Stupid me


  1. Posts : 20
    Windows 10 x64
       #1

    Stupid me


    Has anyone but me gotten that "Pro PC Cleaner" horsecrap. I run Avast, AdAware Pro, Spybot Search & Destroy, and Spyware Blaster and it STILL got through. Can't get rid of the crap. Nothing in the "Programs and Features". Not in the start up under Task Manager. Tried searching with Regedit. Nothing. Anyone have ANY ideas here?
      My Computer


  2. Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       #2

    Hi:

    >>Disclaimer: I am not trained to provide formal malware removal advice.<<

    Without seeing some basic diagnostic logs, it's hard to say for sure.
    There are many rogues, PUPs and bonafide malware with similar-sounding names: "PC Cleaner Pro" vs. "Pro PC Cleaner", etc. etc.
    Proper removal would require seeing some logs to know exactly what the critter is on your system.

    You might want to try running AdwCleaner (but beware, as it can have false-positives), JRT, and MBAM (be sure to configure the "Detection and Protection" settings to treat PUPs/PUMs as malware).

    Having said that, the safest thing might be to head over to one of the many, reputable computer disinfection fora. The helpers there will be trained to know what tools to use, and in what sequence, for complete removal and repair.

    Hope this helps a bit,

    MM
      My Computer


  3. Posts : 26,391
    Win11 Pro, Win10 Pro N, Win10 Home, Windows 8.1 Pro, Ubuntu
       #3

    If you have an "older" system image backup(You do have one, right?, Right?), you could just reimage and update everything after. Even though I use an AV, MBAE, and MBAM, my most important malware cleanup tool is, a system image back-up(that I am certain has no malware) on an external USB drive stored in my closet.
      My Computers


  4. Posts : 20
    Windows 10 x64
    Thread Starter
       #4

    Running MBAM as we speak and it picked it up already. Hope I get lucky.
      My Computer


  5. Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       #5

    DarkSentinel said:
    Running MBAM as we speak and it picked it up already. Hope I get lucky.
    Please be sure to reboot, if prompted, for complete removal.
    But do NOT delete anything from MBAM Quarantine until someone can take a look at your scan log.
    (Items in quarantine cannot harm your computer, but it's best to leave them there for a while, to be sure there is no problem with the system after the malware/PUP removal. You can always manually delete them later from the Quarantine.)

    If you wish, please post back with the MBAM SCAN log attached to your next reply here in this thread.
    (Let us know if you need help doing that.)

    Thanks,
      My Computer


  6. Posts : 20
    Windows 10 x64
    Thread Starter
       #6

    MoxieMomma said:
    Please be sure to reboot, if prompted, for complete removal.
    But do NOT delete anything from MBAM Quarantine until someone can take a look at your scan log.
    (Items in quarantine cannot harm your computer, but it's best to leave them there for a while, to be sure there is no problem with the system after the malware/PUP removal. You can always manually delete them later from the Quarantine.)

    If you wish, please post back with the MBAM SCAN log attached to your next reply here in this thread.
    (Let us know if you need help doing that.)

    Thanks,
    Worked like a charm, and have not touched the quarantine yet. Thanks a bunch.

    I exported the log to a txt file....here it is...

    AMalwarebytes Anti-Malware
    Malwarebytes | Free Anti-Malware & Internet Security Software

    Scan Date: 12/25/2015
    Scan Time: 11:29 AM
    Logfile: scanlog.txt
    Administrator: Yes

    Version: 2.2.0.1024
    Malware Database: v2015.12.25.04
    Rootkit Database: v2015.12.18.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled

