Advertisement

There's no such thing as a stupid question, but they're the easiest to answer.
Login
Search

Advertisement

Web & Email Web & Email
Search Search
Search for:
Tech Support Guy > > >

Solved: Chrome tryin to scam me???


(!)

Brettyoke49's Avatar
Brettyoke49 Brettyoke49 is offline
Member with 5 posts.
THREAD STARTER
 
Join Date: Jan 2013
26-Jan-2013, 10:22 PM #1
Post Solved: Chrome tryin to scam me???
Google chrome is acting up for me. I don't know if I have a malicious extension or a virus, but about 1 in every 4 times that I try to go to a site or click on a link, Chrome will go there, then redirect to some random site which is generally an advertisement/stupid article. I've done multiple virus scans with multiple services, but I have no idea what to do to make chrome stop. What do you reccomend?
Phantom010's Avatar
Phantom010 has a Photo Album
Computer Specs
Trusted Advisor with 32,317 posts.
 
Join Date: Mar 2009
Location: Cyberspace
Experience: Advanced
26-Jan-2013, 10:37 PM #2
Please download AdwCleaner.
  • Double click the adwcleaner.exe to run the tool.
  • Click Delete.
  • When the scan is finished, a notepad window will be opened.
  • Please post the contents in your next reply.
  • The logfile will also be saved in C:\AdwCleaner[R1].txt.
Brettyoke49's Avatar
Brettyoke49 Brettyoke49 is offline
Member with 5 posts.
THREAD STARTER
 
Join Date: Jan 2013
26-Jan-2013, 10:53 PM #3
# AdwCleaner v2.108 - Logfile created 01/26/2013 at 21:47:34
# Updated 24/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
# User : Brett - BRETTP
# Boot Mode : Normal
# Running from : C:\Users\Brett\Downloads\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Object
Folder Deleted : C:\Program Files\Runescape
Folder Deleted : C:\ProgramData\Ask
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\Users\Brett\AppData\Local\APN
Folder Deleted : C:\Users\Brett\AppData\Local\Conduit
Folder Deleted : C:\Users\Brett\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Brett\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\Brett\AppData\LocalLow\MyWebSearch
Folder Deleted : C:\Users\Brett\AppData\LocalLow\Runescape
Folder Deleted : C:\Users\Brett\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\Brett\AppData\Roaming\Media Finder
Folder Deleted : C:\Users\Brett\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
Key Deleted : HKCU\Software\AppDataLow\Software\Runescape
Key Deleted : HKCU\Software\AppDataLow\Software\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\MediaFinder
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A8864317-E18B-4292-99D9-E6E65AB905D3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5FEA6CE7-8E67-4BEF-A61D-8F7015F0E123}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A8864317-E18B-4292-99D9-E6E65AB905D3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5FEA6CE7-8E67-4BEF-A61D-8F7015F0E123}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67FA02C4-AB30-4E77-A640-78EE8EC8673B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{799391D3-EB86-4BAC-9BD3-CBFEA58A0E15}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A8864317-E18B-4292-99D9-E6E65AB905D3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Classes\gencrawler_gc.GenCrawler
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\MF
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ThirdPartyInstaller
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ThirdPartyInstaller.1
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton
Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton.1
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2680363
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Freeze.com
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{368D30CA-6A7D-44C6-AD7A-86C5FA692F79}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9DC911B3-199C-4971-ADE5-9C4D22459B76}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5FEA6CE7-8E67-4BEF-A61D-8F7015F0E123}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Runescape Toolbar
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
Key Deleted : HKLM\Software\Runescape
Key Deleted : HKLM\SOFTWARE\Software
Key Deleted : HKLM\Software\Tarma Installer
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A8864317-E18B-4292-99D9-E6E65AB905D3}]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Media Finder]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A8864317-E18B-4292-99D9-E6E65AB905D3}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform [FunWebProducts]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform [FunWebProducts]
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [m3ffxtbr@mywebsearch.com]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v17.0.1 (en-US)

File : C:\Users\Brett\AppData\Roaming\Mozilla\Firefox\Profiles\9ua8fub7.default\pr efs.js

[OK] File is clean.

-\\ Google Chrome v24.0.1312.56

File : C:\Users\Brett\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[S1].txt - [13624 octets] - [26/01/2013 21:47:36]

########## EOF - C:\AdwCleaner[S1].txt - [13685 octets] ##########
Phantom010's Avatar
Phantom010 has a Photo Album
Computer Specs
Trusted Advisor with 32,317 posts.
 
Join Date: Mar 2009
Location: Cyberspace
Experience: Advanced
26-Jan-2013, 10:56 PM #4
Download, install and run the free version of Malwarebytes' Anti-Malware.

Click Update > Check for Updates.

When the definition files have updated, click OK.

Click the Scanner tab > Perform quick scan > Scan.

If infections are found during the scan, the number of infections will be highlighted in red.

When the scan is finished, click Show Results.

Make sure that everything is selected, then click Remove Selected.

If you're prompted to restart to finish the removal process, click Yes.

Start Malwarebytes' Anti-Malware again.

Click the Logs tab.

Highlight the scan log entry, then click Open.

When the scan log appears in Notepad, copy and paste it into your next reply.

===================================================================

Download, install and run the free version of SUPERAntiSpyware.

Click Check for Updates.

When the definition files have updated, click Close.

Select Perform Quick Scan and click Scan your Computer.

If infections or problems are found during the scan, a list will appear.

When the scan is finished and the scan summary window appears, click OK.

Make sure that everything in the list is selected, then click Next.

