Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Proxy 127.0.1 port 8118 Virus?


  • Please log in to reply
37 replies to this topic

#1 mango09

mango09

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:02:39 PM

Posted 07 May 2015 - 06:12 PM

Hello I noticed that my computer keeps getting directed to 127.0.1 port 8118. This computer is brand new and I have only used it a couple weeks. Is this a virus? I ran malware bytes and hitmanpro with no luck. I would appreciate any help with my problem.



BC AdBot (Login to Remove)

 


#2 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:39 PM

Posted 07 May 2015 - 06:15 PM

Download and run wipe  and system ninja,

 

https://privacyroot.com/software/www/en/wipe.php

https://singularlabs.com/software/system-ninja/

 

Then.....

 

Go ahead and install ccleaner Now that you have the program installed go ahead and run the cleaner function.

https://www.piriform.com/ccleaner/download
kwLN4uv.png


Now that you have cleaned out some temp files, lets go ahead and disable all of the items starting up with your machine except your antivirus. To do this you will need to click on tools then start up select each item then disable.

GjWwvEu.png

Now that you have disabled those un-needed start ups lets go into the settings, we will have Ccleaner run when your machine boots, so that you will never have to worry about cleaning temp files again.

To do this:

  • Hit options.
  • Settings.
  • Place a tick to run Ccleaner when the computer starts.


Lxioao1.png

Now go to the advanced tab, and select close program after cleaning, now run the cleaner again this will close Ccleaner.

SnqZ2JW.png

 

Reboot your machine and then follow the  instructions below.

 

Step 1: eScanAV.

 

Disable your antivirus prior to this scan.

http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

Download the eScanAV Anti-Virus Toolkit (MWAV)
http://www.escanav.com/english/content/products/downloadlink/downloadcounter.asp?pcode=MWAV&src=english_dwn&type=alter

 

Source

http://www.escanav.com/english/content/products/downloadlink/downloadproduct.asp?pcode=MWAV
Save the file to your desktop.
Right click run as administrator.
A new icon will appear on your desktop.
Right click run as administrator on new icon.
Click on the update tab.
ZCDJtZN.png
Once you have updated the program, make sure the settings are the same as the picture below.
7DUFn5c.png
Once you have made sure the settings match the picture, hit the Scan & Clean button.
Upon scan completion, click View Log.
ApSVXsQ.png
Copy and paste entire log into your next reply.
Note: Reboot if needed to remove infections.

 

Step 2: Zemana

 

Run a full scan with Zemana antimalware.

http://www.zemana.us/product/zemana-antimalware/default.aspx

Install and select deep scan.

jdmyscF.jpg

Remove any infections found.

Then click on the icon in the pic below.

DOLGyto.jpg

Double click on the scan log, copy and paste here in your reply.

 

 

Step 3: Junkware Removal Tool.
 
Please download Junkware Removal Tool and save it on your desktop.

Source

http://thisisudax.org/

  • Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log is saved to your desktop and will automatically open.
  • Please post the JRT log.

Step 4: Adware Cleaner.
 
Please download AdwCleaner by Xplode onto your desktop.


  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.


#3 mango09

mango09
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:02:39 PM

Posted 07 May 2015 - 06:16 PM

Alright I will try this and thank you for your quick response.



#4 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:39 PM

Posted 07 May 2015 - 06:20 PM

:)



