Inactive Malware infection

Status
Not open for further replies.
A

amberS

System is infected tried manually cleaning, ran antivirus, registry clean up and step one and 2 in your 4 step cleanup...
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 7/5/2014
Scan Time: 2:51:28 PM
Logfile: malware.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.07.05.10
Rootkit Database: v2014.07.03.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Dustin Schumacher
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 324668
Time Elapsed: 12 min, 51 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 1
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\SupraSavingsService64.exe, 3168, Delete-on-Reboot, [747aa6f56813fd395f858589b153966a]
Modules: 0
(No malicious items detected)
Registry Keys: 47
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\CLASSES\CLSID\{6E89E1D3-C66F-41C4-A648-CD91544E99C3}, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{E05EF234-A673-45B7-8391-19534DA1CEE4}, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1131942A-72BC-4623-9AF9-C01E538769BD}, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1131942A-72BC-4623-9AF9-C01E538769BD}, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E05EF234-A673-45B7-8391-19534DA1CEE4}, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\CLASSES\PriceFinderBHO.PriceFinder.1, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\CLASSES\PriceFinderBHO.PriceFinder, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceFinderBHO.PriceFinder, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{6E89E1D3-C66F-41C4-A648-CD91544E99C3}, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{6E89E1D3-C66F-41C4-A648-CD91544E99C3}, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceFinderBHO.PriceFinder.1, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{6E89E1D3-C66F-41C4-A648-CD91544E99C3}, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKU\S-1-5-21-4085199397-2572690825-1515401833-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{6E89E1D3-C66F-41C4-A648-CD91544E99C3}, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKU\S-1-5-21-4085199397-2572690825-1515401833-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{6E89E1D3-C66F-41C4-A648-CD91544E99C3}, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\CLASSES\CLSID\{6E89E1D3-C66F-41C4-A648-CD91544E99C3}\INPROCSERVER32, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D0C21091-FF8E-432C-9006-0540E81BA9D7}, Quarantined, [618d0893bcbff73f8d5495bd9c666799],
PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{5530C971-3D8F-471B-AC49-4CC23FA955E2}, Quarantined, [618d0893bcbff73f8d5495bd9c666799],
PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{7FBC7ADD-4D75-4685-9BD4-30D3FBDD3AB4}, Quarantined, [618d0893bcbff73f8d5495bd9c666799],
PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EE0C9EF1-B2AD-407B-9707-0124CC9BF85E}, Quarantined, [618d0893bcbff73f8d5495bd9c666799],
PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7FBC7ADD-4D75-4685-9BD4-30D3FBDD3AB4}, Quarantined, [618d0893bcbff73f8d5495bd9c666799],
PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EE0C9EF1-B2AD-407B-9707-0124CC9BF85E}, Quarantined, [618d0893bcbff73f8d5495bd9c666799],
PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{5530C971-3D8F-471B-AC49-4CC23FA955E2}, Quarantined, [618d0893bcbff73f8d5495bd9c666799],
PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D0C21091-FF8E-432C-9006-0540E81BA9D7}, Quarantined, [618d0893bcbff73f8d5495bd9c666799],
PUP.Optional.GreatArcadeHits.A, HKU\S-1-5-21-4085199397-2572690825-1515401833-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D0C21091-FF8E-432C-9006-0540E81BA9D7}, Quarantined, [618d0893bcbff73f8d5495bd9c666799],
PUP.Optional.GreatArcadeHits.A, HKU\S-1-5-21-4085199397-2572690825-1515401833-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D0C21091-FF8E-432C-9006-0540E81BA9D7}, Quarantined, [618d0893bcbff73f8d5495bd9c666799],
PUP.Optional.GetNow.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}, Quarantined, [539b2873cab1f93df71074df26dc39c7],
PUP.Optional.GetNow.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{237FDFDB-3722-470E-8BA8-90196DABE967}, Quarantined, [539b2873cab1f93df71074df26dc39c7],
PUP.Optional.GetNow.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{237FDFDB-3722-470E-8BA8-90196DABE967}, Quarantined, [539b2873cab1f93df71074df26dc39c7],
PUP.Optional.GetNow.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}, Quarantined, [539b2873cab1f93df71074df26dc39c7],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-4085199397-2572690825-1515401833-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89}, Quarantined, [48a68318a9d2dd59675952fd5aa8f40c],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89}, Quarantined, [48a68318a9d2dd59675952fd5aa8f40c],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-4085199397-2572690825-1515401833-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{71C1D63A-C944-428A-A5BD-BA513190E5D2}, Quarantined, [f7f73863c6b57cbac005a1aed52d01ff],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{71C1D63A-C944-428A-A5BD-BA513190E5D2}, Quarantined, [f7f73863c6b57cbac005a1aed52d01ff],
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\LevelQualityWatcher, Quarantined, [e8063b604c2f42f478434b6940c2ec14],
PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\Supra Savings, Quarantined, [2fbf4b50067536006676a1128a78f60a],
PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\suprasavings, Quarantined, [3db1e6b59fdcec4a1999ffcba75b8779],
PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\SupraSavings, Quarantined, [d31b702bb8c3c86e1d951dadca38d52b],
