1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: Chrome tryin to scam me???

Discussion in 'Web & Email' started by Brettyoke49, Jan 26, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. Brettyoke49

    Brettyoke49 Thread Starter

    Joined:
    Jan 26, 2013
    Messages:
    5
    Google chrome is acting up for me. I don't know if I have a malicious extension or a virus, but about 1 in every 4 times that I try to go to a site or click on a link, Chrome will go there, then redirect to some random site which is generally an advertisement/stupid article. I've done multiple virus scans with multiple services, but I have no idea what to do to make chrome stop. What do you reccomend?
     
  2. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,057
    Please download AdwCleaner.

    • Double click the adwcleaner.exe to run the tool.
    • Click Delete.
    • When the scan is finished, a notepad window will be opened.
    • Please post the contents in your next reply.
    • The logfile will also be saved in C:\AdwCleaner[R1].txt.
     
  3. Brettyoke49

    Brettyoke49 Thread Starter

    Joined:
    Jan 26, 2013
    Messages:
    5
    # AdwCleaner v2.108 - Logfile created 01/26/2013 at 21:47:34
    # Updated 24/01/2013 by Xplode
    # Operating system : Windows 7 Home Premium Service Pack 1 (32 bits)
    # User : Brett - BRETTP
    # Boot Mode : Normal
    # Running from : C:\Users\Brett\Downloads\adwcleaner.exe
    # Option [Delete]


    ***** [Services] *****


    ***** [Files / Folders] *****

    Folder Deleted : C:\Program Files\Conduit
    Folder Deleted : C:\Program Files\Object
    Folder Deleted : C:\Program Files\Runescape
    Folder Deleted : C:\ProgramData\Ask
    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Finder
    Folder Deleted : C:\ProgramData\Partner
    Folder Deleted : C:\ProgramData\Tarma Installer
    Folder Deleted : C:\Users\Brett\AppData\Local\APN
    Folder Deleted : C:\Users\Brett\AppData\Local\Conduit
    Folder Deleted : C:\Users\Brett\AppData\LocalLow\Conduit
    Folder Deleted : C:\Users\Brett\AppData\LocalLow\FunWebProducts
    Folder Deleted : C:\Users\Brett\AppData\LocalLow\MyWebSearch
    Folder Deleted : C:\Users\Brett\AppData\LocalLow\Runescape
    Folder Deleted : C:\Users\Brett\AppData\LocalLow\Toolbar4
    Folder Deleted : C:\Users\Brett\AppData\Roaming\Media Finder
    Folder Deleted : C:\Users\Brett\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]

    ***** [Registry] *****

    Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
    Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
    Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
    Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
    Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
    Key Deleted : HKCU\Software\AppDataLow\Software\Runescape
    Key Deleted : HKCU\Software\AppDataLow\Software\Toolbar
    Key Deleted : HKCU\Software\AppDataLow\Toolbar
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKCU\Software\Cr_Installer
    Key Deleted : HKCU\Software\Headlight
    Key Deleted : HKCU\Software\MediaFinder
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Download with &Media Finder
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1E0DE227-5CE4-4EA3-AB0C-8B03E1AA76BC}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A8864317-E18B-4292-99D9-E6E65AB905D3}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5FEA6CE7-8E67-4BEF-A61D-8F7015F0E123}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A8864317-E18B-4292-99D9-E6E65AB905D3}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
    Key Deleted : HKCU\Software\Zugo
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5FEA6CE7-8E67-4BEF-A61D-8F7015F0E123}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67FA02C4-AB30-4E77-A640-78EE8EC8673B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{799391D3-EB86-4BAC-9BD3-CBFEA58A0E15}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A8864317-E18B-4292-99D9-E6E65AB905D3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
    Key Deleted : HKLM\SOFTWARE\Classes\gencrawler_gc.GenCrawler
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
    Key Deleted : HKLM\SOFTWARE\Classes\MF
    Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton
    Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton.1
    Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ThirdPartyInstaller
    Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ThirdPartyInstaller.1
    Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton
    Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
    Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2680363
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
    Key Deleted : HKLM\Software\Conduit
    Key Deleted : HKLM\Software\Freeze.com
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dednnpigldgdbpgcdpfppmlcnnbjciel
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kincjchfokkeneeofpeefomkikfkiedl
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lpmkgpnbiojfaoklbkpfneikocaobfai
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{368D30CA-6A7D-44C6-AD7A-86C5FA692F79}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9DC911B3-199C-4971-ADE5-9C4D22459B76}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467E-B8D4-7786EDA79AE0}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
    Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
    Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4520F3-AE13-4FB1-A513-58E23991C86D}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5FEA6CE7-8E67-4BEF-A61D-8F7015F0E123}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
    Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Runescape Toolbar
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
    Key Deleted : HKLM\Software\Runescape
    Key Deleted : HKLM\SOFTWARE\Software
    Key Deleted : HKLM\Software\Tarma Installer
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{A8864317-E18B-4292-99D9-E6E65AB905D3}]
    Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Media Finder]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{A8864317-E18B-4292-99D9-E6E65AB905D3}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform [FunWebProducts]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform [FunWebProducts]
    Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v9.0.8112.16457

