\Supporter\Supporter.dll, Delete-on-Reboot, [bbbcdd88e795b2843a7d5cfa7390ce32],
PUP.Optional.Sanbreel.A, C:\Windows\System32\drivers\{f9f63dc8-69eb-4401-b96f-f478137556a8}Gw64.sys, Quarantined, [4d2abda8ceae77bfa07190e0bb485ca4],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, Quarantined, [8ceb31345527280e50abbe1112f224dc],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, Quarantined, [fd7a6df8ccb06ccacb3102cd20e4f709],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, Quarantined, [215675f0f28a50e6a954fbd4dc28ec14],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, Quarantined, [7ff8d88d740844f203fb6f60f60e8779],
PUP.Optional.Vitruvian.A, C:\Users\Jason Stone\AppData\Local\Temp\vitruvian-installer-install-v0003, Quarantined, [4f283530ee8ef6404b6470682cd8a858],
PUP.Optional.Vitruvian.A, C:\Users\Jason Stone\AppData\Local\Temp\vitruvian-installer-processes-v0002, Quarantined, [a2d53d285527a591dfd0b127030158a8],
PUP.Optional.Vitruvian.A, C:\Users\Jason Stone\AppData\Local\Temp\vitruvian-installer-scheduledtasks-v0001, Quarantined, [690eee772656b77fd4db2eaa3ec6e41c],
PUP.Optional.Vitruvian.A, C:\Users\Jason Stone\AppData\Local\Temp\vitruvian-installer-softwareregkeys-v0002, Quarantined, [a6d16104582477bf842ba236a75d31cf],
PUP.Optional.Vitruvian.A, C:\Users\Jason Stone\AppData\Local\Temp\vitruvian-installer-uninstall-v0002, Quarantined, [ec8bd39269135fd7d4db4b8d659fbb45],
PUP.Optional.Vitruvian.A, C:\Users\Jason Stone\AppData\Local\Temp\vitruvian-installer-vmdetect-v0001, Quarantined, [c0b7f2735329c47201ae0bcd15ef768a],
Rogue.Multiple, C:\ProgramData\2355320829\BIT8016.tmp, Quarantined, [d4a3095c0775d1656e02060cac57ff01],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, Quarantined, [482f362f3a423afc920f2219d42fad53],
PUP.Optional.GlobalUpdate.A, C:\Users\Jason Stone\AppData\Local\Temp\comh.460624\GoogleCrashHandler.exe, Quarantined, [195e6401fe7efc3afdc038031de610f0],
PUP.Optional.GlobalUpdate.A, C:\Users\Jason Stone\AppData\Local\Temp\comh.460624\GoogleUpdate.exe, Quarantined, [195e6401fe7efc3afdc038031de610f0],
PUP.Optional.GlobalUpdate.A, C:\Users\Jason Stone\AppData\Local\Temp\comh.460624\GoogleUpdateBroker.exe, Quarantined, [195e6401fe7efc3afdc038031de610f0],
PUP.Optional.GlobalUpdate.A, C:\Users\Jason Stone\AppData\Local\Temp\comh.460624\GoogleUpdateHelper.msi, Quarantined, [195e6401fe7efc3afdc038031de610f0],
PUP.Optional.GlobalUpdate.A, C:\Users\Jason Stone\AppData\Local\Temp\comh.460624\GoogleUpdateOnDemand.exe, Quarantined, [195e6401fe7efc3afdc038031de610f0],
PUP.Optional.GlobalUpdate.A, C:\Users\Jason Stone\AppData\Local\Temp\comh.460624\goopdate.dll, Quarantined, [195e6401fe7efc3afdc038031de610f0],
PUP.Optional.GlobalUpdate.A, C:\Users\Jason Stone\AppData\Local\Temp\comh.460624\goopdateres_en.dll, Quarantined, [195e6401fe7efc3afdc038031de610f0],
PUP.Optional.GlobalUpdate.A, C:\Users\Jason Stone\AppData\Local\Temp\comh.460624\npGoogleUpdate4.dll, Quarantined, [195e6401fe7efc3afdc038031de610f0],
PUP.Optional.GlobalUpdate.A, C:\Users\Jason Stone\AppData\Local\Temp\comh.460624\psmachine.dll, Quarantined, [195e6401fe7efc3afdc038031de610f0],
PUP.Optional.GlobalUpdate.A, C:\Users\Jason Stone\AppData\Local\Temp\comh.460624\psuser.dll, Quarantined, [195e6401fe7efc3afdc038031de610f0],
PUP.Optional.MultiPlug.A, C:\ProgramData\PriceLess\VjnIFq5IpywwK3R.exe, Quarantined, [81f67bea403c3501bf218abc52b1c43c],

Physical Sectors: 0
(No malicious items detected)

(end)



#5 SRTHemi

SRTHemi
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 21 December 2014 - 11:05 AM

 Results of screen317's Security Check version 0.99.93 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
Microsoft Security Essentials  
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Google Chrome (39.0.2171.95)
````````Process Check: objlist.exe by Laurent```````` 
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 8%
````````````````````End of Log``````````````````````
 



#6 SRTHemi

SRTHemi
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 21 December 2014 - 11:06 AM

I had a time downloading the programs.  I'd click your links above and it would send me other places.  I went into remove programs, removed everything from yesterday and only then could I proceed.

