Need help.

[hellobai]

Hello, recently I downloaded a codex that infected my laptop with programs that infected chrome. Malwarebytes currently only detects the PUPs when chrome is only open and when deleted, they return. Need help with whatever you can provide. Have tried adwarecleaner and malwarebytes. Both detected and deletes but returns upon restart. Will post malwarebytes log.

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 9/25/2016
Scan Time: 6:15 PM
Logfile: 
Administrator: Yes

Version: 2.2.1.1043
Malware Database: v2016.09.25.06
Rootkit Database: v2016.08.15.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Ken

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 301979
Time Elapsed: 17 min, 34 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\ocep.exe, 6320, Delete-on-Reboot, [4e0cacca613992a460ccda12010352ae]

Modules: 0
(No malicious items detected)

Registry Keys: 10
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\mtocep, Quarantined, [c69452249cfe280e7accc428669ee020], 
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH, Quarantined, [e6744a2c6733b08649d24aaa857eac54], 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\ocep_RASAPI32, Quarantined, [12483541b6e4ef47bc8819d34bb92bd5], 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\ocep_RASMANCS, Quarantined, [b5a511652c6e3bfb45ffac40857f748c], 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\ocep.exe, Quarantined, [8dcd6f07306ac571122dd41815ef8b75], 
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\OCEP, Quarantined, [afab670f0595ec4aaa966a82a163bd43], 
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3621656635-3904575398-4106070750-1001\SOFTWARE\mtocep, Quarantined, [b2a84c2a792113237ec7a9432adadf21], 
PUP.Optional.Linkury, HKU\S-1-5-21-3621656635-3904575398-4106070750-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{IELNKSRCH}, Quarantined, [7edc393d376385b1bf5ba94b08fbaf51], 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\OCEP.EXE, Quarantined, [4e0cacca613992a460ccda12010352ae], 
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\OCEP.EXE, Quarantined, [4e0cacca613992a460ccda12010352ae], 

Registry Values: 9
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|DisplayName, Search the web, Quarantined, [e6744a2c6733b08649d24aaa857eac54]
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|URL, http://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNf02kLCqe19CEfCMch0iSokrjIvcGheODXZlVvRDG5kYkSfNFzQzeOHt7RofnMTPJfTDQb46ycpqztNUktulv7W5Be9L0S0rGZxe2OzDHvI0ahyv9V2ZY2m1yMB0qAmDt_u2J6kM-H7P6RNIMxedYXxel5QmMJnrv2E2LB9-aPBQ,&q={searchTerms}, Quarantined, [94c67df9930786b0e1dde61026dd20e0]
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNf02kLCqe19CEfCMch0iSokrjIvcGheODXZlVvRDG5kYkSfNFzQzeOHt7RofnMTPJfTDQb46ycpqztNUktulv7W5Be9L0S0rGZxe2OzDHvI0ahyv9V2ZY2m1yMB0qAmDt_u2J6kM-H7P6RNIMxedYXxel5QmMJnrv2E2LB9-aPBQ,&q={searchTerms}, Quarantined, [91c9c6b039613cfa0b5ae6e60cf67f81]
PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\OCEP|ImagePath, C:\ProgramData\\ocep\\ocep.exe -f "C:\ProgramData\\ocep\\ocep.dat" -l -a, Quarantined, [afab670f0595ec4aaa966a82a163bd43]
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3621656635-3904575398-4106070750-1001\ENVIRONMENT|SNP, http://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D?publisher=apsnapdoam&co=US&userid=ae7f94dd-9e9b-a044-3fb5-b0d56eea733b&searchtype=sc&installDate=25/09/2016&barcodeid=50046888&channelid=888&av=windows, Quarantined, [13479adc1288b77ff1f65f9517ec49b7]
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3621656635-3904575398-4106070750-1001\ENVIRONMENT|SNF, C:\ProgramData\oceps\snp.sc, Quarantined, [1a409cda0892f34318ce0fe5669dbf41]
PUP.Optional.Linkury, HKU\S-1-5-21-3621656635-3904575398-4106070750-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|DisplayName, Search the web, Quarantined, [7edc393d376385b1bf5ba94b08fbaf51]
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3621656635-3904575398-4106070750-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|URL, http://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNf02kLCqe19CEfCMch0iSokrjIvcGheODXZlVvRDG5kYkSfNFzQzeOHt7RofnMTPJfTDQb46ycpqztNUktulv7W5Be9L0S0rGZxe2OzDHvI0ahyv9V2ZY2m1yMB0qAmDt_u2J6kM-H7P6RNIMxedYXxel5QmMJnrv2E2LB9-aPBQ,&q={searchTerms}, Quarantined, [3822bfb7a2f8270f8933599d9f6459a7]
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3621656635-3904575398-4106070750-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNf02kLCqe19CEfCMch0iSokrjIvcGheODXZlVvRDG5kYkSfNFzQzeOHt7RofnMTPJfTDQb46ycpqztNUktulv7W5Be9L0S0rGZxe2OzDHvI0ahyv9V2ZY2m1yMB0qAmDt_u2J6kM-H7P6RNIMxedYXxel5QmMJnrv2E2LB9-aPBQ,&q={searchTerms}, Quarantined, [98c2f4820f8b56e00fae93630df6926e]