    [OK] Registry is clean.

    -\\ Mozilla Firefox v17.0.1 (en-US)

    File : C:\Users\Brett\AppData\Roaming\Mozilla\Firefox\Profiles\9ua8fub7.default\prefs.js

    [OK] File is clean.

    -\\ Google Chrome v24.0.1312.56

    File : C:\Users\Brett\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] File is clean.

    *************************

    AdwCleaner[S1].txt - [13624 octets] - [26/01/2013 21:47:36]

    ########## EOF - C:\AdwCleaner[S1].txt - [13685 octets] ##########
     
  4. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,057
    Download, install and run the free version of Malwarebytes' Anti-Malware.

    Click Update > Check for Updates.

    When the definition files have updated, click OK.

    Click the Scanner tab > Perform quick scan > Scan.

    If infections are found during the scan, the number of infections will be highlighted in red.

    When the scan is finished, click Show Results.

    Make sure that everything is selected, then click Remove Selected.

    If you're prompted to restart to finish the removal process, click Yes.

    Start Malwarebytes' Anti-Malware again.

    Click the Logs tab.

    Highlight the scan log entry, then click Open.

    When the scan log appears in Notepad, copy and paste it into your next reply.

    ===================================================================

    Download, install and run the free version of SUPERAntiSpyware.

    Click Check for Updates.

    When the definition files have updated, click Close.

    Select Perform Quick Scan and click Scan your Computer.

    If infections or problems are found during the scan, a list will appear.

    When the scan is finished and the scan summary window appears, click OK.

    Make sure that everything in the list is selected, then click Next.

    If you're prompted to restart to finish the removal process, click Yes.

    Start SUPERAntiSpyware again.

    Click View Scan Logs.

    Highlight the scan log entry, then click View Selected Log.

    When the scan log appears in Notepad, copy and paste it into your next reply.

     
  5. Brettyoke49

    Brettyoke49 Thread Starter

    Joined:
    Jan 26, 2013
    Messages:
    5
    I had done superspyware before this, and it didn't help. Here's the log for malwarebytes:

    Malwarebytes Anti-Malware (Trial) 1.70.0.1100
    www.malwarebytes.org

    Database version: v2013.01.27.01

    Windows 7 Service Pack 1 x86 NTFS
    Internet Explorer 9.0.8112.16421
    Brett :: BRETTP [administrator]

    Protection: Enabled

    1/26/2013 10:08:20 PM
    mbam-log-2013-01-26 (22-08-20).txt

    Scan type: Quick scan
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
    Scan options disabled: P2P
    Objects scanned: 219455
    Time elapsed: 9 minute(s), 9 second(s)

    Memory Processes Detected: 0
    (No malicious items detected)

