Jump to content

Recommended Posts

  • Root Admin

Hello @DesireeLeigh and :welcome:

 

Please run the following steps and post back the logs as an attachment when ready.

STEP 01

  • If you're already running Malwarebytes 3 then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button.
  • If you don't have Malwarebytes 3 installed yet please download it from here and install it.
  • Once installed then open Malwarebytes and check for updates. Then click on the Scan tab and select Threat Scan and click on Start Scan button.
  • Once the scan is completed click on the Export Summary button and save the file as a Text file to your desktop or other location you can find, and attach that log on your next reply.
  • If Malwarebytes won't run then please skip to the next step and let me know on your next reply.

STEP 02

Please download AdwCleaner by Malwarebytes and save the file to your Desktop.

  • Right-click on the program and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Accept the Terms of use.
  • Wait until the database is updated.
  • Click Scan.
  • When finished, please click Clean.
  • Your PC should reboot now if any items were found.
  • After reboot, a log file will be opened. Copy its content into your next reply.

STEP 03
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here.
  • Please attach the Additions.txt log to your reply as well.

 

Thanks

Ron

 

Link to post
Share on other sites

Quote

 

# AdwCleaner 7.0.1.0 - Logfile created on Sat Aug 19 02:27:16 2017
# Updated on 2017/05/08 by Malwarebytes
# Database: 07-31-2017.1
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
Adware.PremierOpinion, C:\Users\Kyle Bedard\AppData\Local\Temp\PremierOpinion

***** [ Files ] *****
PUP.Optional.DriverAgent, C:\Windows\System32\drivers\DRVAGENT64.SYS

***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\pcv-var
PUP.Optional.InstallCore, [Key] - HKU\S-1-5-21-3405050233-950521595-34851096-1003\Software\csastats
PUP.Optional.InstallCore, [Key] - HKCU\Software\csastats
PUP.Optional.ProductSetup.A, [Key] - HKU\S-1-5-21-3405050233-950521595-34851096-1003\Software\PRODUCTSETUP
PUP.Optional.ProductSetup.A, [Key] - HKCU\Software\PRODUCTSETUP

***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries.
***** [ Chromium (and derivatives) ] *****
Plugin found: Add Tasks to Do It (Tomorrow) -
Plugin found: Search Manager -
Plugin found: Search Manager -
Plugin found: Search Manager -
/!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.google.com/chrome/answer/3097271

*************************
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########
Link to post
Share on other sites

  • Root Admin

Hello @DesireeLeigh

The log you posted from Malwarebytes says you did not choose to have the program remove what it found. Please run again, and make sure you tell the program to remove what it found.

Also, the AdwCleaner log is a Scan log and not a Clean log. Do you have the other log that shows that AdwCleaner removed the items it found too?

Thank you

Ron

 

Link to post
Share on other sites

Ok hopefully I did this correctly this time...

------------------------

# AdwCleaner 7.0.1.0 - Logfile created on Sat Aug 19 02:27:16 2017
# Updated on 2017/05/08 by Malwarebytes 
# Database: 07-31-2017.1
# Running on Windows 10 Home (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Adware.PremierOpinion, C:\Users\Kyle Bedard\AppData\Local\Temp\PremierOpinion


***** [ Files ] *****

PUP.Optional.DriverAgent, C:\Windows\System32\drivers\DRVAGENT64.SYS


***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\pcv-var
PUP.Optional.InstallCore, [Key] - HKU\S-1-5-21-3405050233-950521595-34851096-1003\Software\csastats
PUP.Optional.InstallCore, [Key] - HKCU\Software\csastats
PUP.Optional.ProductSetup.A, [Key] - HKU\S-1-5-21-3405050233-950521595-34851096-1003\Software\PRODUCTSETUP
PUP.Optional.ProductSetup.A, [Key] - HKCU\Software\PRODUCTSETUP


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

Plugin found: Add Tasks to Do It (Tomorrow) - 
Plugin found: Search Manager - 
Plugin found: Search Manager - 
Plugin found: Search Manager - 

/!\ Please Reset the Chrome Synchronization before cleaning the Chrome Preferences: https://support.google.com/chrome/answer/3097271


*************************

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt ##########

malwarebytesreport2.txt

Link to post
Share on other sites

# AdwCleaner v3.216 - Report created 19/07/2014 at 14:30:10
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Kyle - PC-KARL
# Running from : C:\Users\Kyle\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_continuetosave.info_0.localstorage-journal
File Found : C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Found : C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Folder Found : C:\Program Files (x86)\MySearch
Folder Found : C:\ProgramData\Adblocker
Folder Found : C:\ProgramData\MySearch
Folder Found : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljjfcaidjgliiondlcphnpgeeiobljoh
Folder Found : C:\Users\Administrator\AppData\Local\torch
Folder Found : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljjfcaidjgliiondlcphnpgeeiobljoh
Folder Found : C:\Users\Guest\AppData\Local\torch
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljjfcaidjgliiondlcphnpgeeiobljoh
Folder Found : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Found : C:\Users\Kyle\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljjfcaidjgliiondlcphnpgeeiobljoh
Folder Found : C:\Users\Kyle\AppData\Local\torch
Folder Found : C:\Users\Mcx1-PC-KARL\AppData\Local\Chromatic Browser
Folder Found : C:\Users\Mcx1-PC-KARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljjfcaidjgliiondlcphnpgeeiobljoh
Folder Found : C:\Users\Mcx1-PC-KARL\AppData\Local\torch

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\RegisteredApplicationsEx
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\RegisteredApplicationsEx
Key Found : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Found : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Found [Extension] : bopakagnckmlgajfccecajhnimjiiedh
Found [Extension] : ljjfcaidjgliiondlcphnpgeeiobljoh

*************************

AdwCleaner[R0].txt - [3559 octets] - [19/07/2014 14:30:10]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [3619 octets] ##########
 

Link to post
Share on other sites

# AdwCleaner v3.216 - Report created 19/07/2014 at 15:17:47
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Kyle - PC-KARL
# Running from : C:\Users\Kyle\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Adblocker
Folder Deleted : C:\ProgramData\MySearch
Folder Deleted : C:\Program Files (x86)\MySearch
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Kyle\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Kyle\AppData\Local\torch
Folder Deleted : C:\Users\Mcx1-PC-KARL\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Mcx1-PC-KARL\AppData\Local\torch
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljjfcaidjgliiondlcphnpgeeiobljoh
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljjfcaidjgliiondlcphnpgeeiobljoh
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljjfcaidjgliiondlcphnpgeeiobljoh
Folder Deleted : C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljjfcaidjgliiondlcphnpgeeiobljoh
Folder Deleted : C:\Users\Mcx1-PC-KARL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljjfcaidjgliiondlcphnpgeeiobljoh
File Deleted : C:\END
File Deleted : C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_continuetosave.info_0.localstorage-journal
File Deleted : C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\Kyle\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Extension] : bopakagnckmlgajfccecajhnimjiiedh
Deleted [Extension] : ljjfcaidjgliiondlcphnpgeeiobljoh

*************************

AdwCleaner[R0].txt - [3707 octets] - [19/07/2014 14:30:10]
AdwCleaner[S0].txt - [3524 octets] - [19/07/2014 15:17:47]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3584 octets] ##########
 

These are the only two logs I have.  Should I run it again?

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.