    OS: Windows 10
    CPU: x64
    File System: NTFS
    User: Ray

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 364294
    Time Elapsed: 36 min, 17 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 17
    PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2F23AB71-4AC6-41F2-A955-EA576E553146}, Quarantined, [1e2ac0e92c5f74c24a8940cf0301ce32],
    PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E8B0D7E7-5E87-4048-9073-B1C484DE4E6D}, Quarantined, [e95f53564447320490430a052fd5dc24],
    PUP.Optional.ProCleaningSoftware, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ProfessionalCleaningSoftware_Popup, Delete-on-Reboot, [c484931618736bcbcffbe0317f859d63],
    PUP.Optional.ProCleaningSoftware, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\ProfessionalCleaningSoftware_Start, Delete-on-Reboot, [12369217a1eaf145f9d18889f01406fa],
    PUP.Optional.ProCleaningSoftware, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\ProfessionalCleaningSoftware.exe, Quarantined, [a5a307a2464551e55d5ae52d3ec6a858],
    PUP.Optional.ProCleaningSoftware, HKLM\SOFTWARE\WOW6432NODE\Professional Cleaning Software, Quarantined, [86c21a8f1279bd79ceffbd54887c9967],
    PUP.Optional.ProCleaningSoftware, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\ProfessionalCleaningSoftware_RASAPI32, Quarantined, [054393168506aa8c5702ce44ee16cc34],
    PUP.Optional.ProCleaningSoftware, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\ProfessionalCleaningSoftware_RASMANCS, Quarantined, [b395fcaddfacca6c96c3e42e35cfd729],
    PUP.Optional.ProCleaningSoftware, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\ProfessionalCleaningSoftware.exe, Quarantined, [3117c4e5f794eb4b833415fdb351f907],
    PUP.Optional.InstallCore, HKU\S-1-5-21-3880941584-2175326869-876678730-1002\SOFTWARE\ICSW1.17, Quarantined, [480093163a51ef47c93d476260a37e82],
    PUP.Optional.ProCleaningSoftware, HKU\S-1-5-21-3880941584-2175326869-876678730-1002\SOFTWARE\Professional Cleaning Software, Quarantined, [f5539712a0eb52e4984a0d05dd27c739],
    PUP.Optional.ProCleaningSoftware, HKU\S-1-5-21-3880941584-2175326869-876678730-1002\SOFTWARE\ProfessionalCleaningSoftwareLanguage, Quarantined, [60e83772642794a23ba88a88a460926e],
    PUP.Optional.ProPCCleaner, HKU\S-1-5-21-3880941584-2175326869-876678730-1002\SOFTWARE\CAPHYON\ADVANCED UPDATER\{EB8CB898-F337-451C-A468-B9725D04ED21}, Quarantined, [e95feebbc3c8f343a720696de12243bd],
    PUP.Optional.ProCleaningSoftware, HKU\S-1-5-21-3880941584-2175326869-876678730-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\AUDIO\POLICYCONFIG\PROPERTYSTORE\5B447B70_0, Quarantined, [b296e5c41378fd394c95b85ab3510000],
    PUP.Optional.Spigot, HKU\S-1-5-21-3880941584-2175326869-876678730-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2F23AB71-4AC6-41F2-A955-EA576E553146}, Quarantined, [3d0be5c4a4e749ed3b2216acfb0845bb],
    PUP.Optional.WinYahoo, HKU\S-1-5-21-3880941584-2175326869-876678730-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E8B0D7E7-5E87-4048-9073-B1C484DE4E6D}, Quarantined, [1c2c208986054aec11c1c04fdc284eb2],
    PUP.Optional.ProductSetup, HKU\S-1-5-21-3880941584-2175326869-876678730-1002\SOFTWARE\PRODUCTSETUP, Quarantined, [7ace79305c2f082eb8464276d62d1ae6],