Registry Data: 9
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\ProgramData\ocep\DentoZunlex.dll, Good: (), Bad: (C:\ProgramData\ocep\DentoZunlex.dll),Replaced,[8cceb9bd0892dc5a874d29b052b20ef2]
PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\ProgramData\ocep\HatTax.dll, Good: (), Bad: (C:\ProgramData\ocep\HatTax.dll),Replaced,[77e3b5c1e5b5f83e427ee0f9b74d669a]
PUP.Optional.Linkury, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({ielnksrch}),Replaced,[c496e39357430e288bcb81f8b252ec14]
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3621656635-3904575398-4106070750-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNf02kLCqe19CEfCMch0iSokrjIvcGheODXZlVvRDG5kYkSfNFzQzeOHt7RofnMTPJfTDQb46ycpqztNUktulv7W5Be9L0S0rGZxe2OzDHvI0ahyv9V2ZY2m1yMB0qAmDt_u2J6kM-H7P6RNIMxedYXxel5QmMJnrv2E2LB9-aPBQ,&q={searchTerms}, Good: (www.google.com), Bad: (http://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNf02kLCqe19CEfCMch0iSokrjIvcGheODXZlVvRDG5kYkSfNFzQzeOHt7RofnMTPJfTDQb46ycpqztNUktulv7W5Be9L0S0rGZxe2OzDHvI0ahyv9V2ZY2m1yMB0qAmDt_u2J6kM-H7P6RNIMxedYXxel5QmMJnrv2E2LB9-aPBQ,&q={searchTerms}),Replaced,[fa6095e1306a41f5b2ac1762da2aa15f]
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3621656635-3904575398-4106070750-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNf02kLCqe19CEfCMch0iSokrjIvcGheODXZlVvRDG5kYkSfNFzQzeOHt7RofnMTPJfTDQb46ycpqztNUktulv7W5Be9L0S0rGZxe2OzDHvI0ahyv9V2ZY2m1yMB0qAmDt_u2J6kM-H7P6RNIMxedYXxel5QmMJnrv2E2LB9-aPBQ,&q={searchTerms}, Good: (www.google.com), Bad: (http://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNf02kLCqe19CEfCMch0iSokrjIvcGheODXZlVvRDG5kYkSfNFzQzeOHt7RofnMTPJfTDQb46ycpqztNUktulv7W5Be9L0S0rGZxe2OzDHvI0ahyv9V2ZY2m1yMB0qAmDt_u2J6kM-H7P6RNIMxedYXxel5QmMJnrv2E2LB9-aPBQ,&q={searchTerms}),Replaced,[6ceecaac1d7d9f97a3bb9bde71934cb4]
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3621656635-3904575398-4106070750-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNf02kLCqe19CEfCMch0iSokrjIvcGheODXZlVvRDG5kYkSfNFzQzeOHt7RofnMTPJfTDQb46ycpqztNkLsgnvBUGnkC5Ovq6fY9GU5k3xLTi3KbiO6mLQmREifGTX5fjq9rad2FXoEx3mJCMb55Kmh7E161tILM_DRTy-lDoqDK0,, Good: (www.google.com), Bad: (http://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNf02kLCqe19CEfCMch0iSokrjIvcGheODXZlVvRDG5kYkSfNFzQzeOHt7RofnMTPJfTDQb46ycpqztNkLsgnvBUGnkC5Ovq6fY9GU5k3xLTi3KbiO6mLQmREifGTX5fjq9rad2FXoEx3mJCMb55Kmh7E161tILM_DRTy-lDoqDK0,),Replaced,[baa00f67aeec93a3c5991465d232cc34]
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3621656635-3904575398-4106070750-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SearchAssistant, http://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNf02kLCqe19CEfCMch0iSokrjIvcGheODXZlVvRDG5kYkSfNFzQzeOHt7RofnMTPJfTDQb46ycpqztNUktulv7W5Be9L0S0rGZxe2OzDHvI0ahyv9V2ZY2m1yMB0qAmDt_u2J6kM-H7P6RNIMxedYXxel5QmMJnrv2E2LB9-aPBQ,&q={searchTerms}, Good: (www.google.com), Bad: (http://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNf02kLCqe19CEfCMch0iSokrjIvcGheODXZlVvRDG5kYkSfNFzQzeOHt7RofnMTPJfTDQb46ycpqztNUktulv7W5Be9L0S0rGZxe2OzDHvI0ahyv9V2ZY2m1yMB0qAmDt_u2J6kM-H7P6RNIMxedYXxel5QmMJnrv2E2LB9-aPBQ,&q={searchTerms}),Replaced,[9ebcb2c48218310584da0f6abd476f91]
PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-3621656635-3904575398-4106070750-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNf02kLCqe19CEfCMch0iSokrjIvcGheODXZlVvRDG5kYkSfNFzQzeOHt7RofnMTPJfTDQb46ycpqztNUktulv7W5Be9L0S0rGZxe2OzDHvI0ahyv9V2ZY2m1yMB0qAmDt_u2J6kM-H7P6RNIMxedYXxel5QmMJnrv2E2LB9-aPBQ,&q={searchTerms}, Good: (www.google.com), Bad: (http://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRYEqQao2TxTGptbOxpBNf02kLCqe19CEfCMch0iSokrjIvcGheODXZlVvRDG5kYkSfNFzQzeOHt7RofnMTPJfTDQb46ycpqztNUktulv7W5Be9L0S0rGZxe2OzDHvI0ahyv9V2ZY2m1yMB0qAmDt_u2J6kM-H7P6RNIMxedYXxel5QmMJnrv2E2LB9-aPBQ,&q={searchTerms}),Replaced,[0b4f80f6297160d609566d0c42c2867a]
PUP.Optional.Linkury, HKU\S-1-5-21-3621656635-3904575398-4106070750-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({ielnksrch}),Replaced,[38228fe7f8a21224dd787702af55f40c]