If you're prompted to restart to finish the removal process, click Yes.

Start SUPERAntiSpyware again.

Click View Scan Logs.

Highlight the scan log entry, then click View Selected Log.

When the scan log appears in Notepad, copy and paste it into your next reply.

__________________

Please read instructions and questions carefully, and reply in a timely manner... Thank you.

Why don't you just Google it?
If your problem is solved, please click on the Mark Solved button.
Brettyoke49's Avatar
Brettyoke49 Brettyoke49 is offline
Member with 5 posts.
THREAD STARTER
 
Join Date: Jan 2013
26-Jan-2013, 11:25 PM #5
I had done superspyware before this, and it didn't help. Here's the log for malwarebytes:

Malwarebytes Anti-Malware (Trial) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.27.01

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Brett :: BRETTP [administrator]

Protection: Enabled

1/26/2013 10:08:20 PM
mbam-log-2013-01-26 (22-08-20).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 219455
Time elapsed: 9 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 12
HKCR\CLSID\{acd6a209-4aaf-4b1c-9930-b82fa131e958} (PUP.FCTPlugin) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ACD6A209-4AAF-4B1C-9930-B82FA131E958} (PUP.FCTPlugin) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ACD6A209-4AAF-4B1C-9930-B82FA131E958} (PUP.FCTPlugin) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{ACD6A209-4AAF-4B1C-9930-B82FA131E958} (PUP.FCTPlugin) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ACD6A209-4AAF-4B1C-9930-B82FA131E958} (PUP.FCTPlugin) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Cerberus (Backdoor.Trace) -> Quarantined and deleted successfully.
HKCR\CLSID\{1780O37C-70SF-WPRE-3F66-3UKML8203PBG} (Trojan.Agent) -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1780O37C-70SF-WPRE-3F66-3UKML8203PBG} (Trojan.Agent) -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{1780O37C-70SF-WPRE-3F66-3UKML8203PBG} (Trojan.Agent) -> Quarantined and deleted successfully.
HKCU\Software\AppDataLow\gvtl (Adware.GameVance) -> Quarantined and deleted successfully.
HKCU\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Quarantined and deleted successfully.

Registry Values Detected: 3
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Cerberus (Trojan.Agent) -> Data: C:\windows\system32\Alchrome\Svchost.exe -> Quarantined and deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Cerberus (Trojan.Agent) -> Data: C:\windows\system32\Alchrome\Svchost.exe -> Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|config driver (Backdoor.Messa) -> Data: C:\Users\Brett\AppData\Roaming\config\config32.exe -> Quarantined and deleted successfully.

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 3
C:\Users\Brett\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com (Adware.GamesVance) -> Quarantined and deleted successfully.
C:\Users\Brett\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com\chrome (Adware.GamesVance) -> Quarantined and deleted successfully.
C:\Users\Brett\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com\components (Adware.GamesVance) -> Quarantined and deleted successfully.

Files Detected: 6
C:\Users\Brett\AppData\Roaming\bs (Stolen.Data) -> Quarantined and deleted successfully.
C:\Windows\System32\Alchrome\Svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Users\Brett\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com\chrome.manifest (Adware.GamesVance) -> Quarantined and deleted successfully.
C:\Users\Brett\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com\install.rdf (Adware.GamesVance) -> Quarantined and deleted successfully.
C:\Users\Brett\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com\chrome\gvtextlinks.jar (Adware.GamesVance) -> Quarantined and deleted successfully.
C:\Users\Brett\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com\components\gvtlf.xpt (Adware.GamesVance) -> Quarantined and deleted successfully.

(end)
Phantom010's Avatar
Phantom010 has a Photo Album
Computer Specs
Trusted Advisor with 32,317 posts.
 
Join Date: Mar 2009
Location: Cyberspace
Experience: Advanced
26-Jan-2013, 11:29 PM #6
Are you still getting redirected in Chrome? We did remove a lot of adware from your computer.
Brettyoke49's Avatar
Brettyoke49 Brettyoke49 is offline
Member with 5 posts.
THREAD STARTER
 
Join Date: Jan 2013
26-Jan-2013, 11:36 PM #7
I'm going to browse for 5 minutes, I'll let you know. BRB
Brettyoke49's Avatar
Brettyoke49 Brettyoke49 is offline
Member with 5 posts.
THREAD STARTER
 
Join Date: Jan 2013
26-Jan-2013, 11:41 PM #8
Seems solved. Thanks for the help, have a nice day.
Phantom010's Avatar
Phantom010 has a Photo Album
Computer Specs
Trusted Advisor with 32,317 posts.
 
Join Date: Mar 2009
Location: Cyberspace
Experience: Advanced
26-Jan-2013, 11:45 PM #9
You're welcome!

Be careful when installing free software on the Web. A lot of it comes bundled up with adware. You must not agree to anything they may be offering, especially toolbars. Free screen savers often contain adware installed without your consent.

Make sure your antivirus is running and updated. Run Malwarebytes' Anti-Malware and SUPERAntiSpyware periodically, maybe once a week, depending on your browsing habits.
As Seen On

BBC, Reader's Digest, PC Magazine, Today Show, Money Magazine
WELCOME TO TECH SUPPORT GUY!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.


Tags
advertisements, chrome, google, popups

(clock)
THIS THREAD HAS EXPIRED.
Are you having the same problem? We have volunteers ready to answer your question, but first you'll have to join for free. Need help getting started? Check out our Welcome Guide.

Search Tech Support Guy

Find the solution to your
computer problem!




Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools


WELCOME
You Are Using: Server ID
Trusted Website Back to the Top ↑