    Registry Values: 9
    PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}|URL, Yahoo Search - Web Search[1e2ac0e92c5f74c24a8940cf0301ce32]D4%26b[1e2ac0e92c5f74c24a8940cf0301ce32]DIE%26cc[1e2ac0e92c5f74c24a8940cf0301ce32]Dus%26pa[1e2ac0e92c5f74c24a8940cf0301ce32]DWincy%26cd[1e2ac0e92c5f74c24a8940cf0301ce32]D2XzuyEtN2Y1L1Qzu0AtD0DtA0CtCyCtCtC0EtDyE0B0A0EzztN0D0Tzu0StCyEyDtAtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1 ByEtN1L1G1B1V1N2Y1L1Qzu2StByC0CtDyBtCtBtBtGyDyB0A0DtG0EtAyBtCtGyDyC0EtAtGyB0BtByCtD0FtBzyzztA0CtA2Qt N1M1F1B2Z1V1N2Y1L1Qzu2S0C0B0EzytCyCyC0EtGyDtAyEyEtGyE0B0D0EtG0B0FyEzztG0FtC0FyByE0CzztCtA0ByByD2QtN0 A0LzuyEtN1B2Z1V1T1S1NzutCtBzyyB%26cr[1e2ac0e92c5f74c24a8940cf0301ce32]D303682617%26a[1e2ac0e92c5f74c24a8940cf0301ce32]Dwbf_ir_15_52%26os_ver[1e2ac0e92c5f74c24a8940cf0301ce32]D10.0%26os[1e2ac0e92c5f74c24a8940cf0301ce32]DWindowsQuarantinedB10QuarantinedBHome&p={searchTerms}, %4, %5
    PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}|TopResultURLFallback, Yahoo Search - Web Search[94b4416893f85cdac80bfd12857f4bb5]D4%26b[94b4416893f85cdac80bfd12857f4bb5]DIE%26cc[94b4416893f85cdac80bfd12857f4bb5]Dus%26pa[94b4416893f85cdac80bfd12857f4bb5]DWincy%26cd[94b4416893f85cdac80bfd12857f4bb5]D2XzuyEtN2Y1L1Qzu0AtD0DtA0CtCyCtCtC0EtDyE0B0A0EzztN0D0Tzu0StCyEyDtAtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1 ByEtN1L1G1B1V1N2Y1L1Qzu2StByC0CtDyBtCtBtBtGyDyB0A0DtG0EtAyBtCtGyDyC0EtAtGyB0BtByCtD0FtBzyzztA0CtA2Qt N1M1F1B2Z1V1N2Y1L1Qzu2S0C0B0EzytCyCyC0EtGyDtAyEyEtGyE0B0D0EtG0B0FyEzztG0FtC0FyByE0CzztCtA0ByByD2QtN0 A0LzuyEtN1B2Z1V1T1S1NzutCtBzyyB%26cr[94b4416893f85cdac80bfd12857f4bb5]D303682617%26a[94b4416893f85cdac80bfd12857f4bb5]Dwbf_ir_15_52%26os_ver[94b4416893f85cdac80bfd12857f4bb5]D10.0%26os[94b4416893f85cdac80bfd12857f4bb5]DWindowsQuarantinedB10QuarantinedBHome&p={searchTerms}, %4, %5
    PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E8B0D7E7-5E87-4048-9073-B1C484DE4E6D}|URL, Yahoo Search - Web Search[e95f53564447320490430a052fd5dc24]D4%26b[e95f53564447320490430a052fd5dc24]DIE%26cc[e95f53564447320490430a052fd5dc24]Dus%26pa[e95f53564447320490430a052fd5dc24]DWincy%26cd[e95f53564447320490430a052fd5dc24]D2XzuyEtN2Y1L1Qzu0AtD0DtA0CtCyCtCtC0EtDyE0B0A0EzztN0D0Tzu0StCyEyDtAtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1 ByEtN1L1G1B1V1N2Y1L1Qzu2StByC0CtDyBtCtBtBtGyDyB0A0DtG0EtAyBtCtGyDyC0EtAtGyB0BtByCtD0FtBzyzztA0CtA2Qt N1M1F1B2Z1V1N2Y1L1Qzu2S0C0B0EzytCyCyC0EtGyDtAyEyEtGyE0B0D0EtG0B0FyEzztG0FtC0FyByE0CzztCtA0ByByD2QtN0 A0LzuyEtN1B2Z1V1T1S1NzutCtBzyyB%26cr[e95f53564447320490430a052fd5dc24]D303682617%26a[e95f53564447320490430a052fd5dc24]Dwbf_ir_15_52%26os_ver[e95f53564447320490430a052fd5dc24]D10.0%26os[e95f53564447320490430a052fd5dc24]DWindowsQuarantinedB10QuarantinedBHome&p={searchTerms}, %4, %5
    PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E8B0D7E7-5E87-4048-9073-B1C484DE4E6D}|TopResultURLFallback, Yahoo Search - Web Search[1533aaff9fec65d18c4763acbc48966a]D4%26b[1533aaff9fec65d18c4763acbc48966a]DIE%26cc[1533aaff9fec65d18c4763acbc48966a]Dus%26pa[1533aaff9fec65d18c4763acbc48966a]DWincy%26cd[1533aaff9fec65d18c4763acbc48966a]D2XzuyEtN2Y1L1Qzu0AtD0DtA0CtCyCtCtC0EtDyE0B0A0EzztN0D0Tzu0StCyEyDtAtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1 ByEtN1L1G1B1V1N2Y1L1Qzu2StByC0CtDyBtCtBtBtGyDyB0A0DtG0EtAyBtCtGyDyC0EtAtGyB0BtByCtD0FtBzyzztA0CtA2Qt N1M1F1B2Z1V1N2Y1L1Qzu2S0C0B0EzytCyCyC0EtGyDtAyEyEtGyE0B0D0EtG0B0FyEzztG0FtC0FyByE0CzztCtA0ByByD2QtN0 A0LzuyEtN1B2Z1V1T1S1NzutCtBzyyB%26cr[1533aaff9fec65d18c4763acbc48966a]D303682617%26a[1533aaff9fec65d18c4763acbc48966a]Dwbf_ir_15_52%26os_ver[1533aaff9fec65d18c4763acbc48966a]D10.0%26os[1533aaff9fec65d18c4763acbc48966a]DWindowsQuarantinedB10QuarantinedBHome&p={searchTerms}, %4, %5