PUP.Optional.BrowserSafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\BROWSERSAFEGUARD, Quarantined, [0ce29902750600367484e311e91aa45c],
PUP.Optional.Quiknowledge.A, HKLM\SOFTWARE\WOW6432NODE\QUIKNOWLEDGE, Quarantined, [539bdebd94e7c76f12ed12bd11f14fb1],
PUP.Optional.SupraSavings.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SupraSavingsService64, Quarantined, [747aa6f56813fd395f858589b153966a],
PUP.Optional.AdPeak.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\vxlsnyaiet64, Quarantined, [faf454470e6d8ea8447703bea55da35d],
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-4.7, Quarantined, [d31b485362191e1818eaa22a20e2c63a],
PUP.Optional.SupraSavings.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, Quarantined, [c32b584348332115e0cce1e856ac37c9],
PUP.Optional.SupraSavings.A, HKU\S-1-5-21-4085199397-2572690825-1515401833-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, Quarantined, [5a947823dba0c472931903c67c8660a0],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-4085199397-2572690825-1515401833-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [49a54a511c5f092debe65d7b9c66629e],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-4085199397-2572690825-1515401833-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [f9f5f4a7daa17cba766a21cdf50ea25e],
PUP.Optional.GreatArcadeHits.A, HKU\S-1-5-21-4085199397-2572690825-1515401833-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{856AD396-519D-4C7A-BED6-6785F64924BC}, Quarantined, [28c609920b70bd794fbb52489e64fb05],
Registry Values: 4
PUP.Optional.BrowserSafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\BROWSERSAFEGUARD|sourceid, advertisecom|advertisecom_lightspark-us-pops, Quarantined, [0ce29902750600367484e311e91aa45c]
PUP.Optional.Quiknowledge.A, HKLM\SOFTWARE\WOW6432NODE\QUIKNOWLEDGE|ie-ver, 11.0.9600.17107, Quarantined, [539bdebd94e7c76f12ed12bd11f14fb1]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-4085199397-2572690825-1515401833-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0E1G1J1H, Quarantined, [f9f5f4a7daa17cba766a21cdf50ea25e]
PUP.Optional.GreatArcadeHits.A, HKU\S-1-5-21-4085199397-2572690825-1515401833-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{B21F5E31-B8E8-41CD-B74C-168A71A10E49}, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\, Quarantined, [9f4f74278cef0c2a9975887ab84c7090]
Registry Data: 0
(No malicious items detected)
Folders: 8
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GreatArcadeHits, Quarantined, [dc12801bf289999d4cff726960a25ca4],
Rogue.Multiple, C:\ProgramData\374311380, Quarantined, [618dafec8fec6bcb80eab7d2a959916f],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome\content, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.SupraSavings.A, C:\Program Files\SupraSavings, Quarantined, [ed018a116e0de6508c10dec2c2409070],
PUP.Optional.SupraSavings.A, C:\Program Files\SupraSavings\SSL, Quarantined, [ed018a116e0de6508c10dec2c2409070],
Files: 27
PUP.Optional.PriceFinder.A, C:\Program Files\PriceFinder\PriceFinderHelper.x64.dll, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\GreatArcadeHitsIE.dll, Quarantined, [618d0893bcbff73f8d5495bd9c666799],
PUP.Optional.SnapDo.A, C:\Windows\Installer\ec7c89.msi, Quarantined, [76782a712556f73fe9dbfb8e44bded13],
PUP.Optional.BrowserSafeGuard.A, C:\Windows\System32\Tasks\BrowserSafeguard Update Task, Quarantined, [36b88d0e5328d46234d8c3f3a2605da3],
PUP.Optional.BetterDeals.A, C:\Users\Dustin Schumacher\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage, Quarantined, [05e904975d1e5fd72a09596219e9bd43],
PUP.Optional.BetterDeals.A, C:\Users\Dustin Schumacher\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage-journal, Quarantined, [d5196d2ec1ba71c549ea07b4748e17e9],
PUP.Optional.Trovi.A, C:\Users\Dustin Schumacher\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.trovi.com_0.localstorage, Quarantined, [17d7049712690a2c53ed596637cb2dd3],
PUP.Optional.Trovi.A, C:\Users\Dustin Schumacher\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.trovi.com_0.localstorage-journal, Quarantined, [32bc62399be08caa92ae7e4160a2a65a],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GreatArcadeHits\Play Games online on GreatArcadeHits.com.url, Quarantined, [dc12801bf289999d4cff726960a25ca4],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GreatArcadeHits\Uninstall GreatArcadeHits.lnk, Quarantined, [dc12801bf289999d4cff726960a25ca4],
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\SupraSavingsService64.exe, Delete-on-Reboot, [747aa6f56813fd395f858589b153966a],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\application.ico, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\cookies.js, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\gahcrx.zip, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\gahff.xpi, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\GAHUninstaller.exe, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\GAHUpdate.exe, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\Play Games online on GreatArcadeHits.com.url, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\premium.pem, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\static.js, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome.manifest, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\icon.png, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\install.rdf, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome\content\application.js, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome\content\overlay.xul, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome\content\page.js, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome\content\static.js, Quarantined, [28c609920b70bd794fbb52489e64fb05],
Physical Sectors: 0
(No malicious items detected)

