Inactive Pop ups

[Inactive] Pop ups

Hi all

We have been getting pop-ups saying things like the pc is going to crash and trying to get you to buy things?

I have ended the Yawtix Processors using task manager...But would you please check out if I am clear?

Many thanks

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 03/07/2014
Scan Time: 18:07:49
Logfile: tttt.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.03.04
Rootkit Database: v2014.07.01.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8
CPU: x64
File System: NTFS
User: shaun_000

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 477085
Time Elapsed: 53 min, 55 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 1
PUP.Optional.Yawtix.A, HKLM\SOFTWARE\WOW6432NODE\Yawtix, , [3027abefe49706309bb032826e948c74],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 6
PUP.Optional.Superfish.A, C:\Users\asw19_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, , [50079802c8b32412df77fec044be9d63],
PUP.Optional.Superfish.A, C:\Users\asw19_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, , [6ee93169fd7e37ff470f3f7faf53669a],
PUP.Optional.Superfish.A, C:\Users\keyra_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, , [a4b3c8d247340d2986d0e7d7dc26f50b],
PUP.Optional.Superfish.A, C:\Users\keyra_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, , [b2a58416720988ae1c3a01bdbb4760a0],
PUP.Optional.Superfish.A, C:\Users\shaun_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, , [fb5c92086a1140f6eb6b2e907e8460a0],
PUP.Optional.Superfish.A, C:\Users\shaun_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, , [8dca8812e59671c5b79fab137f83c23e],

Physical Sectors: 0
(No malicious items detected)


(end)

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16537 BrowserJavaVersion: 10.55.2
Run by shaun_000 at 19:18:51 on 2014-07-03
.
============== Running Processes ===============
.
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.co.uk/
mStart Page = hxxp://www.google.com
uProxyOverride = <local>
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
BHO: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [LedIndicatorKeyboardDriver] "C:\Program Files (x86)\Led Indicator Keyboard Driver\KeyboardIndicator.exe" showhide
uRun: [Akamai NetSession Interface] "C:\Users\shaun_000\AppData\Local\Akamai\netsession_win.exe "
uRun: [Logitech Vid] "C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe" -bootmode
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe "
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe "
mRun: [Aeria Ignite] "C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe" silent
mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
mRun: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
mRun: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mRun: [KeyScrambler] C:\Program Files (x86)\KeyScrambler\keyscrambler.exe /a
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\$MCREB~1.LNK -
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: EnableCursorSuppression = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
IE: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll
IE: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1 0.0.0.0
TCP: Interfaces\{5501DBE1-77D3-4F06-AE0E-EF582C45AB90} : DHCPNameServer = 192.168.1.1 0.0.0.0
TCP: Interfaces\{B1BFDDFA-728F-4673-9E00-4F892B7C60A3} : DHCPNameServer = 192.168.1.1 0.0.0.0
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-mStart Page = hxxp://www.google.com
x64-BHO: DVDVideoSoft IE Extension: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe "
x64-mPolicies-Explorer: NoDrives = dword:0
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
x64-mPolicies-System: EnableUIADesktopToggle = dword:0
x64-mPolicies-System: EnableCursorSuppression = dword:1
x64-mPolicies-System: ConsentPromptBehaviorUser = dword:3
x64-IE: {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
============= SERVICES / DRIVERS ===============
.
.
=============== Created Last 30 ================
.
2014-07-02 18:42:47 -------- d-----w- C:\Program Files\McAfee
2014-07-02 16:49:27 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2014-07-02 08:10:45 79064 ----a-w- C:\Windows\System32\drivers\gvmydcp.sys
2014-06-30 23:49:09 -------- d-----w- C:\Program Files (x86)\Yawtix
2014-06-21 18:21:45 3122248 ----a-w- C:\Windows\SysWow64\pbsvc_hos.exe
2014-06-15 18:11:29 -------- d-----w- C:\Program Files (x86)\Microsoft Chart Controls
2014-06-15 13:57:22 -------- d-----w- C:\Program Files (x86)\bitComposer Games
2014-06-05 23:10:44 -------- d-----w- C:\ProgramData\Movavi
2014-06-05 22:38:16 -------- d-----w- C:\Program Files (x86)\Sony Setup
2014-06-05 22:30:29 -------- d-----w- C:\Program Files (x86)\Aura4You
.
==================== Find3M ====================
.
2014-07-03 17:07:49 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-07-03 16:53:29 281032 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2014-07-03 16:53:29 281032 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2014-07-01 17:08:11 281032 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2014-06-21 18:50:23 76888 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2014-05-28 19:21:44 88480 ----a-w- C:\Windows\System32\drivers\atksgt.sys
2014-05-28 02:57:34 3130440 ----a-w- C:\Windows\SysWow64\pbsvc_blr.exe
2014-05-27 18:04:05 43680 ----a-w- C:\Windows\System32\drivers\lirsgt.sys
2014-05-12 06:26:14 64216 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-05-12 06:26:00 91352 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-12 06:25:56 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-05-01 10:05:51 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-28 20:29:36 82920 ----a-w- C:\Windows\SysWow64\mslvddsfilter2.ax
2014-04-16 21:13:00 37560 ----a-w- C:\Windows\System32\drivers\cmdhlp.sys
2014-04-16 21:12:59 748784 ----a-w- C:\Windows\System32\drivers\cmdguard.sys
2014-04-16 21:12:59 23168 ----a-w- C:\Windows\System32\drivers\cmderd.sys
.
============= FINISH: 19:20:30.05 ===============

