Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Aug 31, 2014 10:44:16 GMT -8
I suggest getting a better program that that JustCloud is a PUP in the same family as "MyPC Backup" using the same Service technique, "BackupStack.exe" Read carefully
Download Adwcleaner www.bleepingcomputer.com/download/adwcleaner/ on to your desktop The Blue Download Now @bleeping Computer button and run a scan ( Scan Button). It will create a log after. Or there is a Report button, ONE SCAN ONLY
Attach or paste the log back here Quads
|
|
|
Post by barsac on Aug 31, 2014 12:12:58 GMT -8
|
|
|
Post by barsac on Aug 31, 2014 12:14:28 GMT -8
What backup service would you suggest? Pasted the log below:
# AdwCleaner v3.308 - Report created 31/08/2014 at 16:04:45 # Updated 20/08/2014 by Xplode # Operating System : Windows 8.1 (64 bits) # Username : Brian - BRIANPINCI # Running from : C:\Users\Jean\Desktop\AdwCleaner.exe # Option : Scan
***** [ Services ] *****
***** [ Files / Folders ] *****
File Found : C:\Users\Jean\Desktop\JustCloud.lnk File Found : C:\Users\Jean\Desktop\Sync Folder.lnk File Found : C:\Users\Public\Desktop\eBay.lnk Folder Found : C:\Users\Jean\AppData\Local\Pokki
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{22848257-6A2D-4D2A-8D56-C886D25B8B58} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\PokkiDownloadHelper Key Found : HKCU\Software\MozillaPlugins\pokki.com/PokkiDownloadHelper Key Found : HKCU\Software\WEDLMNGR Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : [x64] HKCU\Software\WEDLMNGR Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Found : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Key Found : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52} Key Found : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} Key Found : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600} Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17037
-\\ Google Chrome v36.0.1985.143
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [4605 octets] - [31/08/2014 16:04:45]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [4665 octets] ##########
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Aug 31, 2014 15:04:54 GMT -8
It depends what type of backup you are talking about a) Click the Scan Button and wait for the scan to finish,. (already done if Adwcleaner is left pending) b) Make sure all of the items under each TAB are to be ticked. c) Click the Clean Button and Adwcleaner will process all the items ticked / checked and then may ask for the system to be restarted.d) It should create a new log afterwards (with S0 in the name). Here is a Screenshot example Quads
|
|
|
Post by barsac on Aug 31, 2014 15:54:11 GMT -8
That's weird. Norton removed AdwCleaner. Says it has a virus Trojan.Gen.SMH. It won't let me download another copy.
As for backup. I want to backup photos, intuit files, and documents (word,excel,Ppt, etc) basically
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Aug 31, 2014 17:48:07 GMT -8
|
|
|
Post by barsac on Sept 1, 2014 2:38:25 GMT -8
OK. Major problems after that last run of ADWare and disabling Norton Auto-protect and Sonar. Norton shut down my firewall and then I couldn't get Norton back up and running to fix it. Had to run that compatibility mode thing to reset Norton. I think it's working now. Here is that log finally.
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{22848257-6A2D-4D2A-8D56-C886D25B8B58} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5} Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671} Key Deleted : HKCU\Software\WEDLMNGR Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\PokkiDownloadHelper Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17037
-\\ Google Chrome v36.0.1985.143
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
[ File : C:\Users\Jean\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [4777 octets] - [31/08/2014 16:04:45] AdwCleaner[R1].txt - [4841 octets] - [31/08/2014 22:06:42] AdwCleaner[S0].txt - [4532 octets] - [31/08/2014 22:12:54]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4592 octets] ##
|
|
Quads
Malware Removalists
In New Zealand
Posts: 9,387
|
Post by Quads on Sept 1, 2014 8:44:11 GMT -8
Norton should kick into gear after the time you had disabled for anyway and when you start the system the next day or when ever Norton should kick back into life.
Windows and Norton would or should alert you to when itself is disabled (Windows alerts to the AV turned off).
Quads
|
|