#5 mango09

mango09
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:02:39 PM

Posted 07 May 2015 - 07:28 PM

07 May 2015 17:10:48 [0520] - **********************************************************
07 May 2015 17:10:48 [0520] - MWAV - eScanAV AntiVirus Toolkit.
07 May 2015 17:10:48 [0520] - Copyright © MicroWorld Technologies
07 May 2015 17:10:48 [0520] - **********************************************************
07 May 2015 17:10:48 [0520] - Source: C:\Users\westin.mcasey\Downloads\mwav.exe
07 May 2015 17:10:48 [0520] - Version 14.0.178 (C:\USERS\WESTIN.MCASEY\APPDATA\LOCAL\TEMP\MEXE.COM)
07 May 2015 17:10:48 [0520] - Log File: C:\Users\westin.mcasey\AppData\Local\Temp\MWAV.LOG
07 May 2015 17:10:48 [0520] - MWAV Registered: TRUE
07 May 2015 17:10:48 [0520] - User Account: westin.mcasey (Administrator Mode)
07 May 2015 17:10:48 [0520] - OS Type: Windows Workstation [InstallType: Client]
07 May 2015 17:10:48 [0520] - OS: Windows 8.1 64-Bit [OS Install Date: 19 Mar 2015 15:41:10]
07 May 2015 17:10:48 [0520] - Ver: Personal Build 9200
07 May 2015 17:10:48 [0520] - System Up Time: 14 Minutes, 58 Seconds
 
 
07 May 2015 17:10:48 [0520] - Parent Process Name : C:\Users\westin.mcasey\Downloads\mwav.exe
07 May 2015 17:10:48 [0520] - Windows Root  Folder: C:\Windows
07 May 2015 17:10:48 [0520] - Windows Sys32 Folder: C:\Windows\system32
07 May 2015 17:10:48 [0520] - DHCP NameServer: 192.168.1.1
07 May 2015 17:10:48 [0520] - Interface0 DHCPNameServer: 192.168.1.1
07 May 2015 17:10:48 [0520] - Interface1 DHCPNameServer: 192.168.1.1
07 May 2015 17:10:48 [0520] - ProxyServer: 127.0.0.1:8118
07 May 2015 17:10:48 [0520] - ProxyOverride: <local>
07 May 2015 17:10:48 [0520] - Proxy Connection: DISABLED
07 May 2015 17:10:48 [0520] - Local Fixed Drives: c:\,d:\
07 May 2015 17:10:48 [0520] - MWAV Mode(A): Scan and Clean files (for viruses, adware and spyware)
07 May 2015 17:10:48 [0520] - [CREATED ZIP FILE: C:\Users\westin.mcasey\AppData\Local\Temp\pinfect.zip]
07 May 2015 17:10:48 [0520] - Latest Date of files inside MWAV: Mon Mar  2 17:13:53 2015.
07 May 2015 17:10:50 [0520] - ** Deleted Value "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings/ProxyServer". Its value was: "127.0.0.1:8118"
07 May 2015 17:10:50 [0520] - ** Changed Value of "Path"
07 May 2015 17:10:50 [0520] - ** Changed Value of "HKEY_CLASSES_ROOT\.scr" from "AutoCADScriptFile" to "scrfile"
07 May 2015 17:10:50 [0520] - ** Changed Value of "HKEY_CLASSES_ROOT\.htm" from "ChromeHTML" to "htmlfile"
07 May 2015 17:10:50 [0520] - ** Changed Value of "HKEY_CLASSES_ROOT\.html" from "ChromeHTML" to "htmlfile"
07 May 2015 17:10:50 [0520] - Loading/Creating FileScan Cache Database C:\ProgramData\MicroWorld\MWAV\ESCANDBY.MDB [Log: C:\Users\westin.mcasey\AppData\Local\Temp\ESCANDB.LOG]
07 May 2015 17:10:50 [0520] - Loaded/Created FileScan Cache Database...
07 May 2015 17:10:50 [0520] - Loading AV Library [DB]...
07 May 2015 17:11:10 [0520] - ArchiveScan: DISABLED
07 May 2015 17:11:11 [0520] - AV Library Loaded - MultiThreaded - 8 : [DB-DIRECT].
07 May 2015 17:11:11 [0520] - MWAV doing self scanning...
07 May 2015 17:11:11 [0520] - MWAV files are clean.
07 May 2015 17:11:17 [0520] - ArchiveScan: DISABLED
07 May 2015 17:11:17 [0520] - Virus Database Date: 02 Mar 2015
07 May 2015 17:11:17 [0520] - Virus Database Count: 6701505
07 May 2015 17:11:17 [0520] - Sign Version: 7.59505 [518257]
 