 

hope this helps

thank you

SRT



#7 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 21 December 2014 - 11:08 AM

Hello there,
 

Do you remember the names of the programs you removed?

 

:step1: Please download rKill to your desktop

  • Double click it (Win 7, 8 and Vista users, right-click and select run as admin)
  • The tool will run and then a log file should open.
  • Please post the contents of it in your next reply.

Please don't restart your computer before running the next step.

:step2: Please download AdwCleaner to your desktop

  • Double click adwcleaner_x.xxx.exe. (Win 7, 8 and Vista users, right-click and select run as admin)
  • If prompted, click I agree.
  • Click scan. When it's finished, select clean.
  • Allow AdwCleaner to restart your computer.
  • Once your computer's restarted, a log should appear.
  • Please post this in your next reply.

:step3: Please download Junkware Removal Tool to your desktop

  • Double click JRT.exe. (Win 7, 8 and Vista users, right-click and select run as admin)
  • Press any key and the scan will begin.
  • At the end, a log will open. Please post this in your next reply.

:step4: Please visit the ESET Online Scanner webpage
:exclame: Internet Explorer MUST be used for this step.  :exclame:

  • Click the checkbox next to 'Yes, I accept the Terms of Use' and click start.
  • Select the checkboxes which are displayed in the picture below.

jqnp8z.png

  • Press start and the scan will now begin - this scan will take a long time.
  • When the scand finished, select list threats and then export.
  • Choose a name for the log (e.g ESET) and click save (to your desktop)
  • Press the back button and then click finish. Please include the contents of the log in your reply.

Edited by LighthouseParty, 21 December 2014 - 11:08 AM.


#8 SRTHemi

SRTHemi
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 21 December 2014 - 11:11 AM

no, I don't recall.   sorry. 

working on the next steps now



#9 SRTHemi

SRTHemi
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 21 December 2014 - 11:12 AM

Rkill 2.6.9 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 12/21/2014 11:12:13 AM in x64 mode.
Windows Version: Windows 7 Professional Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 12/21/2014 11:12:18 AM
Execution time: 0 hours(s), 0 minute(s), and 5 seconds(s)



#10 SRTHemi

SRTHemi
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 21 December 2014 - 11:18 AM

# AdwCleaner v4.106 - Report created 21/12/2014 at 11:16:38
# Updated 21/12/2014 by Xplode
# Database : 2014-12-21.4 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Jason Stone - JASONSTONE-PC
# Running from : C:\Users\Jason Stone\Downloads\adwcleaner_4.106.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\2c85575642079b23
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\predm
Folder Deleted : C:\Program Files (x86)\Portable Booster
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
Folder Deleted : C:\Users\JASONS~1\AppData\Local\Temp\VuuPC
Folder Deleted : C:\Users\JASONS~1\AppData\Local\Temp\PriceLess
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Jason Stone\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Jason Stone\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Jason Stone\AppData\Local\torch
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl
Folder Deleted : C:\Users\Jason Stone\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl
Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl
Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl
Folder Deleted : C:\Users\Jason Stone\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl
File Deleted : C:\Users\Jason Stone\Desktop\Continue Live Installation.lnk

***** [ Scheduled Tasks ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Microsoft\KanarCore
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\NpApp
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{75F9BF4A-AF67-A478-A37B-31D73186D3F3}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\adserver.iminent.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\iminent.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\start.iminent.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\trovi.com

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17496

-\\ Google Chrome v39.0.2171.95

-\\ Comodo Dragon v

*************************

AdwCleaner[R0].txt - [9628 octets] - [21/12/2014 11:15:08]
AdwCleaner[S0].txt - [9605 octets] - [21/12/2014 11:16:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9665 octets] ##########



#11 SRTHemi

SRTHemi
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 21 December 2014 - 11:22 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Professional x64
Ran by Jason Stone on Sun 12/21/2014 at 11:18:59.95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

~~~ Services

 

~~~ Registry Values

 

~~~ Registry Keys

 

~~~ Files

 

~~~ Folders

 

~~~ Event Viewer Logs were cleared

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 12/21/2014 at 11:20:15.91
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



#12 SRTHemi

SRTHemi
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 21 December 2014 - 11:55 AM