Folders: 4
PUP.Optional.Linkury, C:\Windows\Temp\Smartbar, Quarantined, [92c8a3d3fe9cd75f8693609435cee21e], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep, Delete-on-Reboot, [4e0cacca613992a460ccda12010352ae], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\ondemand, Quarantined, [4e0cacca613992a460ccda12010352ae], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\oceps, Quarantined, [2634a3d349510f27dc18891331d38b75], 

Files: 31
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\DentoZunlex.dll, Delete-on-Reboot, [8cceb9bd0892dc5a874d29b052b20ef2], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\HatTax.dll, Quarantined, [77e3b5c1e5b5f83e427ee0f9b74d669a], 
PUP.Optional.Linkury, C:\Windows\Temp\Smartbar\Xxx-ing.ico, Quarantined, [92c8a3d3fe9cd75f8693609435cee21e], 
PUP.Optional.Linkury.ACMB1, C:\Windows\SysWOW64\findit.xml, Quarantined, [3822284e3d5d8da9bf22e80ce0231ce4], 
PUP.Optional.SafeFinder.ShrtCln, C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.safefinder.com_0.localstorage, Quarantined, [0f4b7df9c7d39f9724e2b02013f102fe], 
PUP.Optional.SafeFinder.ShrtCln, C:\Users\Ken\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.safefinder.com_0.localstorage-journal, Quarantined, [64f6b7bfccceda5c4eb80bc5c24259a7], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\ocep.dat, Delete-on-Reboot, [afab670f0595ec4aaa966a82a163bd43], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\Alpha-Dox.bin, Quarantined, [4e0cacca613992a460ccda12010352ae], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\conf.config, Quarantined, [4e0cacca613992a460ccda12010352ae], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\Config.xml, Quarantined, [4e0cacca613992a460ccda12010352ae], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\Domphase.bin, Quarantined, [4e0cacca613992a460ccda12010352ae], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\Doublefresh.bin, Quarantined, [4e0cacca613992a460ccda12010352ae], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\Fixtough.bin, Quarantined, [4e0cacca613992a460ccda12010352ae], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\FreeHome.dat, Quarantined, [4e0cacca613992a460ccda12010352ae], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\Lotlight.bin, Quarantined, [4e0cacca613992a460ccda12010352ae], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\md.xml, Quarantined, [4e0cacca613992a460ccda12010352ae], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\Nimfresh.exe, Quarantined, [4e0cacca613992a460ccda12010352ae], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\Nimfresh.exe.config, Quarantined, [4e0cacca613992a460ccda12010352ae], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\ocep.d.dat, Delete-on-Reboot, [4e0cacca613992a460ccda12010352ae], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\ocep.exe, Delete-on-Reboot, [4e0cacca613992a460ccda12010352ae], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\SailJaylux.exe, Quarantined, [4e0cacca613992a460ccda12010352ae], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\SailJaylux.exe.config, Quarantined, [4e0cacca613992a460ccda12010352ae], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\Stim-Eco.bin, Quarantined, [4e0cacca613992a460ccda12010352ae], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\uninstall.dat, Quarantined, [4e0cacca613992a460ccda12010352ae], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\Ventotop.dat, Quarantined, [4e0cacca613992a460ccda12010352ae], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\Viasaofan.dat, Quarantined, [4e0cacca613992a460ccda12010352ae], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\Zenqvotax.exe.config, Quarantined, [4e0cacca613992a460ccda12010352ae], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\ocep\Zimcof.bin, Quarantined, [4e0cacca613992a460ccda12010352ae], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\oceps\ff.HP, Quarantined, [2634a3d349510f27dc18891331d38b75], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\oceps\ff.NT, Quarantined, [2634a3d349510f27dc18891331d38b75], 
