Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

arcade twist


  • Please log in to reply
6 replies to this topic

#1 LOVEMYPC

LOVEMYPC

  • Members
  • 661 posts
  • OFFLINE
  •  
  • Local time:06:33 AM

Posted 03 September 2015 - 03:10 AM

HI,I have this program show up on my PC called ARCADE TWIST i GOOGLED it and i beleive it is almost harmless but not quite sure PC has been freezing up and have to shut down and restart to continue has anybody run into this yet,also this has never showed up before,thanks



BC AdBot (Login to Remove)

 


#2 Bezukhov

Bezukhov

    Bleepin' Jazz Fan!


  • Members
  • 2,736 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Providence, R.I.
  • Local time:08:33 AM

Posted 04 September 2015 - 09:16 AM

If you didn't ask for it, then it should go. At least that's my motto. Symantec isn't very happy about it.

:step1: Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • The tool will start to update the database, please wait a bit.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
:step2: thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Please post those logs, and let me know how you're doing.
To err is Human. To blame it on someone else is even more Human.

#3 LOVEMYPC

LOVEMYPC
  • Topic Starter

  • Members
  • 661 posts
  • OFFLINE
  •  
  • Local time:06:33 AM

Posted 06 September 2015 - 07:06 PM

HI,Bezukhov,my mouse died had to get another one here's ADAW RESULTS.

# AdwCleaner v5.006 - Logfile created 06/09/2015 at 17:00:14
# Updated 06/09/2015 by Xplode
# Database : 2015-09-04.4 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : brandons - BRANDONS-PC
# Running from : C:\Users\brandons\Downloads\AdwCleaner(1).exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****


***** [ Files ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83C83BF-3EDD-4410-ADAB-5295116DD8C7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F1912128-469A-4138-AA26-9699C15BB13E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83C83BF-3EDD-4410-ADAB-5295116DD8C7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F1912128-469A-4138-AA26-9699C15BB13E}

***** [ Web browsers ] *****

[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.safesearch.MP_DISTINCT_ID", "\"14c37338f9e38-08e2fe162188578-45574136-0-14c37338f9f115\"");
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.safesearch.SAUTH_expires_at", "1432545456");
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.safesearch.SAUTH_rndsnr", "\"8c10c048c7a616a84d688b60e52f81b1a611f872\"");
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.safesearch.SAUTH_userid", "5955389589");
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.safesearch.SAUTH_utoken", "\"7a6b32ffe18cbbbb7f0013f3eccd4c034559a3ef\"");
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.safesearch.install", "1426855268262");
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.BUTTON_STRUCTURE", "[{\"b\":223934356,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":223934357,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.browser.startup.homepage.prev", "hxxp://xfinity.comcast.net/");
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.browser.startup.homepage.savedPrev", "true");
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.browser.startup.homepage.tb", "hxxp://search.myway.com/home/index.jhtml?ptb=696D018F-1593-4E55-96C6-B59E18009A6A&n=781b8d7a&p2=^UX^xdm073^S13622^us&[...]
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.browser.startup.page.savedPrev", 1);
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.browser.startup.page.tb", 1);
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.browser.version.last", "39.0");
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.firstKnownVersion", "7.7.6.19154");
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.homepage", "hxxp://search.myway.com/home/index.jhtml?ptb=696D018F-1593-4E55-96C6-B59E18009A6A&n=781b8d7a&p2=^UX^xdm073^S13622^us&si=CKDbyt254cYCFUuT[...]
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.hp.enabled", true);
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.hp.guardType", "HPR");
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.hp.user.defined", false);
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.initialized", true);
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.installKeysSource", "LocalStorage");
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.installType", "XPI");
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.installation.contextKey", "");
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.installation.installDate", "2015071610");
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.installation.partnerId", "^UX^xdm073^S13622^us");
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.installation.partnerSubId", "CKDbyt254cYCFUuTfgod358OZw");
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.installation.pixelUrl", "hxxp://www.mapsgalaxy.com/install_pixels.jhtml?partner=^UX^xdm073^S13622^us&sub_id=CKDbyt254cYCFUuTfgod358OZw&coId=f0d1bf98[...]
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.installation.success", true);
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.installation.toolbarId", "696D018F-1593-4E55-96C6-B59E18009A6A");
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.isCompliantUninstallImplementation", true);
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.lastActivePing", "1437520584932");
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.lastKnownVersion", "7.7.6.19154");
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.options.defaultSearch", false);
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.options.homePageEnabled", true);
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.options.keywordEnabled", false);
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.options.tabEnabled", true);
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.partnerPixelFired", true);
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.successUrl", "hxxp://www.mapsgalaxy.com/installComplete.jhtml");
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.toolbarCollapsed", false);
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark._39Members_.weather.location", "98520");
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "mapsgalaxy@mindspark.com");
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "mapsgalaxy@mindspark.com");
[-] [C:\Users\brandons\AppData\Roaming\Mozilla\Firefox\Profiles\c9rfpp29.default\prefs.js] [Preference] Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 0);
[-] [C:\Users\brandons\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\brandons\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [10352 bytes] ##########
 



#4 LOVEMYPC

LOVEMYPC
  • Topic Starter

  • Members
  • 661 posts
  • OFFLINE
  •  
  • Local time:06:33 AM

Posted 06 September 2015 - 07:27 PM

HI,Bezukhov,Here's JRT scan.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.0 (08.31.2015:1)
OS: Windows 7 Home Premium x64
Ran by brandons on Sun 09/06/2015 at 17:10:46.53
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\brandons1



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] C:\Users\brandons\Appdata\Local\pc_drivers_headquarters



~~~ FireFox

Emptied folder: C:\Users\brandons\AppData\Roaming\mozilla\firefox\profiles\c9rfpp29.default\minidumps [15 files]



~~~ Chrome


[C:\Users\brandons\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\brandons\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\brandons\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\brandons\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 09/06/2015 at 17:23:04.93
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#5 Bezukhov

Bezukhov

    Bleepin' Jazz Fan!


  • Members
  • 2,736 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Providence, R.I.
  • Local time:08:33 AM

Posted 06 September 2015 - 11:32 PM

Did those tools help?
To err is Human. To blame it on someone else is even more Human.

#6 LOVEMYPC

LOVEMYPC
  • Topic Starter

  • Members
  • 661 posts
  • OFFLINE
  •  
  • Local time:06:33 AM

Posted 07 September 2015 - 05:07 AM

it appeared they did,i cleaned out recycle bin because i thought i read somewhere that hackers can leave things in the recycle bin and reinfect your PC.



#7 Bezukhov

Bezukhov

    Bleepin' Jazz Fan!


  • Members
  • 2,736 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Providence, R.I.
  • Local time:08:33 AM

Posted 08 September 2015 - 05:24 AM

Here is a little something extra.

We need to download Temp File Cleaner (TFC) by OldTimer:
  • Please download TFC.exe by Oldtimer at one of the two links: Link 1 Link 2
  • Save and close all running applications
  • Double-click on TFC.exe to run the program
  • Click on Start to begin the cleaning process
    note: this program may close running applications, make your screen disappear temporarily, or require a reboot of your PC - this is normal and part of the cleanup
  • When the scan is complete, if you were not asked to reboot the computer, please do so now
More Information can be found about the tool here: http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/
To err is Human. To blame it on someone else is even more Human.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users