Jump to content

johnstac

Honorary Members
  • Posts

    21
  • Joined

  • Last visited

Reputation

0 Neutral

Profile Information

  • Location
    Murrieta, CA
  1. Don't think it was an install issue. A guy named daledoc1 sent me a message telling me that I would need to quarantine or otherwise remove the scanned items before an update could be done. I'm proceeding now with your earlier instructions.
  2. Okay, hoping it's not an issue but I do seem to be having another issue. I use Malwarebytyes Anti-Malware Premium. It displayed a message that my database is out of date but the update now is grayed out and when I click it, nothing happens. The database version I have is v2014.06.28.02 Any suggestions on what to do to fix this so I can continue with your suggestions?
  3. OMG! It's back! Everything was clear and then Malwarebytes ran an automated threat scan today and found this: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 6/29/2014 Scan Time: 12:12:04 AM Logfile: Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.06.28.02 Rootkit Database: v2014.06.23.02 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: JJE Scan Type: Threat Scan Result: Completed Objects Scanned: 284561 Time Elapsed: 4 min, 3 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Warn PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 2 PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [99391865295248eed906f6b5867cb050], PUP.Optional.MySearchDial.A, HKU\S-1-5-21-4162722641-2444669028-1401190998-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [a82a6419d4a790a65d8352595ba71be5], Registry Values: 2 PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Mysearchdial, , [99391865295248eed906f6b5867cb050] PUP.Optional.MySearchDial.A, HKU\S-1-5-21-4162722641-2444669028-1401190998-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, Mysearchdial, , [a82a6419d4a790a65d8352595ba71be5] Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end)
  4. Thank you many times over for the help you provided in getting rid of the bad stuff on my PC. I will be reading your preventative maintenance guide and have also donated. Thanks again!