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
.
==== Disk Partitions =========================
.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
7-Zip 9.20
8BitMMO
Acoustica Mixcraft 6
Adobe AIR
Adobe Creative Cloud
Adobe Download Assistant
Adobe Flash Player 14 Plugin
Adobe Photoshop CC
Adobe Reader X (10.1.9)
Aeria Ignite
Akamai NetSession Interface
AMD Accelerated Video Transcoding
AMD APP SDK Runtime
AMD Catalyst Install Manager
Any Video Converter 5.0.5
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Audacity 2.0.5
AVS Video Editor 6
Blacklight: Retribution
Bonjour
Broken Sword 5
Canon Easy-PhotoPrint EX
Canon MG3100 series MP Drivers
Canon MG3100 series On-screen Manual
Canon MG3100 series User Registration
Canon MP Navigator EX 5.0
Canon My Printer
Canon Solution Menu EX
Catalyst Control Center
Catalyst Control Center - Branding
Catalyst Control Center Graphics Previews Common
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
ccc-utility64
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CDBurnerXP
COMODO Antivirus
Compatibility Pack for the 2007 Office system
Counter-Strike
D3DX10
DMUninstaller
Downloader
Duke Nukem 3D
Duke3D
DVD Flick 1.3.0.7
DVD Shrink 3.2
DVDStyler v2.6.1
Eufloria HD
Evaer Video Recorder for Skype 1.3.10.8
Fraps (remove only)
Free Studio version 2014
Free YouTube to MP3 Converter version 3.12.35.514
Full DVD Ripper 9 Free
Gameforge Live 1.9.0 "Legend "
Global Ops: Commando Libya (remove only)
Google Chrome
Google Earth
Google Update Helper
Guitar Pro 5.2
Halo 2 for Windows Vista
Haunted Memories
HAWKEN
Intel(R) Management Engine Components
Intel® Trusted Connect Service Client
iTunes
Java 7 Update 55
Java Auto Updater
Junk Mail filter update
KeyScrambler
KNOWHOW APP CENTRE
Last.fm Scrobbler 2.1.35
Led Indicator Keyboard Driver
Left 4 Dead 2
Left 4 Dead 2 Beta
Lightworks
Logitech Vid
Logitech Webcam Software
Magic ISO Maker v5.5 (build 0281)
Malwarebytes Anti-Malware version 2.0.2.1012
Marine Sharpshooter 3
Microsoft Application Error Reporting
Microsoft Chart Controls for Microsoft .NET Framework 3.5
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Office
Microsoft Office File Validation Add-In
Microsoft Office Professional Edition 2003
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Movie Maker
Movie Maker 6.0 for Windows 7 (64-bit)
MSVCRT
MSVCRT Redists
MSVCRT_amd64
MSVCRT110
MSVCRT110_amd64
Nero 12
Nero Audio Pack 1
Nero BackItUp
Nero BackItUp Help (CHM)
Nero Blu-ray Player
Nero Blu-ray Player Help (CHM)
Nero Burning ROM
Nero Burning ROM Help (CHM)
Nero ControlCenter
Nero ControlCenter Help (CHM)
Nero Core Components
Nero Disc Menus Basic
Nero Effects Basic
Nero Express
Nero Express Help (CHM)
Nero Kwik Media
Nero Kwik Media Help (CHM)
Nero Kwik Themes Basic
Nero Launcher
Nero PiP Effects Basic
Nero Recode
Nero Recode Help (CHM)
Nero RescueAgent
Nero RescueAgent Help (CHM)
Nero SharedVideoCodecs
Nero Update
Nero Video
Nero Video Help (CHM)
neroxml
Nexon Game Manager
No More Room in Hell
NVIDIA PhysX
OpenAL
Outlast
PACE License Support Win64
PDF Settings CC
Photo Common
Photo Gallery
Prerequisite installer
PrivDog
PunkBuster Services
Quake 4(TM)
RealDownloader
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer
Realtek Ethernet Controller Driver
Realtek High Definition Audio Driver
RealUpgrade 1.1
Revo Uninstaller 1.95
Rising Storm/Red Orchestra 2 Multiplayer
Search Protection
Security Update for CAPICOM (KB931906)
Sentinel Protection Installer 7.6.6
Serif MoviePlus Starter Edition
Skypeâ„¢ 6.11
Sony Vegas Pro Pre-Cracked By Exµs 11.0
Spybot - Search & Destroy
Steam
Terrorist Takedown 3
Tom Clancy's Ghost Recon Phantoms - EU
Torchlight
TuxGuitar
UE3Redist
Unity Web Player
War Inc. Battlezone
Welcome App (Start-up experience)
Windows Live Communications Platform
Windows Live Essentials
Windows Live Installer
Windows Live Mail
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Movie Maker 2.6
WinRAR 4.20 (64-bit)
WinX HD Video Converter Deluxe 5.0.5
Xfire
Xvid MPEG-4 Video Codec
You Have to Win the Game
YTD Video Downloader 4.8.1
.
==== End Of File ===========================