    PUP.Optional.ProCleaningSoftware, HKU\S-1-5-21-3880941584-2175326869-876678730-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\AUDIO\POLICYCONFIG\PROPERTYSTORE\5b447b70_0, {2}.\\?\hdaudio#func_01&ven_10ec&dev_0282&subsys_103c1982&rev_1000#{6994ad04-93ef-11d0-a3cc-00a0c9223196}\singlelineouttopo/00010001|\Device\HarddiskVolume4\Program Files (x86)\Professional Cleaning Software\ProfessionalCleaningSoftware.exe%b{00000000-0000-0000-0000-000000000000}, Quarantined, [b296e5c41378fd394c95b85ab3510000]
    PUP.Optional.Spigot, HKU\S-1-5-21-3880941584-2175326869-876678730-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2f23ab71-4ac6-41f2-a955-ea576e553146}|URL, https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=435371&p={searchTerms}, Quarantined, [3d0be5c4a4e749ed3b2216acfb0845bb]
    PUP.Optional.WinYahoo, HKU\S-1-5-21-3880941584-2175326869-876678730-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E8B0D7E7-5E87-4048-9073-B1C484DE4E6D}|URL, Yahoo Search - Web Search[1c2c208986054aec11c1c04fdc284eb2]D4%26b[1c2c208986054aec11c1c04fdc284eb2]DIE%26cc[1c2c208986054aec11c1c04fdc284eb2]Dus%26pa[1c2c208986054aec11c1c04fdc284eb2]DWincy%26cd[1c2c208986054aec11c1c04fdc284eb2]D2XzuyEtN2Y1L1Qzu0AtD0DtA0CtCyCtCtC0EtDyE0B0A0EzztN0D0Tzu0StCyEyDtAtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1 ByEtN1L1G1B1V1N2Y1L1Qzu2StByC0CtDyBtCtBtBtGyDyB0A0DtG0EtAyBtCtGyDyC0EtAtGyB0BtByCtD0FtBzyzztA0CtA2Qt N1M1F1B2Z1V1N2Y1L1Qzu2S0C0B0EzytCyCyC0EtGyDtAyEyEtGyE0B0D0EtG0B0FyEzztG0FtC0FyByE0CzztCtA0ByByD2QtN0 A0LzuyEtN1B2Z1V1T1S1NzutCtBzyyB%26cr[1c2c208986054aec11c1c04fdc284eb2]D303682617%26a[1c2c208986054aec11c1c04fdc284eb2]Dwbf_ir_15_52%26os_ver[1c2c208986054aec11c1c04fdc284eb2]D10.0%26os[1c2c208986054aec11c1c04fdc284eb2]DWindowsQuarantinedB10QuarantinedBHome&p={searchTerms}, %4, %5
    PUP.Optional.WinYahoo, HKU\S-1-5-21-3880941584-2175326869-876678730-1002\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E8B0D7E7-5E87-4048-9073-B1C484DE4E6D}|TopResultURLFallback, Yahoo Search - Web Search[f75150597a111d191bb7ee212ed6b848]D4%26b[f75150597a111d191bb7ee212ed6b848]DIE%26cc[f75150597a111d191bb7ee212ed6b848]Dus%26pa[f75150597a111d191bb7ee212ed6b848]DWincy%26cd[f75150597a111d191bb7ee212ed6b848]D2XzuyEtN2Y1L1Qzu0AtD0DtA0CtCyCtCtC0EtDyE0B0A0EzztN0D0Tzu0StCyEyDtAtN1L2XzutAtFtCyCtFtCtFtDtN1L1Czu1 ByEtN1L1G1B1V1N2Y1L1Qzu2StByC0CtDyBtCtBtBtGyDyB0A0DtG0EtAyBtCtGyDyC0EtAtGyB0BtByCtD0FtBzyzztA0CtA2Qt N1M1F1B2Z1V1N2Y1L1Qzu2S0C0B0EzytCyCyC0EtGyDtAyEyEtGyE0B0D0EtG0B0FyEzztG0FtC0FyByE0CzztCtA0ByByD2QtN0 A0LzuyEtN1B2Z1V1T1S1NzutCtBzyyB%26cr[f75150597a111d191bb7ee212ed6b848]D303682617%26a[f75150597a111d191bb7ee212ed6b848]Dwbf_ir_15_52%26os_ver[f75150597a111d191bb7ee212ed6b848]D10.0%26os[f75150597a111d191bb7ee212ed6b848]DWindowsQuarantinedB10QuarantinedBHome&p={searchTerms}, %4, %5
    PUP.Optional.ProductSetup, HKU\S-1-5-21-3880941584-2175326869-876678730-1002\SOFTWARE\PRODUCTSETUP|tb, 0P1R1Q1B1F1R2W0E, Quarantined, [7ace79305c2f082eb8464276d62d1ae6]

