Jump to content

Windey

Members
  • Posts

    6
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Thank you for your help, it is MUCH appreciated!!
  2. The only "tool" I downloaded was the AdwCleaner program. Is it safe to just keep that on my computer for future use and not use OTC to clean up - or was something downloaded that I'm unaware of? Thank you.
  3. Working fine. Thank you for your help!
  4. Ran AdwCleaner, Results below. Found only one File - "Web Assistant Updater". Ran MBAM Quick Scan, results below. Appears to be clean. Computer was running OK prior to this request, I was just concerned about MBAM finding PUP.Optional.Iminent.A. Although MBAM appeared to have removed it I was still concerned it was hiding somewhere after some reading about it. Computer running fine now, although I was surprised to find all my "pinned" tabs were removed from Google Chrome when I went back online, however, was able to locate them and repin them. Since AdwCleaner found this "Web Assistant Updater", removed it and MBAM came back clean - am I now free of this "Iminent.A" thing? Did it come from the "Web Assistant Updater?" I wasn't even aware I had the "Web Assistant Updater." Please advise if I'm safe now and thank you so much for your help! SCAN RESULTS: # AdwCleaner v3.006 - Report created 07/10/2013 at 12:18:40 # Updated 01/10/2013 by Xplode# Operating System : Windows Vista Home Basic Service Pack 2 (32 bits)# Username : # Running from : C:\Users\Desktop\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** Service Deleted : Web Assistant Updater ***** [ Files / Folders ] ***** Folder Deleted : C:\Program Files\ConduitFolder Deleted : C:\Program Files\ConduitEngineFolder Deleted : C:\Program Files\Web AssistantFolder Deleted : C:\Program Files\Common Files\spigotFolder Deleted : C:\Users\AppData\Local\ConduitFolder Deleted : C:\Users\AppData\Local\OpenCandyFolder Deleted : C:\Users\AppData\Local\PackageAwareFolder Deleted : C:\Users\AppData\LocalLow\ConduitFolder Deleted : C:\Users\AppData\LocalLow\ConduitEngineFolder Deleted : C:\Users\AppData\LocalLow\PriceGongFile Deleted : C:\Users\AppData\Roaming\Mozilla\Firefox\Profiles\a9vgu9ge.default\Extensions\webbooster@iminent.com.xpiFile Deleted : C:\END ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfdKey Deleted : HKCU\Software\Google\Chrome\Extensions\ebfmlbdgbekinmmpfmpjjkfclcgedhgjKey Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ebfmlbdgbekinmmpfmpjjkfclcgedhgjKey Deleted : HKLM\SOFTWARE\Classes\AppID\Extension.DLLKey Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObjectKey Deleted : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2724386Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8B63A8D6-BBED-4341-8867-790E5F524C96}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CD10120B-C165-4F8D-8C74-639629E238FF}Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}Key Deleted : HKCU\Software\BabylonKey Deleted : HKCU\Software\HeadlightKey Deleted : HKCU\Software\IMKey Deleted : HKCU\Software\ImInstallerKey Deleted : HKCU\Software\YahooPartnerToolbarKey Deleted : HKCU\Software\AppDataLow\Software\ConduitKey Deleted : HKCU\Software\AppDataLow\Software\PriceGongKey Deleted : HKCU\Software\AppDataLow\Software\smartbarKey Deleted : HKLM\Software\ConduitKey Deleted : HKLM\Software\IB UpdaterKey Deleted : HKLM\Software\ImInstallerKey Deleted : HKLM\Software\Web AssistantKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyPC Backup ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16502 -\\ Mozilla Firefox v [ File : C:\Users\AppData\Roaming\Mozilla\Firefox\Profiles\a9vgu9ge.default\prefs.js ] Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #psa-teoma-result .ptbs .WRCN, #teoma-results .ptbs .WRCN {display:inline !important; background: url(\\\\\"IMAGE\\\\\") r[...]Line Deleted : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\\\\\\\:\\\\\\\\/\\\\\\\\/(.+\\\\\\\\.)?ask\\\\\\\\.com\\\\\\\\/.*"); -\\ Google Chrome v30.0.1599.69 [ File : C:\Users\AppData\Local\Google\Chrome\User Data\Default\preferences ] ************************* AdwCleaner[R0].txt - [4583 octets] - [07/10/2013 11:46:08]AdwCleaner[s0].txt - [4624 octets] - [07/10/2013 12:18:40] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [4684 octets] ##########-------------------------------------------------------------------------------------------- Malwarebytes Anti-Malware 1.75.0.1300www.malwarebytes.org Database version: v2013.10.07.09 Windows Vista Service Pack 2 x86 NTFSInternet Explorer 9.0.8112.16421[administrator] 10/7/2013 1:40:37 PMmbam-log-2013-10-07 (13-40-37).txt Scan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2PScan options disabled: Objects scanned: 250308Time elapsed: 8 minute(s), 43 second(s) Memory Processes Detected: 0(No malicious items detected) Memory Modules Detected: 0(No malicious items detected) Registry Keys Detected: 0(No malicious items detected) Registry Values Detected: 0(No malicious items detected) Registry Data Items Detected: 0(No malicious items detected) Folders Detected: 0(No malicious items detected) Files Detected: 0(No malicious items detected) (end)
  5. When I ran a complete scan of MBAM, it found 6 locations of PUP.Optional.Iminent.A. I was able to remove them with MBAM. Then ran Super Antispy and it did not show up. Ran MBAM again and it did not show up again. After reading some information on the Internet, it appears advice has been given to also run AdwCleaner, Junkware Removal Tool, MBAM again and then HitmanPro. If MBAM tells me it removed it when I first found it, and when I did a second complete scan with MBAM it still didn't show up, is it still necessary to run these other scans? I just need to be sure it is gone. Thank you for your help!
  6. My last scan found "Rogue.Installer" under C:\Program Files\setup.exe. I deleted this with MBAM. After some reading here, I'm wondering if I deleted something that I actually needed and if this was a False Positive? I wasn't aware that Malwarebytes had False Positives. Thanks for any help.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.