07 May 2015 17:12:08 [0520] - **********************************************************
07 May 2015 17:12:08 [0520] - MWAV - eScanAV AntiVirus Toolkit.
07 May 2015 17:12:08 [0520] - Copyright © MicroWorld Technologies
07 May 2015 17:12:08 [0520] - 
07 May 2015 17:12:08 [0520] - Support: support@escanav.com
07 May 2015 17:12:08 [0520] - Web: http://www.escanav.com
07 May 2015 17:12:08 [0520] - **********************************************************
07 May 2015 17:12:08 [0520] - Version 14.0.178[DB] (C:\USERS\WESTIN.MCASEY\APPDATA\LOCAL\TEMP\MEXE.COM)
07 May 2015 17:12:08 [0520] - Log File: C:\Users\westin.mcasey\AppData\Local\Temp\MWAV.LOG
07 May 2015 17:12:08 [0520] - User Account: westin.mcasey (Administrator Mode)
07 May 2015 17:12:08 [0520] - Parent Process Name : C:\Users\westin.mcasey\Downloads\mwav.exe
07 May 2015 17:12:08 [0520] - Windows Root  Folder: C:\Windows
07 May 2015 17:12:08 [0520] - Windows Sys32 Folder: C:\Windows\system32
07 May 2015 17:12:08 [0520] - OS: Windows 8.1 64-Bit [OS Install Date: 19 Mar 2015 15:41:10]
07 May 2015 17:12:08 [0520] - Ver: Personal Build 9200
07 May 2015 17:12:08 [0520] - Latest Date of files inside MWAV: Mon Mar  2 17:13:53 2015.
 
07 May 2015 17:12:08 [06e8] - Options Selected by User:
07 May 2015 17:12:08 [06e8] - Memory Check: Enabled
07 May 2015 17:12:08 [06e8] - Registry Check: Enabled
07 May 2015 17:12:08 [06e8] - StartUp Folder Check: Enabled
07 May 2015 17:12:08 [06e8] - System Folder Check: Enabled
07 May 2015 17:12:08 [06e8] - Services Check: Enabled
07 May 2015 17:12:08 [06e8] - Scan Spyware: Enabled
07 May 2015 17:12:08 [06e8] - Scan Archives: Disabled
07 May 2015 17:12:08 [06e8] - Drive Check: Enabled
07 May 2015 17:12:08 [06e8] - All Drive Check :Disabled
07 May 2015 17:12:08 [06e8] - Drive Selected = C:\
07 May 2015 17:12:08 [06e8] - Folder Check: Disabled
07 May 2015 17:12:08 [06e8] - SCAN: All_Files [ANSI]
07 May 2015 17:12:08 [06e8] - MWAV Mode(B): Scan and Clean files (for viruses, adware and spyware)
 
07 May 2015 17:12:08 [06e8] - Scanning DNS Records...
07 May 2015 17:12:08 [06e8] - Scanning Master Boot Record (User)...
07 May 2015 17:12:08 [06e8] - Scanning Logical Boot Records...
07 May 2015 17:12:08 [06e8] - ***** Scanning For Hidden Rootkit Processes *****
07 May 2015 17:12:08 [06e8] - ***** Scanning For Hidden Rootkit Services *****
 
07 May 2015 17:12:09 [06e8] - ***** Scanning Memory Files *****
 
07 May 2015 17:12:11 [06e8] - ***** Scanning Registry Files *****
07 May 2015 17:12:12 [06e8] - ERROR(l)!!! Invalid Entry AppInit_DLLs = 2 (in key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows). Action Taken: No Action Taken.
07 May 2015 17:12:12 [06e8] - ERROR(l)!!! Invalid Entry AppInit_DLLs = 2 (in key HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows). Action Taken: No Action Taken.
07 May 2015 17:12:13 [06e8] - ERROR(3)!!! Invalid Entry  Maintance = "C:\Program Files\\net1.exe" windowsStartup (in key HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run). Action Taken: Removing it.
 