  5. Results of screen317's Security Check version 0.99.85 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Java 7 Update 55 Java version out of Date! Adobe Flash Player 14.0.0.125 Adobe Reader 9 Adobe Reader out of Date! Mozilla Firefox (7.0.1) Mozilla Thunderbird (9.0.1) Google Chrome 35.0.1916.114 Google Chrome 35.0.1916.153 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 10% ````````````````````End of Log``````````````````````
  6. The good news...... The original issue has been resolved. MySearchDial is gone. The bad news..... There are a bunch of new entries from Chrome. I don't use Chrome and so I'm not sure if it's an issue or not. Maybe you can take a look and let me know what you think. Thanks. Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 6/23/2014 Scan Time: 1:14:27 PM Logfile: malbyteslog.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.06.23.12 Rootkit Database: v2014.06.20.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: JJE Scan Type: Threat Scan Result: Completed Objects Scanned: 281585 Time Elapsed: 3 min, 34 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 28 PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\backgroundScripts, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\contentScripts, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\images, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\ca, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\cn, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\de, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\en, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\es, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\fr, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\it, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\ja, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\jp, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\uk, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\us, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\zh, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\_locales, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\_locales\de, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\_locales\en, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\_locales\en_GB, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\_locales\es, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\_locales\fr, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\_locales\it, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\_locales\ja, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\_locales\zh, , [5296f88391ea7abce663ffa86999e917], Files: 72 PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\background.html, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\expander.html, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\linktemplate.html, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\manifest.json, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\pushdown.html, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\backgroundScripts\background.js, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\backgroundScripts\browserSpecific.js, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\backgroundScripts\injectBookmarkletWrapper.js, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\backgroundScripts\install.js, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\backgroundScripts\localeTools.js, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\backgroundScripts\settingsHandler.js, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\backgroundScripts\stringProcessor.js, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\backgroundScripts\strings.js, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\contentScripts\inject_bookmarklet.js, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\contentScripts\isProduct.js, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\contentScripts\pushdownContent.js, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\contentScripts\pushDownRun.js, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\contentScripts\runIsProduct.js, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\contentScripts\tests.js, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\images\action.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\images\close.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\images\demo.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\images\glow.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\images\icon128.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\images\icon16.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\images\icon32.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\images\icon48.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\images\icon64.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\images\shims_pushdown.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\settings.css, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\settings.html, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\settings.js, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\ca\amazon.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\ca\footer.gif, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\cn\amazon.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\cn\footer.gif, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\de\amazon.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\de\footer.gif, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\de\save.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\de\wishlist.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\en\save.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\en\wishlist.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\es\amazon.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\es\footer.gif, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\es\save.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\es\wishlist.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\fr\amazon.