    Registry Data: 0
    (No malicious items detected)

    Folders: 31
    PUP.Optional.PCProCleaner, C:\Users\Ray\AppData\Roaming\updates, Quarantined, [00487732b4d7e3539f1de5ef23e01fe1],
    PUP.Optional.ProCleaningSoftware, C:\Users\Ray\Documents\ProfessionalCleaningSoftware, Quarantined, [60e871381873979f7352c54c2bd9cf31],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\pt, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\ar, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\bs-Cyrl-BA, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\bs-Latn-BA, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\da, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\de, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\es, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\fil-PH, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\fr, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\he, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\hr-HR, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\it, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\ja, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\nl, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\no, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\pl, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\ru, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\se-FI, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\sr-Cyrl-RS, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\sr-Latn-RS, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\sv, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\th-TH, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\tr-TR, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Professional Cleaning Software, Quarantined, [4afea2070d7e1a1ce2e566ab8c787a86],
    PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, Quarantined, [6adeb8f16e1ddb5bc23094ee7f8358a8],
    PUP.Optional.ProCleaningSoftware, C:\Users\Ray\AppData\Local\Professional_Cleaning_Sof, Quarantined, [5fe9426793f8f6406182971b13ef2cd4],
    PUP.Optional.ProCleaningSoftware, C:\Users\Ray\AppData\Local\Professional_Cleaning_Sof\ProfessionalCleaningSoftw_Url_aplhg0xb1tqute0uw ygrzpiqcmhge0yw, Quarantined, [5fe9426793f8f6406182971b13ef2cd4],
    PUP.Optional.ProCleaningSoftware, C:\Users\Ray\AppData\Local\Professional_Cleaning_Sof\ProfessionalCleaningSoftw_Url_aplhg0xb1tqute0uw ygrzpiqcmhge0yw\3.0.7.0, Quarantined, [5fe9426793f8f6406182971b13ef2cd4],