 

Hello and welcome to Windowsbbs.com My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************
Please download AdwCleaner by Xplode onto your Desktop.

Before starting AdwCleaner, close all open programs and internet browsers, then double-click on the AdwCleaner icon.



If Windows prompts you as to whether or not you wish to run AdwCleaner, please allow it to run.
When the AdwCleaner program will open, click on the Scan button as shown below.



AdwCleaner will now start to search for malicious files that may be installed on your computer.
To remove the files that were detected in the previous step, please click on the Clean button.



AdwCleaner will now prompt you to save any open files or data as the program will need to reboot the computer. Please do so and then click on the OK button. AdwCleaner will now delete all detected adware from your computer. When it is done it will display an alert that explains what PUPs (Potentially Unwanted Programs) and Adware are. Please read through this information and then press the OK button. You will now be presented with an alert that states AdwCleaner needs to reboot your computer.
Please click on the OK button to allow AdwCleaner reboot your computer.A log will be produced. Please copy and paste this log in your next reply.
*********************************************
Malwarebytes' Anti-Rootkit

Please download Malwarebytes' Anti-Rootkit and save it to your desktop.

• Be sure to print out and follow the instructions provided on that same page for performing a scan.
• Caution: This is a beta version so also read the disclaimer and back up all your data before using.
• When the scan completes, click on the Cleanup button to remove any threats found and reboot the computer if prompted to do so.
• Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
• If there are problems with Internet access, Windows Update, Windows Firewall or other system issues, run the fixdamage tool located in the folder Malwarebytes Anti-Rootkit was run from and reboot your computer.
• Two files (mbar-log-YYYY-MM-DD, system-log.txt) will be created and saved within that same folder.
• Copy and paste the contents of these two log files in your next reply.

*************************************************
Please download Junkware Removal Tool to your desktop.

•Warning! Once the scan is complete JRT will shut down your browser with NO warning.

•Shut down your protection software now to avoid potential conflicts.

•Temporarily disable your Antivirus and any Antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

•Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator

•The tool will open and start scanning your system.

•Please be patient as this can take a while to complete depending on your system's specifications.

•On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

•Copy and Paste the JRT.txt log into your next message.

 

Hi and thanks for waiting...

Malwarebytes Rootkit found nothing and did not produce any reoprts?

# AdwCleaner v3.214 - Report created 04/07/2014 at 06:22:10
# Updated 29/06/2014 by Xplode
# Operating System : Windows 8 (64 bits)
# Username : shaun_000 - WADE-PC
# Running from : C:\Users\shaun_000\Desktop\adwcleaner_3.214.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\END
File Found : C:\Users\keyra_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Found : C:\Users\keyra_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
Folder Found : C:\Program Files (x86)\GreenTree Applications
Folder Found : C:\Program Files (x86)\NCH Software
Folder Found : C:\Program Files\Uninstaller
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\1clickmoviedownloader.com
Folder Found : C:\ProgramData\NCH Software
Folder Found : C:\ProgramData\simplitec
Folder Found : C:\Users\asw19_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
Folder Found : C:\Users\asw19_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Folder Found : C:\Users\asw19_000\AppData\Roaming\NCH Software
Folder Found : C:\Users\caitl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
Folder Found : C:\Users\caitl_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Folder Found : C:\Users\keyra_000\AppData\Local\cool_mirage
Folder Found : C:\Users\keyra_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
Folder Found : C:\Users\keyra_000\AppData\Roaming\NCH Software
Folder Found : C:\Users\keyra_000\AppData\Roaming\simplitec
Folder Found : C:\Users\liamw_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
Folder Found : C:\Users\liamw_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Folder Found : C:\Users\liamw_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof
Folder Found : C:\Users\liamw_000\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bubble Dock
Folder Found : C:\Users\liamw_000\AppData\Roaming\Nosibay
Folder Found : C:\Users\shaun_000\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z
Folder Found : C:\Users\shaun_000\AppData\Roaming\DigitalSites
Folder Found : C:\Users\shaun_000\AppData\Roaming\Search Protection
Folder Found : C:\Windows\SysWOW64\SearchProtect