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\fr\footer.gif, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\fr\save.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\fr\wishlist.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\it\amazon.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\it\footer.gif, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\it\save.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\it\wishlist.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\ja\save.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\ja\wishlist.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\jp\amazon.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\jp\footer.gif, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\uk\amazon.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\uk\footer.gif, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\us\amazon.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\us\footer.gif, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\zh\save.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\settings\images\zh\wishlist.png, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\_locales\de\messages.json, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\_locales\en\messages.json, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\_locales\en_GB\messages.json, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\_locales\es\messages.json, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\_locales\fr\messages.json, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\_locales\it\messages.json, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\_locales\ja\messages.json, , [5296f88391ea7abce663ffa86999e917], PUP.Optional.SavingSmart.A, C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\_locales\zh\messages.json, , [5296f88391ea7abce663ffa86999e917], Physical Sectors: 0 (No malicious items detected) (end)
  7. Results of AdwCleaner: # AdwCleaner v3.213 - Report created 23/06/2014 at 12:53:00 # Updated 23/06/2014 by Xplode # Operating System : Windows 7 Professional Service Pack 1 (64 bits) # Username : JJE - JJE-FRACTAL-PC # Running from : C:\Users\JJE\Desktop\AdwCleaner.exe # Option : Clean ***** [ Services ] ***** Service Deleted : SCBackService ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\AVG Security Toolbar Folder Deleted : C:\ProgramData\DeviceVM Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar Folder Deleted : C:\Program Files (x86)\DeviceVM Folder Deleted : C:\Users\JJE\AppData\Local\AVG Secure Search Folder Deleted : C:\Users\JJE\AppData\Roaming\DeviceVM Folder Deleted : C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgpdioedihjhncjafcpgbbjdpbbkikmi File Deleted : C:\Users\Public\Desktop\iLivid.lnk File Deleted : C:\Users\JJE\AppData\Roaming\Mozilla\Firefox\Profiles\atkpjxrh.default\user.js ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook Key Deleted : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1 Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe Key Deleted : HKLM\SOFTWARE\Classes\STC.FBServiceAPPEventsSink Key Deleted : HKLM\SOFTWARE\Classes\STC.FBServiceAPPEventsSink.1 Key Deleted : HKLM\SOFTWARE\Classes\STC.OptionMenu Key Deleted : HKLM\SOFTWARE\Classes\STC.OptionMenu.1 Key Deleted : HKLM\SOFTWARE\Classes\STC.Protocol Key Deleted : HKLM\SOFTWARE\Classes\STC.Protocol.1 Key Deleted : HKLM\SOFTWARE\Classes\STC.VisualBookmark Key Deleted : HKLM\SOFTWARE\Classes\STC.VisualBookmark.1 Key Deleted : HKLM\SOFTWARE\Classes\STC.WebObject Key Deleted : HKLM\SOFTWARE\Classes\STC.WebObject.1 Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.BHOHelper Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.BHOHelper.1 Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.FBServiceAPP Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.FBServiceAPP.1 Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.Protocol Key Deleted : HKLM\SOFTWARE\Classes\STCHelper.Protocol.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{82A5CE4D-AF0C-45B6-8AF8-75625BE6A08D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B2B7E0CD-E169-43B3-A233-E129610EE314} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0DEC13F0-5C8C-4147-8329-6CDFAD9755B7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0E5680D1-BF44-4929-94AF-FD30D784AD1D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E97F0FA-3B44-4634-A87E-8B0D5CFD6365} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{951F5841-FD1E-4F1D-8607-67B174DBD753} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D1CCB0CC-DA45-4797-93D3-DEE7A13F8177} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DCE24E28-D8EF-49BE-BC01-A1DD3B58FCE3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E4F7F1A5-490E-4884-A9E3-CBD6A25749E1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E8E0178-00EF-413D-9324-E7B3E31572E3} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A1A533A8-E106-422B-AE29-D0025269AF83} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B1759D04-0EF9-472A-B5C3-C774997B5321} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E5680D1-BF44-4929-94AF-FD30D784AD1D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E5680D1-BF44-4929-94AF-FD30D784AD1D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E5680D1-BF44-4929-94AF-FD30D784AD1D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80ED3EBC-CC05-4336-ABCC-295798855718} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8} Key Deleted : HKCU\Software\OCS Key Deleted : HKLM\Software\Freeze.com ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17126 -\\ Mozilla Firefox v7.0.1 (en-US) [ File : C:\Users\JJE\AppData\Roaming\Mozilla\Firefox\Profiles\atkpjxrh.default\prefs.js ] Line Deleted : user_pref("extensions.irmysearch.aflt", "suma_14_12_ff"); Line Deleted : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutDtDtByDtBtB0E0BtCzytB0AtCtBtC0DtN0D0Tzu0SzztCtCtN1L2XzutBtFtCzztFyBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtC0DtAyEtDtA0EtGtBtDyBtCt[...] Line Deleted : user_pref("extensions.irmysearch.cr", "1457772844"); Line