(end)
 
I don't know how to zip
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 7/5/2014
Scan Time: 2:51:28 PM
Logfile: malware.txt
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.07.05.10
Rootkit Database: v2014.07.03.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Dustin Schumacher
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 324668
Time Elapsed: 12 min, 51 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 1
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\SupraSavingsService64.exe, 3168, Delete-on-Reboot, [747aa6f56813fd395f858589b153966a]
Modules: 0
(No malicious items detected)
Registry Keys: 47
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\CLASSES\CLSID\{6E89E1D3-C66F-41C4-A648-CD91544E99C3}, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{E05EF234-A673-45B7-8391-19534DA1CEE4}, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1131942A-72BC-4623-9AF9-C01E538769BD}, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1131942A-72BC-4623-9AF9-C01E538769BD}, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{E05EF234-A673-45B7-8391-19534DA1CEE4}, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\CLASSES\PriceFinderBHO.PriceFinder.1, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\CLASSES\PriceFinderBHO.PriceFinder, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceFinderBHO.PriceFinder, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{6E89E1D3-C66F-41C4-A648-CD91544E99C3}, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{6E89E1D3-C66F-41C4-A648-CD91544E99C3}, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceFinderBHO.PriceFinder.1, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{6E89E1D3-C66F-41C4-A648-CD91544E99C3}, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKU\S-1-5-21-4085199397-2572690825-1515401833-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{6E89E1D3-C66F-41C4-A648-CD91544E99C3}, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKU\S-1-5-21-4085199397-2572690825-1515401833-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{6E89E1D3-C66F-41C4-A648-CD91544E99C3}, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.PriceFinder.A, HKLM\SOFTWARE\CLASSES\CLSID\{6E89E1D3-C66F-41C4-A648-CD91544E99C3}\INPROCSERVER32, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D0C21091-FF8E-432C-9006-0540E81BA9D7}, Quarantined, [618d0893bcbff73f8d5495bd9c666799],
PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{5530C971-3D8F-471B-AC49-4CC23FA955E2}, Quarantined, [618d0893bcbff73f8d5495bd9c666799],
PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{7FBC7ADD-4D75-4685-9BD4-30D3FBDD3AB4}, Quarantined, [618d0893bcbff73f8d5495bd9c666799],
PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EE0C9EF1-B2AD-407B-9707-0124CC9BF85E}, Quarantined, [618d0893bcbff73f8d5495bd9c666799],
PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7FBC7ADD-4D75-4685-9BD4-30D3FBDD3AB4}, Quarantined, [618d0893bcbff73f8d5495bd9c666799],
PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EE0C9EF1-B2AD-407B-9707-0124CC9BF85E}, Quarantined, [618d0893bcbff73f8d5495bd9c666799],
PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{5530C971-3D8F-471B-AC49-4CC23FA955E2}, Quarantined, [618d0893bcbff73f8d5495bd9c666799],
PUP.Optional.GreatArcadeHits.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D0C21091-FF8E-432C-9006-0540E81BA9D7}, Quarantined, [618d0893bcbff73f8d5495bd9c666799],
PUP.Optional.GreatArcadeHits.A, HKU\S-1-5-21-4085199397-2572690825-1515401833-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D0C21091-FF8E-432C-9006-0540E81BA9D7}, Quarantined, [618d0893bcbff73f8d5495bd9c666799],
PUP.Optional.GreatArcadeHits.A, HKU\S-1-5-21-4085199397-2572690825-1515401833-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D0C21091-FF8E-432C-9006-0540E81BA9D7}, Quarantined, [618d0893bcbff73f8d5495bd9c666799],