07 May 2015 17:12:14 [06e8] - ***** Scanning StartUp Folders *****
 
07 May 2015 17:13:33 [06e8] - ***** Scanning Service Files *****
07 May 2015 17:13:37 [06e8] - ERROR(2)!!! Invalid Entry C:\Users\WESTIN~1.MCA\AppData\Local\Temp\7zS1C4C\hpslpsvc64.dll. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\HPSLPSVC.
07 May 2015 17:13:39 [06e8] - ERROR(2)!!! Invalid Entry \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys. Action Taken: Removing HKLM64\SYSTEM\CurrentControlSet\Services\MBAMSwissArmy.
07 May 2015 17:13:42 [06e8] - Giving rights(a) to [HKLM64\SYSTEM\CurrentControlSet\Services\TrkWks].
 
07 May 2015 17:13:45 [06e8] - ***** Scanning Registry and File system for Adware/Spyware *****
07 May 2015 17:13:45 [06e8] - Loading Spyware Signatures from new External Database [Name: C:\Users\WESTIN~1.MCA\AppData\Local\Temp\spydb.avs, Size: 464717]...
07 May 2015 17:13:45 [06e8] - Indexed Spyware Databases Successfully Created...
 
 
07 May 2015 17:13:46 [06e8] - ***** Scanning Registry Files *****
07 May 2015 17:13:46 [06e8] - ERROR(l)!!! Invalid Entry AppInit_DLLs = 2 (in key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows). Action Taken: No Action Taken.
07 May 2015 17:13:46 [06e8] - ERROR(l)!!! Invalid Entry AppInit_DLLs = 2 (in key HKLM64\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows). Action Taken: No Action Taken.
 