    Files: 88
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\ProfessionalCleaningSoftware.exe, Quarantined, [12361c8dc2c98fa7026e784c50b123dd],
    PUP.Optional.InstallCore, C:\Users\Ray\AppData\Local\Temp\ICReinstall_install.exe, Quarantined, [49ffbbee830877bfcae60f3eae53af51],
    PUP.Optional.InstallCore, C:\Users\Ray\AppData\Local\Temp\B8yrG4aQ.exe.part, Quarantined, [82c6a9009af19d99a20e400d6c959a66],
    PUP.Optional.InstallCore, C:\Users\Ray\AppData\Local\Temp\downloader_for_BlueStacks-Installer_native.exe, Quarantined, [c7814b5e38535ed86749a311fd0712ee],
    PUP.Optional.InstallCore, C:\Users\Ray\AppData\Local\Temp\downloader_for_CyberLink_PowerDVD_Downloader.exe, Quarantined, [2d1bd9d0404bc96d565a4470e0246d93],
    PUP.Optional.ProCleaningSoftware, C:\Users\Ray\AppData\Local\Temp\apptemp.1.exe, Quarantined, [6adeb3f6543777bff67bac187091ad53],
    PUP.Optional.Spigot, C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\i5k3ymej.default\searchplugins\yahoo_ff.xml, Quarantined, [d7715950d5b6ee484712efd313f0eb15],
    PUP.Optional.PCProCleaner, C:\Users\Ray\AppData\Roaming\updates\updates.aiu, Quarantined, [00487732b4d7e3539f1de5ef23e01fe1],
    Ransom.FileCryptor, C:\Users\Ray\AppData\Local\Temp\msconfig.exe, Quarantined, [a1a782270784cc6a05ab40c3ec18a35d],
    PUP.Optional.ProCleaningSoftware, C:\Users\Ray\Documents\ProfessionalCleaningSoftware\errors, Quarantined, [60e871381873979f7352c54c2bd9cf31],
    PUP.Optional.ProCleaningSoftware, C:\Users\Ray\Documents\ProfessionalCleaningSoftware\errors_data, Quarantined, [60e871381873979f7352c54c2bd9cf31],
    PUP.Optional.ProCleaningSoftware, C:\Users\Ray\Documents\ProfessionalCleaningSoftware\fileerrors, Quarantined, [60e871381873979f7352c54c2bd9cf31],
    PUP.Optional.ProCleaningSoftware, C:\Users\Ray\Documents\ProfessionalCleaningSoftware\fileerrors_data, Quarantined, [60e871381873979f7352c54c2bd9cf31],
    PUP.Optional.ProCleaningSoftware, C:\Users\Ray\Documents\ProfessionalCleaningSoftware\logerror.txt, Quarantined, [60e871381873979f7352c54c2bd9cf31],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\DeepClean.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\Microsoft.Win32.TaskScheduler.xml, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\azurant.exe, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\azurant.ini, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\ComponentFactory.Krypton.Toolkit.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\DeepClean.dll.config, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\InstAct.exe, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\InstAct.exe.config, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\Interop.IWshRuntimeLibrary.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\Interop.Shell32.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\LinqBridge.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\Microsoft.Win32.TaskScheduler.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\mlogger.log, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\ObjectListView.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\ProfessionalCleaningSoftware.exe.config, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\ProfessionalCleaningSoftware.vshost.exe, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\ProfessionalCleaningSoftware.vshost.exe.config, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\Setup.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\Setup.dll.config, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\Splash.exe, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\Splash.exe.config, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\SQLite.Interop.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\System.Data.SQLite.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\pt\ProfessionalCleaningSoftware.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\pt\Splash.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\ar\ProfessionalCleaningSoftware.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\ar\Splash.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\bs-Cyrl-BA\ProfessionalCleaningSoftware.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\bs-Cyrl-BA\Splash.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\bs-Latn-BA\ProfessionalCleaningSoftware.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\bs-Latn-BA\Splash.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\da\ProfessionalCleaningSoftware.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\da\Splash.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\de\ProfessionalCleaningSoftware.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\de\Splash.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\es\ProfessionalCleaningSoftware.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\es\Splash.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\fil-PH\ProfessionalCleaningSoftware.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\fil-PH\Splash.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\fr\ProfessionalCleaningSoftware.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\fr\Splash.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\he\ProfessionalCleaningSoftware.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\he\Splash.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\hr-HR\ProfessionalCleaningSoftware.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\hr-HR\Splash.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\it\ProfessionalCleaningSoftware.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\it\Splash.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\ja\ProfessionalCleaningSoftware.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\ja\Splash.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\nl\ProfessionalCleaningSoftware.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\nl\Splash.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\no\ProfessionalCleaningSoftware.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\no\Splash.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\pl\ProfessionalCleaningSoftware.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\pl\Splash.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\ru\ProfessionalCleaningSoftware.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\ru\Splash.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\se-FI\ProfessionalCleaningSoftware.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\se-FI\Splash.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\sr-Cyrl-RS\ProfessionalCleaningSoftware.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\sr-Cyrl-RS\Splash.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\sr-Latn-RS\ProfessionalCleaningSoftware.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\sr-Latn-RS\Splash.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\sv\ProfessionalCleaningSoftware.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\sv\Splash.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\th-TH\ProfessionalCleaningSoftware.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\th-TH\Splash.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\tr-TR\ProfessionalCleaningSoftware.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Program Files (x86)\Professional Cleaning Software\tr-TR\Splash.resources.dll, Quarantined, [fa4e9118177485b10eb853beca3a1ae6],
    PUP.Optional.ProCleaningSoftware, C:\Users\Ray\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Professional Cleaning Software\Professional Cleaning Software.lnk, Quarantined, [4afea2070d7e1a1ce2e566ab8c787a86],
    PUP.Optional.ProCleaningSoftware, C:\Windows\System32\Tasks\ProfessionalCleaningSoftware_Popup, Quarantined, [a4a4ebbed6b51026398f68a956ae2fd1],
    PUP.Optional.ProCleaningSoftware, C:\Windows\System32\Tasks\ProfessionalCleaningSoftware_Start, Quarantined, [38106940b5d661d5ccfcb65b51b3fb05],
    PUP.Optional.ProCleaningSoftware, C:\Users\Ray\AppData\Local\Professional_Cleaning_Sof\ProfessionalCleaningSoftw_Url_aplhg0xb1tqute0uw ygrzpiqcmhge0yw\3.0.7.0\user.config, Quarantined, [5fe9426793f8f6406182971b13ef2cd4],
    PUP.Optional.Spigot, C:\Users\Ray\AppData\Roaming\Mozilla\Firefox\Profiles\i5k3ymej.default\prefs.js, Good: (), Bad: (user_pref("keyword.URL", "https://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=435371&p="), Replaced,[f5531099008b41f5368db1078f75de22]