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\dsiteproducts
Key Found : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Protection
Key Found : [x64] HKCU\Software\dsiteproducts
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\cmaiofennmphjldldcpphcechfnnohja
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DMUninstaller
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537


-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\asw19_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Extension] : cmaiofennmphjldldcpphcechfnnohja
Found [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Found [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Found [Extension] : jbolfgndggfhhpbnkgnpjkfhinclbigj
Found [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Found [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Found [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Found [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc

[ File : C:\Users\caitl_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Extension] : cmaiofennmphjldldcpphcechfnnohja
Found [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Found [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Found [Extension] : jbolfgndggfhhpbnkgnpjkfhinclbigj
Found [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Found [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Found [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Found [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc

[ File : C:\Users\keyra_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Extension] : booedmolknjekdopkepjjeckmjkdpfgl
Found [Extension] : cmaiofennmphjldldcpphcechfnnohja
Found [Extension] : flpcjncodpafbgdpnkljologafpionhb
Found [Extension] : jbolfgndggfhhpbnkgnpjkfhinclbigj

[ File : C:\Users\liamw_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Extension] : cikkkfooompgefbcjlgdjejfdknkheaj
Found [Extension] : cmaiofennmphjldldcpphcechfnnohja
Found [Extension] : gpiifgmgnfdiblgpaepbmfdkcheicgof
Found [Extension] : jbolfgndggfhhpbnkgnpjkfhinclbigj
Found [Extension] : nlcphjankhppgohedpkjonpadimhaoof

[ File : C:\Users\shaun_000\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Extension] : cikkkfooompgefbcjlgdjejfdknkheaj
Found [Extension] : cmaiofennmphjldldcpphcechfnnohja
Found [Extension] : gpiifgmgnfdiblgpaepbmfdkcheicgof
Found [Extension] : jbolfgndggfhhpbnkgnpjkfhinclbigj
Found [Extension] : nlcphjankhppgohedpkjonpadimhaoof

*************************

AdwCleaner[R0].txt - [5474 octets] - [12/10/2013 19:08:23]
AdwCleaner[R1].txt - [868 octets] - [12/10/2013 19:55:30]
AdwCleaner[R2].txt - [1555 octets] - [21/10/2013 18:47:17]
AdwCleaner[R3].txt - [1668 octets] - [10/11/2013 15:45:58]
AdwCleaner[R4].txt - [7378 octets] - [04/07/2014 06:22:10]
AdwCleaner[S0].txt - [5453 octets] - [12/10/2013 19:10:14]
AdwCleaner[S1].txt - [1614 octets] - [21/10/2013 18:49:02]
AdwCleaner[S2].txt - [1721 octets] - [10/11/2013 15:47:23]

########## EOF - C:\AdwCleaner\AdwCleaner[R4].txt - [7618 octets] ##########




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by shaun_000 on 06/07/2014 at 16:38:56.04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\adtrustmedia "
Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader "
Successfully deleted: [Folder] "C:\Program Files (x86)\adtrustmedia "
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader "



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 06/07/2014 at 16:55:53.32
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Remove the Adware:

• Please close all open programs and internet browsers.
• Double click on adwcleaner.exe to run the tool.
• Click on Delete.
• Confirm each time with OK
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the content of that logfile in your reply.
• You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.

********************************************
ESET Online Scan

Scan your computer with the ESET FREE Online Virus Scan

* Click the ESET Online Scanner button.

* For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
* Click on the esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop
* Double click on the esetsmartinstaller_enu.exe icon on your desktop.
* Place a check mark next to YES, I accept the Terms of Use.

* Click the Start button.
* Accept any security warnings from your browser.
* Leave the check mark next to Remove found threats and place a check next to Scan archives.
* Click the Start button.
* ESET will then download updates, install, and begin scanning your computer. Please be patient as this can take some time.
* When the scan completes, click List of found threats.
* Next click Export to text file and save the file to your desktop using a name such as ESETScan. Include the contents of this report in your next reply.
* Click the Back button then click Finish.

In your next reply please include the ESET Online Scan Log