07 May 2015 17:13:47 [06e8] - ***** Scanning System32 Folders *****
 
 
07 May 2015 17:14:02 [06e8] - ***** Scanning Drive C:\ *****
07 May 2015 17:14:39 [0528] - C:\Autodesk\WI\Autodesk AutoCAD Civil 3D 2015\x64\C3D\Program Files\Root\pdfnet.res not Scanned. Possibly password protected...
07 May 2015 17:15:25 [0a08] - C:\Program Files\Autodesk\AutoCAD 2015\pdfnet.res not Scanned. Possibly password protected...
07 May 2015 17:17:42 [052c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Auto Dealership\Auto Dealership.spf not Scanned. Possibly password protected...
07 May 2015 17:17:42 [0bf8] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Batch Analysis\Existing Conditions.spf not Scanned. Possibly password protected...
07 May 2015 17:17:42 [0f0c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Batch Analysis\Proposed Conditions.spf not Scanned. Possibly password protected...
07 May 2015 17:17:42 [12ac] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Batch Analysis\Proposed Detention Pond.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0b68] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Climatology\Canadian\DLY 02 04.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0b4c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Climatology\Snow Packs\SnowPack.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0bf8] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Climatology\User Defined\User Defined.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [12ac] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Climatology\NCDC\TD3200.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0f0c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Exfiltration\Exfiltration - Horton.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0a08] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Exfiltration\Exfiltration - Constant Rate.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [12ac] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Culvert\Culvert.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0f0c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Flow Diversion\Flow Diversion.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0a08] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Force Mains\Multiple Wet Wells.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0b4c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Force Mains\Lift Station.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [052c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\External Rainfall\External Rainfall.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0b4c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\GIS 02\39530-D66-RENAME.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0528] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\HEC-1\Clark Uniform.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0bf8] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Groundwater\Groundwater.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0b4c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\HEC-1\SCS Dimentionless Holtan.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [12ac] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\HEC-1\KinematicWave SCS Curve Number.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0528] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\HEC-1\User Defined UH Exponential.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0b68] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\HEC-1\Snyder Green Ampt.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [052c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\HGL & EGL Profile Plots\Adverse Slope.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0a08] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\HGL & EGL Profile Plots\01.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0f0c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\HGL & EGL Profile Plots\02.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0bf8] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\HGL & EGL Profile Plots\Fixed Outfall.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [12ac] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\HGL & EGL Profile Plots\HGL & EGL Test.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0b68] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\HGL & EGL Profile Plots\Orifice Flow.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0528] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\HGL & EGL Profile Plots\Open Channel.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0a08] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\HGL & EGL Profile Plots\Weir Flow.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [052c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Hydrology Methods\Dekalb Rational.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0528] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Hydrology Methods\Papadakis TOC.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0f0c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Hydrology Methods\Santa Barbara.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0a08] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Hydrology Methods\Rational.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0b68] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Hydrology Methods\Modified Rational.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0bf8] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Hydrology Methods\TR-20 & TR-55 TOC.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0b4c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Hydrology Methods\TR-20.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [052c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Hydrology Methods\TR-55.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [12ac] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Inlets\Inlets FHWA.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0b68] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\LandXML 01\Profile Plot.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0f0c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Orifice Controls\Orifice 02.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0528] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Merge\Initial Model.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [052c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Merge\Extension.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [12ac] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Orifice Controls\Orifice 01.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0b68] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Orifice Controls\Orifice 04.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0bf8] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Orifice Controls\Orifice 03.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0b4c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Pre-Developed\External Rainfall.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0f0c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Pre-Developed\Pre-Developed.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [12ac] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Pre-Post Detention Pond Design\Existing Conditions.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0bf8] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Pre-Post Watersheds\Pre & Post Comparison.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [052c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Pre-Post Detention Pond Design\Proposed Conditions.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0528] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Pre-Post Detention Pond Design\Proposed Detention Pond.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0b68] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Pumps\Existing.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0f0c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Pumps\Proposed.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0b4c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\RDII\RDII.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0a08] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Residential Project\Post Development\Lesson-2 Tutorial-1\Post Dev with Conveyances.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [12ac] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Residential Project\Post Development\Lesson-2 Tutorial-2\Post Dev with Conveyances.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0a08] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Residential Project\Post Development\Lesson-2 Tutorial-3\Post Dev with Detention Pond.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0b4c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Residential Project\Post Development\Lesson-2 Tutorial-4\Water Quality with Treatment.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0a08] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Residential Project\Post Development\Lesson-2 Tutorial-5\Rational Method model.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0528] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Residential Project\Post Development\Lesson-2 Tutorial-4\Water Quality.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [052c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Residential Project\Post Development\Lesson-2 Tutorial-4\Water Quality Model without treatment.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0b68] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Residential Project\Post Development\Lesson-2 Tutorial-6\Post Dev with Conveyances.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0bf8] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Sanitary Sewer\WWTP Force Main.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0a08] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Sanitary Sewer\Sanitary.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0b68] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Residential Project\Pre Development\Lesson-1 Tutorial-3\Pre-develop site.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [052c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Siphon\Siphon.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0b4c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Stormwater Improvement Plan\Stormwater Improvement Project.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0a08] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Subdivision\Subdivision.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0b68] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Tidal\Tidal.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0528] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\UK Hydrology\UK Hydrology.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0f0c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Urban Watershed 01\Proposed Layout.SPF not Scanned. Possibly password protected...
07 May 2015 17:17:43 [052c] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Urban Watershed 02\Urban Watershed 02.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0a08] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Walgreens\Proposed Walgreens.spf not Scanned. Possibly password protected...
07 May 2015 17:17:43 [0b68] - C:\Program Files (x86)\Autodesk\SSA 2015\Samples\Water Quality\WQ01.spf not Scanned. Possibly password protected...
07 May 2015 17:18:28 [0f0c] - Scanning File C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
07 May 2015 17:18:28 [0528] - Scanning File C:\System Volume Information\{56099c26-f2a5-11e4-82b3-448a5b6ee51d}{3808876b-c176-4e48-b7ae-04046e6cc752}
07 May 2015 17:18:28 [052c] - Scanning File C:\System Volume Information\{7f6728ea-e546-11e4-829b-448a5b6ee51d}{3808876b-c176-4e48-b7ae-04046e6cc752}
07 May 2015 17:18:28 [0f0c] - Scanning File C:\System Volume Information\{dfd0ff40-eb0e-11e4-829e-448a5b6ee51d}{3808876b-c176-4e48-b7ae-04046e6cc752}
 