    Memory Modules Detected: 0
    (No malicious items detected)

    Registry Keys Detected: 12
    HKCR\CLSID\{acd6a209-4aaf-4b1c-9930-b82fa131e958} (PUP.FCTPlugin) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ACD6A209-4AAF-4B1C-9930-B82FA131E958} (PUP.FCTPlugin) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ACD6A209-4AAF-4B1C-9930-B82FA131E958} (PUP.FCTPlugin) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{ACD6A209-4AAF-4B1C-9930-B82FA131E958} (PUP.FCTPlugin) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ACD6A209-4AAF-4B1C-9930-B82FA131E958} (PUP.FCTPlugin) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Cerberus (Backdoor.Trace) -> Quarantined and deleted successfully.
    HKCR\CLSID\{1780O37C-70SF-WPRE-3F66-3UKML8203PBG} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1780O37C-70SF-WPRE-3F66-3UKML8203PBG} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Active Setup\Installed Components\{1780O37C-70SF-WPRE-3F66-3UKML8203PBG} (Trojan.Agent) -> Quarantined and deleted successfully.
    HKCU\Software\AppDataLow\gvtl (Adware.GameVance) -> Quarantined and deleted successfully.
    HKCU\Software\VB and VBA Program Settings\SrvID (Malware.Trace) -> Quarantined and deleted successfully.

    Registry Values Detected: 3
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Cerberus (Trojan.Agent) -> Data: C:\windows\system32\Alchrome\Svchost.exe -> Quarantined and deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Cerberus (Trojan.Agent) -> Data: C:\windows\system32\Alchrome\Svchost.exe -> Quarantined and deleted successfully.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|config driver (Backdoor.Messa) -> Data: C:\Users\Brett\AppData\Roaming\config\config32.exe -> Quarantined and deleted successfully.

    Registry Data Items Detected: 0
    (No malicious items detected)

    Folders Detected: 3
    C:\Users\Brett\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected] (Adware.GamesVance) -> Quarantined and deleted successfully.
    C:\Users\Brett\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\chrome (Adware.GamesVance) -> Quarantined and deleted successfully.
    C:\Users\Brett\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\components (Adware.GamesVance) -> Quarantined and deleted successfully.

    Files Detected: 6
    C:\Users\Brett\AppData\Roaming\bs (Stolen.Data) -> Quarantined and deleted successfully.
    C:\Windows\System32\Alchrome\Svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Users\Brett\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\chrome.manifest (Adware.GamesVance) -> Quarantined and deleted successfully.
    C:\Users\Brett\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\install.rdf (Adware.GamesVance) -> Quarantined and deleted successfully.
    C:\Users\Brett\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\chrome\gvtextlinks.jar (Adware.GamesVance) -> Quarantined and deleted successfully.
    C:\Users\Brett\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\[email protected]\components\gvtlf.xpt (Adware.GamesVance) -> Quarantined and deleted successfully.

    (end)
     
  6. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,057
    Are you still getting redirected in Chrome? We did remove a lot of adware from your computer.
     
  7. Brettyoke49

    Brettyoke49 Thread Starter

    Joined:
    Jan 26, 2013
    Messages:
    5
    I'm going to browse for 5 minutes, I'll let you know. BRB
     
  8. Brettyoke49

    Brettyoke49 Thread Starter

    Joined:
    Jan 26, 2013
    Messages:
    5
    Seems solved. Thanks for the help, have a nice day.
     
  9. Phantom010

    Phantom010 Trusted Advisor

    Joined:
    Mar 9, 2009
    Messages:
    34,057
    You're welcome!

    Be careful when installing free software on the Web. A lot of it comes bundled up with adware. You must not agree to anything they may be offering, especially toolbars. Free screen savers often contain adware installed without your consent.

    Make sure your antivirus is running and updated. Run Malwarebytes' Anti-Malware and SUPERAntiSpyware periodically, maybe once a week, depending on your browsing habits.
     
  10. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1087015