C:\Users\Jason Stone\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\content.js JS/Chromex.Agent.L trojan 
C:\Users\Jason Stone\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\lsdb.js JS/Kryptik.ATB trojan 
C:\Users\Jason Stone\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\rbEnBU5I.js JS/Kryptik.ATB trojan 
C:\Users\Jason Stone\AppData\Local\Temp\18be6784_.exe a variant of Win32/Adware.MultiPlug.DX application 
C:\Users\Jason Stone\AppData\Local\Temp\294823_.exe a variant of Win32/Adware.MultiPlug.DJ application 
C:\Users\Jason Stone\AppData\Local\Temp\ICReinstall_nskDB1C.tmp a variant of Win32/InstallCore.PO potentially unwanted application 
C:\Users\Jason Stone\AppData\Local\Temp\ICReinstall_nsr7C0D.tmp a variant of Win32/InstallCore.PO potentially unwanted application 
C:\Users\Jason Stone\AppData\Local\Temp\nskDB1C.tmp a variant of Win32/InstallCore.PO potentially unwanted application 
C:\Users\Jason Stone\AppData\Local\Temp\nsr7C0D.tmp a variant of Win32/InstallCore.PO potentially unwanted application 
C:\Users\Jason Stone\AppData\Local\Temp\optprosetup.exe a variant of Win32/OptimizerEliteMax.C potentially unwanted application 
C:\Users\Jason Stone\AppData\Local\Temp\is-03C2M.tmp\gentlemjmp_ieeuu.exe Win32/AdWare.EoRezo.AW application 
C:\Users\Jason Stone\AppData\Local\Temp\is-MKI90.tmp\OptProMon.dll a variant of Win32/Adware.MultiPlug.DX application 
C:\Users\Jason Stone\AppData\Local\Temp\nsc2F48.tmp\__a3d32d6f1f854702b3f57768216326ed_lib.dll a variant of Win32/AdGazelle.A potentially unwanted application 
C:\Users\Jason Stone\AppData\Local\Temp\nswB2D8.tmp\__a3d32d6f1f854702b3f57768216326ed_lib.dll a variant of Win32/AdGazelle.A potentially unwanted application 
C:\Users\Jason Stone\AppData\Local\Temp\OneSoftPerDay\setup_ospd_us.exe multiple threats 
C:\Users\Jason Stone\AppData\Local\Temp\WPR\OptimizerPro.exe a variant of Win32/AdWare.SpeedingUpMyPC.N application 
C:\Users\Jason Stone\AppData\Roaming\NNTILK JS/Toolbar.Crossrider.C potentially unwanted application 
C:\Users\Jason Stone\Downloads\setup.exe a variant of Win32/AdGazelle.B potentially unwanted application 
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\content.js JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\lsdb.js JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\rbEnBU5I.js JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\rbEnBU5I.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\rbEnBU5I.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\rbEnBU5I.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Local\torch\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\rbEnBU5I.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Chromatic Browser\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\rbEnBU5I.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\rbEnBU5I.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\rbEnBU5I.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Guest\AppData\Local\torch\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\rbEnBU5I.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\rbEnBU5I.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\rbEnBU5I.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\rbEnBU5I.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\HomeGroupUser$\AppData\Local\torch\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\rbEnBU5I.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Jason Stone\AppData\Local\Chromatic Browser\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Jason Stone\AppData\Local\Chromatic Browser\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Jason Stone\AppData\Local\Chromatic Browser\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\rbEnBU5I.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Jason Stone\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Jason Stone\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Jason Stone\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\rbEnBU5I.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Jason Stone\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Jason Stone\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Jason Stone\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\rbEnBU5I.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Jason Stone\AppData\Local\torch\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\content.js.vir JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Jason Stone\AppData\Local\torch\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\lsdb.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Jason Stone\AppData\Local\torch\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\rbEnBU5I.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\content.js JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\lsdb.js JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\rbEnBU5I.js JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\content.js JS/Chromex.Agent.L trojan cleaned by deleting - quarantined
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\lsdb.js JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pbecnkieieaoladjmnkcbihdphgdhmdl\5.2\rbEnBU5I.js JS/Kryptik.ATB trojan cleaned by deleting - quarantined
 



#13 Guest_LighthouseParty_*

Guest_LighthouseParty_*

  • Guests
  • OFFLINE
  •  

Posted 21 December 2014 - 12:05 PM

How is the PC running now?



#14 SRTHemi

SRTHemi
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 21 December 2014 - 12:06 PM

it seems good.  it goes where I click, like its supposed to.

 

am I cootie free?



#15 SRTHemi

SRTHemi
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  

Posted 21 December 2014 - 12:11 PM

also, if I am cootie free, is there any program I can keep on my system to keep me disease free?

I have Microsoft security essentials but I didn't catch it when I got it or even after I got it when I did a full scan.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users