    Physical Sectors: 0
    (No malicious items detected)


    (end)
      My Computer


  7. Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       #7

    DarkSentinel said:
    Worked like a charm, and have not touched the quarantine yet. Thanks a bunch.
    That's good news. I'm glad MBAM removed the pest/rogue/PUP for you.
    MBAM certainly found a ton of stuff, mostly PUPs.
    (FYI you did not have all scan options enabled (such as the rootkit scanning).)

    Having said that, complete removal of some types of malware requires the use of multiple tools.

    So the safest thing might be to head over to one of the many, reputable computer disinfection fora to get a second opinion.
    The helpers there are trained to know what tools to use, and in what sequence, for complete removal and repair (as needed).
    They can walk you through some additional scans to be sure you are fully clean.

    But it's up to you, of course.

    Also, for the record, neither Lavasoft AdAware nor Spybot S&D is held in high regard by many security experts these days.
    Like @Cliff S, I also use MBAM and MBAE alongside my AV for layered protection, but there are other options, too, for anti-malware and anti-exploit protection.

    PUPs are not true malware, in the strict sense, but they can get you into trouble eventually and some are hard to remove.
    They all require some sort of user action (or lack thereof) to wind up on your computer.
    So, it's possible you did not opt out of these PUPs during the setup wizards when installing other, legit software.
    You might want to be more careful about installing stuff, and/or use Unchecky or a similar utility to avoid getting these unwanted freebies.

    Here are a few links with helpful information:

    The complexity of finding, preventing, and cleanup from malware
    So how did I get infected in the first place?
    How did I get infected?
    Answers to common security questions - Best Practices
    List of well known antivirus products
    Six tips to help you stay safer online
    ----------------------------------------

    Cheers,
    MM
      My Computer


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 03:45.
Find Us




Windows 10 Forums