PUP.Optional.GetNow.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}, Quarantined, [539b2873cab1f93df71074df26dc39c7],
PUP.Optional.GetNow.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{237FDFDB-3722-470E-8BA8-90196DABE967}, Quarantined, [539b2873cab1f93df71074df26dc39c7],
PUP.Optional.GetNow.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{237FDFDB-3722-470E-8BA8-90196DABE967}, Quarantined, [539b2873cab1f93df71074df26dc39c7],
PUP.Optional.GetNow.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{F126C9FC-9299-40F2-BD42-C59023AD1E7F}, Quarantined, [539b2873cab1f93df71074df26dc39c7],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-4085199397-2572690825-1515401833-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89}, Quarantined, [48a68318a9d2dd59675952fd5aa8f40c],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{1E91A655-BB4B-4693-A05E-2EDEBC4C9D89}, Quarantined, [48a68318a9d2dd59675952fd5aa8f40c],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-4085199397-2572690825-1515401833-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{71C1D63A-C944-428A-A5BD-BA513190E5D2}, Quarantined, [f7f73863c6b57cbac005a1aed52d01ff],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{71C1D63A-C944-428A-A5BD-BA513190E5D2}, Quarantined, [f7f73863c6b57cbac005a1aed52d01ff],
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\LevelQualityWatcher, Quarantined, [e8063b604c2f42f478434b6940c2ec14],
PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\Supra Savings, Quarantined, [2fbf4b50067536006676a1128a78f60a],
PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\suprasavings, Quarantined, [3db1e6b59fdcec4a1999ffcba75b8779],
PUP.Optional.SupraSavings.A, HKLM\SOFTWARE\WOW6432NODE\SupraSavings, Quarantined, [d31b702bb8c3c86e1d951dadca38d52b],
PUP.Optional.BrowserSafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\BROWSERSAFEGUARD, Quarantined, [0ce29902750600367484e311e91aa45c],
PUP.Optional.Quiknowledge.A, HKLM\SOFTWARE\WOW6432NODE\QUIKNOWLEDGE, Quarantined, [539bdebd94e7c76f12ed12bd11f14fb1],
PUP.Optional.SupraSavings.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SupraSavingsService64, Quarantined, [747aa6f56813fd395f858589b153966a],
PUP.Optional.AdPeak.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\vxlsnyaiet64, Quarantined, [faf454470e6d8ea8447703bea55da35d],
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-4.7, Quarantined, [d31b485362191e1818eaa22a20e2c63a],
PUP.Optional.SupraSavings.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, Quarantined, [c32b584348332115e0cce1e856ac37c9],
PUP.Optional.SupraSavings.A, HKU\S-1-5-21-4085199397-2572690825-1515401833-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Supra Savings, Quarantined, [5a947823dba0c472931903c67c8660a0],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-4085199397-2572690825-1515401833-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [49a54a511c5f092debe65d7b9c66629e],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-4085199397-2572690825-1515401833-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [f9f5f4a7daa17cba766a21cdf50ea25e],
PUP.Optional.GreatArcadeHits.A, HKU\S-1-5-21-4085199397-2572690825-1515401833-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{856AD396-519D-4C7A-BED6-6785F64924BC}, Quarantined, [28c609920b70bd794fbb52489e64fb05],
Registry Values: 4
PUP.Optional.BrowserSafeGuard.A, HKLM\SOFTWARE\WOW6432NODE\BROWSERSAFEGUARD|sourceid, advertisecom|advertisecom_lightspark-us-pops, Quarantined, [0ce29902750600367484e311e91aa45c]
PUP.Optional.Quiknowledge.A, HKLM\SOFTWARE\WOW6432NODE\QUIKNOWLEDGE|ie-ver, 11.0.9600.17107, Quarantined, [539bdebd94e7c76f12ed12bd11f14fb1]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-4085199397-2572690825-1515401833-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0E1G1J1H, Quarantined, [f9f5f4a7daa17cba766a21cdf50ea25e]
