AlSidman
-
Posts
2 -
Joined
-
Last visited
Content Type
Events
Profiles
Forums
Everything posted by AlSidman
-
Threat scan- How do I know what stuff is?
AlSidman replied to AlSidman's topic in Resolved Malware Removal Logs
Thanks for your response, much appreciated. -
Saved results -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 12 PUP.Optional.WebSteroids, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}, No Action By User, [5871], [169013],1.0.1865 PUP.Optional.WebSteroids, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}, No Action By User, [5871], [169013],1.0.1865 PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}, No Action By User, [51], [160137],1.0.1865 PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}, No Action By User, [51], [160137],1.0.1865 PUP.Optional.SuperOptimizer, HKU\S-1-5-21-3001623653-3278197634-2778595737-1000\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, No Action By User, [2571], [243667],1.0.1865 PUP.Optional.DriverUpdate, HKLM\SOFTWARE\WOW6432NODE\SlimWare Utilities, Inc.\DriverApp, No Action By User, [926], [341522],1.0.1865 PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{bac261ec}, No Action By User, [263], [240969],1.0.1865 PUP.Optional.Trovi, HKU\S-1-5-21-3001623653-3278197634-2778595737-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, No Action By User, [5492], [244207],1.0.1865 PUP.Optional.SuperOptimizer, HKLM\SOFTWARE\WOW6432NODE\{6791A2F3-FC80-475C-A002-C014AF797E9C}, No Action By User, [2571], [243672],1.0.1865 PUP.Optional.ScanGuard, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\ScanGuard_RASAPI32, No Action By User, [2699], [347133],1.0.1865 PUP.Optional.ScanGuard, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\ScanGuard_RASMANCS, No Action By User, [2699], [347133],1.0.1865 PUP.Optional.SuperOptimizer, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, No Action By User, [2571], [243667],1.0.1865 Registry Value: 3 PUP.Optional.Trovi, HKU\S-1-5-21-3001623653-3278197634-2778595737-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|URL, No Action By User, [5492], [244206],1.0.1865 PUP.Optional.Conduit, HKU\S-1-5-21-3001623653-3278197634-2778595737-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|SUGGESTIONSURL_JSON, No Action By User, [555], [236867],1.0.1865 PUP.Optional.Trovi, HKU\S-1-5-21-3001623653-3278197634-2778595737-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|DISPLAYNAME, No Action By User, [5492], [244206],1.0.1865 Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 7 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\.data, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\USERS\USER\APPDATA\ROAMING\AceWebExtension, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0\_metadata, No Action By User, [2472], [345861],1.0.1865 PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0, No Action By User, [2472], [345861],1.0.1865 PUP.Optional.Imali.Generic, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\FGCLJLCLPKNOMJDBNMCBBOCOIAHILJKM, No Action By User, [2472], [345861],1.0.1865 File: 40 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\apsw.pyd, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\bz2.pyd, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\core.zip, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\ctools.dll, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\LIBEAY32.dll, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\library.zip, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\M2Crypto.__m2crypto.pyd, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\pyexpat.pyd, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\pythoncom27.dll, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\pywintypes27.dll, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\select.pyd, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\SSLEAY32.dll, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\unicodedata.pyd, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\win32api.pyd, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\win32com.shell.shell.pyd, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\win32evtlog.pyd, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\win32ui.pyd, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\_ctypes.pyd, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\_hashlib.pyd, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\_psutil_mswindows.pyd, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\_socket.pyd, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\_ssl.pyd, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\_win32sysloader.pyd, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\awe.log, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\awe.port, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\python27.dll, No Action By User, [11598], [175309],1.0.1865 PUP.Optional.ScanGuard, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\https_www.scanguard.com_0.localstorage, No Action By User, [2699], [350912],1.0.1865 PUP.Optional.NewTabTV, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_newtabtv.com_0.localstorage, No Action By User, [2543], [359416],1.0.1865 PUP.Optional.FullTab, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_search.fulltabsearch.com_0.localstorage, No Action By User, [2138], [376101],1.0.1865 PUP.Optional.FullTab, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_fulltab.com_0.localstorage, No Action By User, [2138], [376100],1.0.1865 PUP.Optional.NewTabTV, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_search.newtabtvsearch.com_0.localstorage, No Action By User, [2543], [359410],1.0.1865 PUP.Optional.Imali.Generic, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\FGCLJLCLPKNOMJDBNMCBBOCOIAHILJKM\0.7_0\REDIRECT.JS, No Action By User, [2472], [345861],1.0.1865 PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0\_metadata\computed_hashes.json, No Action By User, [2472], [345861],1.0.1865 PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0\_metadata\verified_contents.json, No Action By User, [2472], [345861],1.0.1865 PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0\background.js, No Action By User, [2472], [345861],1.0.1865 PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0\logo.png, No Action By User, [2472], [345861],1.0.1865 PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0\manifest.json, No Action By User, [2472], [345861],1.0.1865 PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0\popup.html, No Action By User, [2472], [345861],1.0.1865 PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0\redirect.html, No Action By User, [2472], [345861],1.0.1865 Physical Sector: 0 (No malicious items detected)