07 May 2015 17:25:25 [06e8] - ***** Checking for specific ITW Viruses *****
 
07 May 2015 17:25:25 [06e8] - ***** Scanning complete. *****
 
07 May 2015 17:25:25 [06e8] - Total Objects Scanned: 305372
07 May 2015 17:25:25 [06e8] - Total Critical Objects: 0
07 May 2015 17:25:25 [06e8] - Total Disinfected Objects: 0
07 May 2015 17:25:25 [06e8] - Total Objects Renamed: 0
07 May 2015 17:25:25 [06e8] - Total Deleted Objects: 0
07 May 2015 17:25:25 [06e8] - Total Errors: 7
07 May 2015 17:25:25 [06e8] - Time Elapsed: 00:13:14
07 May 2015 17:25:25 [06e8] - Virus Database Date: 02 Mar 2015
07 May 2015 17:25:25 [06e8] - Virus Database Count: 6701505
07 May 2015 17:25:25 [06e8] - Sign Version: 7.59505 [518257]
 
07 May 2015 17:25:25 [06e8] - Scan Completed.


#6 mango09

mango09
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:02:39 PM

Posted 07 May 2015 - 07:37 PM

Zemana AntiMalware 2.11.2.62 (Installed)
-------------------------------------------------------
Scan Result           : Completed
Scan Date             : 2015/5/7
Operating System      : Windows 8.1 64-bit
Processor             : 8X Intel® Core™ i7-4710HQ CPU @ 2.50GHz
BIOS Mode             : UEFI
CUID                  : 00A38AC850079848F0DB45
Scan Type             : Deep Scan
Duration              : 2m 2s
Scanned Objects       : 49765
Detected Objects      : 5
Excluded Objects      : 0
Read Level            : Normal
Auto Upload           : Yes
Show All Extensions   : No
Scan Documents        : Yes
Engines               : Zemana, Avira, Eset, Bitdefender, AVG, Kaspersky
Domain Info           : WORKGROUP,1,2
 
 
Detected Objects
-------------------------------------------------------
AddTrust External CA Root
   Status             : Scanned
   Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\06C9CFEDA69976D1B9C2B523490DA476D9DC3A5A\Blob
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Root CA
   Cleaning Action    : Delete
   Traces             :
                Registry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\06C9CFEDA69976D1B9C2B523490DA476D9DC3A5A\Blob
 
Proxy Server (User)
   Status             : Scanned
   Object             : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
   MD5                : -
   Publisher          : -
   Size               : -
   Version            : -
   Detections         : Suspicious Setting
   Cleaning Action    : Delete
   Traces             :
                Registry - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer
 
swchromium.exe
   Status             : Scanned
   Object             : %programfiles%\megasoft security\swchromium.exe
   MD5                : A088365EE7576947106553CF9AC0E745
   Publisher          : -
   Size               : 117248
   Version            : 1.1.0.1
   Detections         : Avira: ADWARE/Privitize.117248, Bitdefender: Adware.Agent.PNO, Eset: a variant of Win32/Techsnab.H application
   Cleaning Action    : Quarantine
   Traces             :
                File - %programfiles%\megasoft security\swchromium.exe
                Reference - C:\Users\westin.mcasey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
                Reference - C:\Users\westin.mcasey\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
 
ninja-setup-3.0.6.exe
   Status             : Scanned
   Object             : %userprofile%\downloads\ninja-setup-3.0.6.exe
   MD5                : 24FE0BB7A85A866B487D15C0EB6E3A74
   Publisher          : -
   Size               : 2507200
   Version            : 0.0.0.0
   Detections         : Eset: Win32/OpenCandy potentially unsafe application
   Cleaning Action    : Quarantine
   Traces             :
                File - %userprofile%\downloads\ninja-setup-3.0.6.exe
 
jptask.exe
   Status             : Scanned
   Object             : %programfiles%\megasoft security\jptask.exe
   MD5                : 76A1E6B0A04197E6D8ECB4147D8805E4
   Publisher          : -
   Size               : 146432
   Version            : 1.1.0.2
   Detections         : Avira: ADWARE/Privitize.146432, Eset: a variant of Win32/Techsnab.H application
   Cleaning Action    : Quarantine
   Traces             :
                File - %programfiles%\megasoft security\jptask.exe
 