PUP.Optional.GreatArcadeHits.A, HKU\S-1-5-21-4085199397-2572690825-1515401833-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{B21F5E31-B8E8-41CD-B74C-168A71A10E49}, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\, Quarantined, [9f4f74278cef0c2a9975887ab84c7090]
Registry Data: 0
(No malicious items detected)
Folders: 8
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GreatArcadeHits, Quarantined, [dc12801bf289999d4cff726960a25ca4],
Rogue.Multiple, C:\ProgramData\374311380, Quarantined, [618dafec8fec6bcb80eab7d2a959916f],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome\content, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.SupraSavings.A, C:\Program Files\SupraSavings, Quarantined, [ed018a116e0de6508c10dec2c2409070],
PUP.Optional.SupraSavings.A, C:\Program Files\SupraSavings\SSL, Quarantined, [ed018a116e0de6508c10dec2c2409070],
Files: 27
PUP.Optional.PriceFinder.A, C:\Program Files\PriceFinder\PriceFinderHelper.x64.dll, Quarantined, [d618c7d486f55adc1b60a0d953ae40c0],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\GreatArcadeHitsIE.dll, Quarantined, [618d0893bcbff73f8d5495bd9c666799],
PUP.Optional.SnapDo.A, C:\Windows\Installer\ec7c89.msi, Quarantined, [76782a712556f73fe9dbfb8e44bded13],
PUP.Optional.BrowserSafeGuard.A, C:\Windows\System32\Tasks\BrowserSafeguard Update Task, Quarantined, [36b88d0e5328d46234d8c3f3a2605da3],
PUP.Optional.BetterDeals.A, C:\Users\Dustin Schumacher\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage, Quarantined, [05e904975d1e5fd72a09596219e9bd43],
PUP.Optional.BetterDeals.A, C:\Users\Dustin Schumacher\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.betterdeals00.betterdeals.co_0.localstorage-journal, Quarantined, [d5196d2ec1ba71c549ea07b4748e17e9],
PUP.Optional.Trovi.A, C:\Users\Dustin Schumacher\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.trovi.com_0.localstorage, Quarantined, [17d7049712690a2c53ed596637cb2dd3],
PUP.Optional.Trovi.A, C:\Users\Dustin Schumacher\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.trovi.com_0.localstorage-journal, Quarantined, [32bc62399be08caa92ae7e4160a2a65a],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GreatArcadeHits\Play Games online on GreatArcadeHits.com.url, Quarantined, [dc12801bf289999d4cff726960a25ca4],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GreatArcadeHits\Uninstall GreatArcadeHits.lnk, Quarantined, [dc12801bf289999d4cff726960a25ca4],
PUP.Optional.SupraSavings.A, C:\Program Files (x86)\6E6B36EB-9156-411B-B951-C735F4747DCF\SupraSavingsService64.exe, Delete-on-Reboot, [747aa6f56813fd395f858589b153966a],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\application.ico, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\cookies.js, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\gahcrx.zip, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\gahff.xpi, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\GAHUninstaller.exe, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\GAHUpdate.exe, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\Play Games online on GreatArcadeHits.com.url, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\premium.pem, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\static.js, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome.manifest, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\icon.png, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\install.rdf, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome\content\application.js, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome\content\overlay.xul, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome\content\page.js, Quarantined, [28c609920b70bd794fbb52489e64fb05],
PUP.Optional.GreatArcadeHits.A, C:\Users\Dustin Schumacher\AppData\Local\GreatArcadeHits\{B21F5E31-B8E8-41CD-B74C-168A71A10E49}\chrome\content\static.js, Quarantined, [28c609920b70bd794fbb52489e64fb05],
Physical Sectors: 0
(No malicious items detected)

