Jump to content

Threat scan- How do I know what stuff is?


Recommended Posts

Saved results

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 12
PUP.Optional.WebSteroids, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}, No Action By User, [5871], [169013],1.0.1865
PUP.Optional.WebSteroids, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}, No Action By User, [5871], [169013],1.0.1865
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}, No Action By User, [51], [160137],1.0.1865
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}, No Action By User, [51], [160137],1.0.1865
PUP.Optional.SuperOptimizer, HKU\S-1-5-21-3001623653-3278197634-2778595737-1000\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, No Action By User, [2571], [243667],1.0.1865
PUP.Optional.DriverUpdate, HKLM\SOFTWARE\WOW6432NODE\SlimWare Utilities, Inc.\DriverApp, No Action By User, [926], [341522],1.0.1865
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{bac261ec}, No Action By User, [263], [240969],1.0.1865
PUP.Optional.Trovi, HKU\S-1-5-21-3001623653-3278197634-2778595737-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, No Action By User, [5492], [244207],1.0.1865
PUP.Optional.SuperOptimizer, HKLM\SOFTWARE\WOW6432NODE\{6791A2F3-FC80-475C-A002-C014AF797E9C}, No Action By User, [2571], [243672],1.0.1865
PUP.Optional.ScanGuard, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\ScanGuard_RASAPI32, No Action By User, [2699], [347133],1.0.1865
PUP.Optional.ScanGuard, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\ScanGuard_RASMANCS, No Action By User, [2699], [347133],1.0.1865
PUP.Optional.SuperOptimizer, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, No Action By User, [2571], [243667],1.0.1865

Registry Value: 3
PUP.Optional.Trovi, HKU\S-1-5-21-3001623653-3278197634-2778595737-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|URL, No Action By User, [5492], [244206],1.0.1865
PUP.Optional.Conduit, HKU\S-1-5-21-3001623653-3278197634-2778595737-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|SUGGESTIONSURL_JSON, No Action By User, [555], [236867],1.0.1865
PUP.Optional.Trovi, HKU\S-1-5-21-3001623653-3278197634-2778595737-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|DISPLAYNAME, No Action By User, [5492], [244206],1.0.1865

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 7
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\.data, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\USERS\USER\APPDATA\ROAMING\AceWebExtension, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0\_metadata, No Action By User, [2472], [345861],1.0.1865
PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0, No Action By User, [2472], [345861],1.0.1865
PUP.Optional.Imali.Generic, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\FGCLJLCLPKNOMJDBNMCBBOCOIAHILJKM, No Action By User, [2472], [345861],1.0.1865

File: 40
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\apsw.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\bz2.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\core.zip, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\ctools.dll, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\LIBEAY32.dll, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\library.zip, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\M2Crypto.__m2crypto.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\pyexpat.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\pythoncom27.dll, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\pywintypes27.dll, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\select.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\SSLEAY32.dll, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\unicodedata.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\win32api.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\win32com.shell.shell.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\win32evtlog.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\win32ui.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\_ctypes.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\_hashlib.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\_psutil_mswindows.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\_socket.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\_ssl.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\_win32sysloader.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\awe.log, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\awe.port, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\python27.dll, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.ScanGuard, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\https_www.scanguard.com_0.localstorage, No Action By User, [2699], [350912],1.0.1865
PUP.Optional.NewTabTV, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_newtabtv.com_0.localstorage, No Action By User, [2543], [359416],1.0.1865
PUP.Optional.FullTab, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_search.fulltabsearch.com_0.localstorage, No Action By User, [2138], [376101],1.0.1865
PUP.Optional.FullTab, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_fulltab.com_0.localstorage, No Action By User, [2138], [376100],1.0.1865
PUP.Optional.NewTabTV, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_search.newtabtvsearch.com_0.localstorage, No Action By User, [2543], [359410],1.0.1865
PUP.Optional.Imali.Generic, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\FGCLJLCLPKNOMJDBNMCBBOCOIAHILJKM\0.7_0\REDIRECT.JS, No Action By User, [2472], [345861],1.0.1865
PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0\_metadata\computed_hashes.json, No Action By User, [2472], [345861],1.0.1865
PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0\_metadata\verified_contents.json, No Action By User, [2472], [345861],1.0.1865
PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0\background.js, No Action By User, [2472], [345861],1.0.1865
PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0\logo.png, No Action By User, [2472], [345861],1.0.1865
PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0\manifest.json, No Action By User, [2472], [345861],1.0.1865
PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0\popup.html, No Action By User, [2472], [345861],1.0.1865
PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0\redirect.html, No Action By User, [2472], [345861],1.0.1865

Physical Sector: 0
(No malicious items detected)

Link to post
Share on other sites

  • Staff

Hi AlSidman,

Looking at your log I would guess that you have downloaded something from a website that uses bundlers to deliver their content.

Most of what I see are browser hijackers and adware. None of them are really malicious, but the combination can make your computing experience very miserable. The PUP detection stands for potentially unwanted programs and is (as always) the users choice whether he wants to remove them. I don't see many items in there that you may have installed by choice, with the exception of DriverUpdate and that one looks incomplete.

So my advice is to have Malwarebytes remove all of them.

If you want to know more about a specific detection, let me know and I'll give you the information about it that we have.

 

Link to post
Share on other sites

  • Staff

Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.