 
Cleaning Result
-------------------------------------------------------
Cleaned               : 5
Reported as safe      : 0
Failed                : 0


#7 mango09

mango09
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:02:39 PM

Posted 07 May 2015 - 07:44 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.6.8 (05.06.2015:1)
OS: Windows 8.1 x64
Ran by westin.mcasey on Thu 05/07/2015 at 17:38:45.61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 05/07/2015 at 17:40:58.10
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#8 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:39 PM

Posted 07 May 2015 - 07:56 PM

Adware Removal Tool.
 
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.

http://www.techsupportall.com/adware-removal-tool/

LOr0Gd7.png

Hit Ok.

sYFsqHx.png

Hit next make sure to leave all items checked, for removal.

8NcZjGc.png


The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete,  then OK again to finish up. Post log generated by tool.

 

Step 2: ZHP Cleaner.

 

Download and save ZHP Cleaner to your desktop.

http://www.nicolascoolman.fr/download/zhpcleaner-2/

Right Click and run as administrator.

Click on the Repair button.

At the end of the process you will be asked to reboot your machine.

After you reboot a report will open on your desktop.

Copy and paste the report here in your next reply.

 

Step 3: Security Check.

 

Download Security Check from here or here and save it to your Desktop.

  • Double-click SecurityCheck.exe
  • Follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document

 

 

 

Step 4: Minitoolbox.

 

Please download [b]MINITOOLBOX and run it.



Checkmark following boxes:


Flush DNS
Reset FF proxy Settings
Reset Ie Proxy Settings
Report IE Proxy Settings
Report FF Proxy Settings
List content of Hosts
List IP configuration
List Winsock Entries
List last 10 Event Viewer log
List Installed Programs
List Users, Partitions and Memory size
List Devices (problems only)



Click Go and post the result.

 

Eset Scan
 

Disable your antivirus prior to this scan.

http://www.bleepingcomputer.com/forums/t/114351/how-to-temporarily-disable-your-anti-virus-firewall-and-anti-malware-programs/

 
 
 esetonlinebtn.png
http://www.eset.com/us/online-scanner/

  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.


#9 mango09

mango09
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:02:39 PM

Posted 07 May 2015 - 07:57 PM

# AdwCleaner v4.203 - Logfile created 07/05/2015 at 17:46:39
# Updated 30/04/2015 by Xplode
# Database : 2015-05-05.1 [Server]
# Operating system : Windows 8.1  (x64)
# Username : westin.mcasey - MCASEY
# Running from : C:\Users\westin.mcasey\Downloads\adwcleaner_4.203 (3).exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>
Data Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - 
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [DefaultConnectionSettings]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [SavedLegacySettings]
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Mozilla Firefox v37.0.2 (x86 en-US)
 
 
-\\ Google Chrome v42.0.2311.135
 
[C:\Users\westin.mcasey\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\westin.mcasey\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\westin.mcasey\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Found [Extension] : amfclgbdpgndipgoegfpkkgobahigbcl
 
*************************
 
AdwCleaner[R0].txt - [1446 bytes] - [29/04/2015 13:46:13]
AdwCleaner[R1].txt - [1505 bytes] - [29/04/2015 13:48:14]
AdwCleaner[R2].txt - [1493 bytes] - [04/05/2015 14:16:59]
AdwCleaner[R3].txt - [1295 bytes] - [04/05/2015 14:22:07]
AdwCleaner[R4].txt - [1413 bytes] - [04/05/2015 14:32:44]
AdwCleaner[R5].txt - [1814 bytes] - [07/05/2015 17:46:39]
AdwCleaner[S0].txt - [1517 bytes] - [29/04/2015 13:48:33]
AdwCleaner[S1].txt - [1353 bytes] - [04/05/2015 14:18:29]
AdwCleaner[S2].txt - [1363 bytes] - [04/05/2015 14:23:23]
AdwCleaner[S3].txt - [1481 bytes] - [04/05/2015 14:34:10]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R5].txt - [2109 bytes] ##########


#10 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:39 PM

Posted 07 May 2015 - 07:59 PM

Re-run adware cleaner, this time hit the cleaning button.