(end)
 
Hello and welcome to TechSpot.com My name is Dave. I will be helping you out with your particular problem on your computer.
1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.
If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************
Please download AdwCleaner by Xplode onto your Desktop.
Before starting AdwCleaner, close all open programs and internet browsers, then double-click on the AdwCleaner icon.
AdwCleaner-icon.jpg

If Windows prompts you as to whether or not you wish to run AdwCleaner, please allow it to run.
When the AdwCleaner program will open, click on the Scan button as shown below.
untitled.png

AdwCleaner will now start to search for malicious files that may be installed on your computer.
To remove the files that were detected in the previous step, please click on the Clean button.
3.png

AdwCleaner will now prompt you to save any open files or data as the program will need to reboot the computer. Please do so and then click on the OK button. AdwCleaner will now delete all detected adware from your computer. When it is done it will display an alert that explains what PUPs (Potentially Unwanted Programs) and Adware are. Please read through this information and then press the OK button. You will now be presented with an alert that states AdwCleaner needs to reboot your computer.
Please click on the OK button to allow AdwCleaner reboot your computer.A log will be produced. Please copy and paste this log in your next reply.
*********************************************
Malwarebytes' Anti-Rootkit
Please download Malwarebytes' Anti-Rootkit and save it to your desktop.
  • Be sure to print out and follow the instructions provided on that same page for performing a scan.
  • Caution: This is a beta version so also read the disclaimer and back up all your data before using.
  • When the scan completes, click on the Cleanup button to remove any threats found and reboot the computer if prompted to do so.
  • Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  • If there are problems with Internet access, Windows Update, Windows Firewall or other system issues, run the fixdamage tool located in the folder Malwarebytes Anti-Rootkit was run from and reboot your computer.
  • Two files (mbar-log-YYYY-MM-DD, system-log.txt) will be created and saved within that same folder.
  • Copy and paste the contents of these two log files in your next reply.
*************************************************
Please download Junkware Removal Tool to your desktop.
Warning! Once the scan is complete JRT will shut down your browser with NO warning.
Shut down your protection software now to avoid potential conflicts.
•Temporarily disable your Antivirus and any Antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.
•Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator
•The tool will open and start scanning your system.
•Please be patient as this can take a while to complete depending on your system's specifications.
•On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
•Copy and Paste the JRT.txt log into your next message.
**********************************************
Download Security Check by screen317 from one of the following links and save it to your desktop.
Link 1
Link 2
* Double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.
Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
 
Status
Not open for further replies.

Similar threads

NonTechyDad
Solved Malware removal for my son's pc
2
Replies
33
Views
5K
Broni
Broni
liltxkg
Inactive Cleanup Help - File Explorer Freezing
Replies
6
Views
2K
Broni
Broni
Nicki
Solved Must have picked up something... some COVID computer variant???
Replies
9
Views
3K
Broni
Broni

Latest posts

Back