PUP.Optional.Linkury.ACMB1, C:\ProgramData\oceps\snp.sc, Quarantined, [2634a3d349510f27dc18891331d38b75], 

Physical Sectors: 0
(No malicious items detected)

(end)

[AdvancedSetup]

Please restart the computer first and then run the following steps and post back the logs when ready.

STEP 01
Please download Junkware Removal Tool to your desktop.

• Shutdown your antivirus to avoid any conflicts.
• Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
• The tool will open and start scanning your system.
• Please be patient as this can take a while to complete.
• On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
• Post the contents of JRT.txt into your next reply message
• When completed make sure to re-enable your antivirus

STEP 02
Let's clean out any adware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

• Double click on AdwCleaner.exe to run the tool.
  Vista / Windows 7/8 users right-click and select Run As Administrator
• Click on the Scan button.
• AdwCleaner will begin...be patient as the scan may take some time to complete.
• When it's done, you'll see: Pending: Please uncheck elements you don't want to be removed.
• Now click on the Report button and a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
• Look at the log especially under Files/Folders for any program you want to save.
• If there's a program you may want to save, just uncheck it from AdwCleaner.
• If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
• If you're ready to clean it all up, click the Clean button.
• After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
• Copy and paste the contents of that logfile in your next reply.
• A copy of that logfile will also be saved in the C:\AdwCleaner folder.
• Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
• To restore an item that has been deleted:
• Go to Tools > Quarantine Manager > check what you want to be restored > now click on Restore.

STEP 03
Download Sophos Free Virus Removal Tool and save it to your desktop.
 

• Double click the icon and select Run
• Click Next
• Select I accept the terms in this license agreement, then click Next twice
• Click Install
• Click Finish to launch the program
• Once the virus database has been updated click Start Scanning
• If any threats are found click Details, then View Log file (bottom left-hand corner)
• Copy and paste the results in your reply
• Close the Notepad document, close the Threat Details screen, then click Start cleanup
• Click Exit to close the program
• If no threats were found, please confirm that result.

STEP 04
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

• Double-click to run it. When the tool opens, click Yes to disclaimer.
• Press the Scan button.
• It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
• The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here.
• Please attach the Additions.txt log to your reply as well.

 

Thanks

[hellobai]

I think I have the issue resolved from a system restore point. So far malwarebytes is no longer detecting the PUPs. Thank for answering though.

[AdvancedSetup]

Okay then, I'll go ahead and close your topic. If you do decide you need further assistance please let us know.

Take care