#11 mango09

mango09
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:02:39 PM

Posted 07 May 2015 - 08:03 PM

Here is the other log

 

I will rerun adware again

 

* * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

Adware Removal Tool v3.9
Time: 2015_05_07_17_57_41
OS: Windows 8 - 64 Bit
Account Name: westin.mcasey
U0L0S11

\\\\\\\\\\\\\\\\\\\\\\\ Repair Logs \\\\\\\\\\\\\\\\\\\\\\

Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}:masterclsid
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{2EECD738-5844-4A99-B4B6-146BF802613B}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{472734EA-242A-422B-ADF8-83D1E48CC825}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}:dllname
Deleted - RegistryValueData - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}:dllname
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2A0F3D1B-0909-4FF4-B272-609CCE6054E7}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{2EECD738-5844-4A99-B4B6-146BF802613B}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{472734EA-242A-422B-ADF8-83D1E48CC825}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Deleted - RegistryKey - HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility:{98889811-442D-49DD-99D7-DC866BE87DBC}

\\ Finished
 



#12 mango09

mango09
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:02:39 PM

Posted 07 May 2015 - 08:05 PM

Ok here we go

 

# AdwCleaner v4.203 - Logfile created 07/05/2015 at 18:04:11
# Updated 30/04/2015 by Xplode
# Database : 2015-05-05.1 [Server]
# Operating system : Windows 8.1  (x64)
# Username : westin.mcasey - MCASEY
# Running from : C:\Users\westin.mcasey\Downloads\adwcleaner_4.203 (3).exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v37.0.2 (x86 en-US)


-\\ Google Chrome v42.0.2311.135

[C:\Users\westin.mcasey\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\westin.mcasey\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\westin.mcasey\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : amfclgbdpgndipgoegfpkkgobahigbcl

*************************

AdwCleaner[R0].txt - [1446 bytes] - [29/04/2015 13:46:13]
AdwCleaner[R1].txt - [1505 bytes] - [29/04/2015 13:48:14]
AdwCleaner[R2].txt - [1493 bytes] - [04/05/2015 14:16:59]
AdwCleaner[R3].txt - [1295 bytes] - [04/05/2015 14:22:07]
AdwCleaner[R4].txt - [1413 bytes] - [04/05/2015 14:32:44]
AdwCleaner[R5].txt - [2188 bytes] - [07/05/2015 17:46:39]
AdwCleaner[S0].txt - [1517 bytes] - [29/04/2015 13:48:33]
AdwCleaner[S1].txt - [1353 bytes] - [04/05/2015 14:18:29]
AdwCleaner[S2].txt - [1363 bytes] - [04/05/2015 14:23:23]
AdwCleaner[S3].txt - [1481 bytes] - [04/05/2015 14:34:10]
AdwCleaner[S4].txt - [1815 bytes] - [07/05/2015 18:04:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1874  bytes] ##########
 



#13 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:39 PM

Posted 07 May 2015 - 08:10 PM

:)



#14 mango09

mango09
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:02:39 PM

Posted 07 May 2015 - 08:11 PM

Do I need to proceed with the other scans or did I delete the problem! :D I was reading the logs and didnt see where the issue was deleted


Ohh was is this___ HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <local>



#15 InadequateInfirmity

InadequateInfirmity

    I Gots Me A Certified Edumication


  • Banned
  • 5,180 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:39 PM

Posted 07 May 2015 - 08:12 PM

Keep going, we have removed some proxy settings already.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users