Threat scan- How do I know what stuff is?

[AlSidman]

Saved results

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 12
PUP.Optional.WebSteroids, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}, No Action By User, [5871], [169013],1.0.1865
PUP.Optional.WebSteroids, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}, No Action By User, [5871], [169013],1.0.1865
PUP.Optional.Yontoo, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}, No Action By User, [51], [160137],1.0.1865
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{B853E835-9F24-4F4B-B55C-E554D15CCCD2}, No Action By User, [51], [160137],1.0.1865
PUP.Optional.SuperOptimizer, HKU\S-1-5-21-3001623653-3278197634-2778595737-1000\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, No Action By User, [2571], [243667],1.0.1865
PUP.Optional.DriverUpdate, HKLM\SOFTWARE\WOW6432NODE\SlimWare Utilities, Inc.\DriverApp, No Action By User, [926], [341522],1.0.1865
PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{bac261ec}, No Action By User, [263], [240969],1.0.1865
PUP.Optional.Trovi, HKU\S-1-5-21-3001623653-3278197634-2778595737-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, No Action By User, [5492], [244207],1.0.1865
PUP.Optional.SuperOptimizer, HKLM\SOFTWARE\WOW6432NODE\{6791A2F3-FC80-475C-A002-C014AF797E9C}, No Action By User, [2571], [243672],1.0.1865
PUP.Optional.ScanGuard, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\ScanGuard_RASAPI32, No Action By User, [2699], [347133],1.0.1865
PUP.Optional.ScanGuard, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\ScanGuard_RASMANCS, No Action By User, [2699], [347133],1.0.1865
PUP.Optional.SuperOptimizer, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, No Action By User, [2571], [243667],1.0.1865

Registry Value: 3
PUP.Optional.Trovi, HKU\S-1-5-21-3001623653-3278197634-2778595737-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|URL, No Action By User, [5492], [244206],1.0.1865
PUP.Optional.Conduit, HKU\S-1-5-21-3001623653-3278197634-2778595737-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|SUGGESTIONSURL_JSON, No Action By User, [555], [236867],1.0.1865
PUP.Optional.Trovi, HKU\S-1-5-21-3001623653-3278197634-2778595737-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}|DISPLAYNAME, No Action By User, [5492], [244206],1.0.1865

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 7
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\.data, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\USERS\USER\APPDATA\ROAMING\AceWebExtension, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0\_metadata, No Action By User, [2472], [345861],1.0.1865
PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0, No Action By User, [2472], [345861],1.0.1865
PUP.Optional.Imali.Generic, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\FGCLJLCLPKNOMJDBNMCBBOCOIAHILJKM, No Action By User, [2472], [345861],1.0.1865

File: 40
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\apsw.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\bz2.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\core.zip, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\ctools.dll, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\LIBEAY32.dll, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\library.zip, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\M2Crypto.__m2crypto.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\pyexpat.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\pythoncom27.dll, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\pywintypes27.dll, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\select.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\SSLEAY32.dll, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\unicodedata.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\win32api.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\win32com.shell.shell.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\win32evtlog.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\win32ui.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\_ctypes.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\_hashlib.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\_psutil_mswindows.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\_socket.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\_ssl.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\lib\_win32sysloader.pyd, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\ace_web_extension.exe, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\awe.log, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\awe.port, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.AceWebExtension, C:\Users\user\AppData\Roaming\AceWebExtension\updater\python27.dll, No Action By User, [11598], [175309],1.0.1865
PUP.Optional.ScanGuard, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\https_www.scanguard.com_0.localstorage, No Action By User, [2699], [350912],1.0.1865
PUP.Optional.NewTabTV, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_newtabtv.com_0.localstorage, No Action By User, [2543], [359416],1.0.1865
PUP.Optional.FullTab, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_search.fulltabsearch.com_0.localstorage, No Action By User, [2138], [376101],1.0.1865
PUP.Optional.FullTab, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_fulltab.com_0.localstorage, No Action By User, [2138], [376100],1.0.1865
PUP.Optional.NewTabTV, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\LOCAL STORAGE\http_search.newtabtvsearch.com_0.localstorage, No Action By User, [2543], [359410],1.0.1865
PUP.Optional.Imali.Generic, C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\EXTENSIONS\FGCLJLCLPKNOMJDBNMCBBOCOIAHILJKM\0.7_0\REDIRECT.JS, No Action By User, [2472], [345861],1.0.1865
PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0\_metadata\computed_hashes.json, No Action By User, [2472], [345861],1.0.1865
PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0\_metadata\verified_contents.json, No Action By User, [2472], [345861],1.0.1865
PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0\background.js, No Action By User, [2472], [345861],1.0.1865
PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0\logo.png, No Action By User, [2472], [345861],1.0.1865
PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0\manifest.json, No Action By User, [2472], [345861],1.0.1865
PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0\popup.html, No Action By User, [2472], [345861],1.0.1865
PUP.Optional.Imali.Generic, C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgcljlclpknomjdbnmcbbocoiahiljkm\0.7_0\redirect.html, No Action By User, [2472], [345861],1.0.1865

Physical Sector: 0
(No malicious items detected)

[Metallica]

Hi AlSidman,

Looking at your log I would guess that you have downloaded something from a website that uses bundlers to deliver their content.

Most of what I see are browser hijackers and adware. None of them are really malicious, but the combination can make your computing experience very miserable. The PUP detection stands for potentially unwanted programs and is (as always) the users choice whether he wants to remove them. I don't see many items in there that you may have installed by choice, with the exception of DriverUpdate and that one looks incomplete.

So my advice is to have Malwarebytes remove all of them.

If you want to know more about a specific detection, let me know and I'll give you the information about it that we have.

 

[AlSidman]

Thanks for your response, much appreciated.

[Metallica]

Anytime

[Metallica]

Glad we could help. :)If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!