Deleted : user_pref("extensions.irmysearch.instlRef", "140305_a"); Line Deleted : user_pref("extensions.mysearchdial.AL", 2); Line Deleted : user_pref("extensions.mysearchdial.aflt", "suma_14_12_ff"); Line Deleted : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}"); Line Deleted : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzutDtDtByDtBtB0E0BtCzytB0AtCtBtC0DtN0D0Tzu0SzztCtCtN1L2XzutBtFtCzztFyBtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtC0DtAyEtDtA0EtGtBtDyBt[...] Line Deleted : user_pref("extensions.mysearchdial.cr", "1457772844"); Line Deleted : user_pref("extensions.mysearchdial.dfltLng", ""); Line Deleted : user_pref("extensions.mysearchdial.dfltSrch", true); Line Deleted : user_pref("extensions.mysearchdial.dnsErr", true); Line Deleted : user_pref("extensions.mysearchdial.excTlbr", false); Line Deleted : user_pref("extensions.mysearchdial.hmpg", true); Line Deleted : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=suma_14_12_ff&cd=2XzuyEtN2Y1L1QzutDtDtByDtBtB0E0BtCzytB0AtCtBtC0DtN0D0Tzu0SzztCtCtN1L2XzutBtFtCzztFyBtFtDtN1L1CzutCyE[...] Line Deleted : user_pref("extensions.mysearchdial.id", "002522EB192A121D"); Line Deleted : user_pref("extensions.mysearchdial.instlDay", "16150"); Line Deleted : user_pref("extensions.mysearchdial.instlRef", "140305_a"); Line Deleted : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=suma_14_12_ff&cd=2XzuyEtN2Y1L1QzutDtDtByDtBtB0E0BtCzytB0AtCtBtC0DtN0D0Tzu0SzztCtCtN1L2XzutBtFtCzztFyBtFtDtN1L1CzutC[...] Line Deleted : user_pref("extensions.mysearchdial.prdct", "mysearchdial"); Line Deleted : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial"); Line Deleted : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial"); Line Deleted : user_pref("extensions.mysearchdial.tlbrId", "base"); Line Deleted : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=suma_14_12_ff&cd=2XzuyEtN2Y1L1QzutDtDtByDtBtB0E0BtCzytB0AtCtBtC0DtN0D0Tzu0SzztCtCtN1L2XzutBtFtCzztFyBtFtDtN1L1Czu[...] Line Deleted : user_pref("extensions.mysearchdial.vrsn", "1.8.29.0"); Line Deleted : user_pref("extensions.mysearchdial.vrsni", "1.8.29.0"); Line Deleted : user_pref("extensions.mysearchdial_i.newTab", false); Line Deleted : user_pref("extensions.mysearchdial_i.smplGrp", "none"); Line Deleted : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.29.020:22:58"); -\\ Google Chrome v35.0.1916.153 [ File : C:\Users\JJE\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted [search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms} Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms} Deleted [Extension] : dgpdioedihjhncjafcpgbbjdpbbkikmi Deleted [Extension] : ndibdjnfmopecpmkdieinmbadjfpblof ************************* AdwCleaner[R0].txt - [10243 octets] - [23/06/2014 12:48:18] AdwCleaner[s0].txt - [10227 octets] - [23/06/2014 12:53:00] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [10288 octets] ########## Results of JRT ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Windows 7 Professional x64 Ran by JJE on Mon 06/23/2014 at 13:01:17.97 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services Successfully stopped: [service] wcuservice_stc_ie Successfully deleted: [service] wcuservice_stc_ie ~~~ Registry Values Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL ~~~ Registry Keys ~~~ Files ~~~ Folders Successfully deleted: [Folder] "C:\Program Files (x86)\coupons" ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on Mon 06/23/2014 at 13:05:04.53 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Will now be starting Malwarebytes Threat scan
  8. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 22-06-2014 Ran by JJE at 2014-06-23 12:26:26 Run:1 Running from C:\Users\JJE\Desktop\FRST Boot Mode: Normal ============================================== Content of fixlist: ***************** C:\Users\JJE\AppData\Roaming\0S1F1O2Z0S2Y1H1T C:\Users\JJE\Application Data\0S1F1O2Z0S2Y1H1T ***************** C:\Users\JJE\AppData\Roaming\0S1F1O2Z0S2Y1H1T => Moved successfully. "C:\Users\JJE\Application Data\0S1F1O2Z0S2Y1H1T" => File/Directory not found. ==== End of Fixlog ====
  9. Okay, restarted computer and was able to delete the CCleaner Pacages folder. I still did not find the other entry. Please confirm that I can disregard that entry and continue with this process.
  10. Okay, so could these two entries be the same entry? I did go into folders and clicked to show hidden folders. then I went to the AppData folder and found the 0S1F1O2Z0S2Y1H1T. Inside it was another folder called CCleaner Packages. I tried to delete this folder but it denied me and said it was in use. I then used FileAssassin to delete the file uninstaller.exe inside the CCleaner Packages folder. After I deleted uninstaller.exe, I tried to delete the CCleaner Packages folder but even though it was empty it is still reporting that the folder or a file in it is open in another program. Not sure how that can be when the folder is empty. Still working on this. As far as the other entry, I cannot find a folder called Application Data.
  11. SystemLook 30.07.11 by jpshortstuff Log created at 10:45 on 23/06/2014 by JJE Administrator - Elevation successful ========== Folderfind ========== Searching for "CCleaner Packages" C:\Users\JJE\AppData\Roaming\0S1F1O2Z0S2Y1H1T\CCleaner Packages d------ [03:22 22/03/2014] C:\Users\JJE\Application Data\0S1F1O2Z0S2Y1H1T\CCleaner Packages d------ [03:22 22/03/2014] -= EOF =-
  12. Edit post above. I originally tried to uninstall the program from the Windows pane but after highlighting and clicking "Uninstall/Change" from the top of Windows, a Windows warning came up asking if I wanted to allow uninstaller.exe from an unknown publisher to execute. I selected no and then the window called uninstall manager popped up. I then tried using the actual CCleaner program to uninstall the CCleaner Pakages but that did not work either. Im just not sure whether to allow unistaller.exe to execute. Is this a Windows program? It said unknown publisher so I was hesitant. Please advise.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.