Random windows showing up when my google chrome is open..

Hello all,



So my cousins laptop is displaying weird windows while he is on twitch.tv and other sites. Here are the logs..



# AdwCleaner v3.308 - Report created 30/08/2014 at 22:17:59
# Updated 20/08/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
# Username : Owner-1 - COMPUTER
# Running from : C:\Users\Owner-1\Desktop\adwcleaner_3.308.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : APNMCP
[#] Service Deleted : Update ClearThink
[#] Service Deleted : Util ClearThink
Service Deleted : {c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\2308189059
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\Program Files\AskPartnerNetwork
Folder Deleted : C:\Program Files\GamesBar
Folder Deleted : C:\Program Files\Level Quality Watcher
Folder Deleted : C:\Program Files\SavingsBull
Folder Deleted : C:\Program Files\SavingsbullFilter
Folder Deleted : C:\Program Files\wse_astromenda
[!] Folder Deleted : C:\Program Files\ClearThink
Folder Deleted : C:\Windows\Installer\{6DDE8071-E4BA-461B-8A96-990DFAA0EBD1}
Folder Deleted : C:\Users\Owner-1\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\Owner-1\AppData\Local\VNT
Folder Deleted : C:\Users\Owner-1\AppData\Local\Temp\ClearThink
Folder Deleted : C:\Users\Owner-1\AppData\Roaming\Astromenda
Folder Deleted : C:\Users\Owner-1\AppData\Roaming\Search Protection
Folder Deleted : C:\Users\Owner-1\AppData\Roaming\wse_astromenda
Folder Deleted : C:\Users\Owner-1\Documents\Optimizer Pro
File Deleted : C:\END
File Deleted : C:\Windows\system32\drivers\{c5e48979-bd7f-4cf7-9b73-2482a67a4f37}Gw.sys
File Deleted : C:\Users\Owner-1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.boostsaves.com_0.localstorage
File Deleted : C:\Users\Owner-1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.boostsaves.com_0.localstorage-journal
File Deleted : C:\Users\Owner-1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Owner-1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

Task Deleted : LaunchSignup
Task Deleted : Optimizer Pro Schedule

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pljcgbedjplidkdjahbaalanadmjfgop
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BRS]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SearchProtection]
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ClearThink_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ClearThink_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateClearThink_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateClearThink_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilClearThink_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilClearThink_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Update ClearThink
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Util ClearThink
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10AD2C61-0898-4348-8600-14A342F22AC3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7e6d4e3e-fc66-4036-9799-ce5c625c4c56}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8972B0D-B0FB-4158-A567-365283693AD6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{06e035f9-c6b3-4ae7-a839-ba68791f5499}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10AD2C61-0898-4348-8600-14A342F22AC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7e6d4e3e-fc66-4036-9799-ce5c625c4c56}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10AD2C61-0898-4348-8600-14A342F22AC3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7e6d4e3e-fc66-4036-9799-ce5c625c4c56}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10AD2C61-0898-4348-8600-14A342F22AC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
Key Deleted : HKCU\Software\AskPartnerNetwork
Key Deleted : HKCU\Software\Astromenda
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\WSE_Astromenda
Key Deleted : HKCU\Software\ClearThink
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Search Protection
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : HKLM\SOFTWARE\GoforFiles
Key Deleted : HKLM\SOFTWARE\InstallCore
Key Deleted : HKLM\SOFTWARE\LevelQualityWatcher
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\SavingsBullFilter
Key Deleted : HKLM\SOFTWARE\ClearThink
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Protection
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6DDE8071-E4BA-461B-8A96-990DFAA0EBD1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ac225167-00fc-452d-94c5-bb93600e7d9a}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSE_Astromenda
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ClearThink
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1C19AC53289098045B06B0DD1D37CBAB
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23D9E9D21B4E77E41B9F50DD22F24E20
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\23EEA1F105A7F45449974D9B95E7AC89
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\26982796A8AFD1246B95E00265A95BF9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42D92D0D75AFEF74297E03876C8D9D33
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50FFE845C555A6E4BADB7CB7A145BFEB
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\715A3348920B6534690067594BB69F60
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7B7B13B037A7C2A42AC3E3EAF14D7107
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7D05B2942E9CC80499F397F6114DFB35
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8591B8948E1C4A04F90505B3CDEE8555
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D841C5FEC311624CB88D49DB3884FA7
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD04033484A18CA4CAB3EE59D39D756E
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AD746BF3B3B3FD8409B86604BA85982A
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F355F0DB7A2E3A14B8E7A568FBA25937
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1708EDD6AB4EB164A86999D0AF0ABE1D
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\1708EDD6AB4EB164A86999D0AF0ABE1D
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\1708EDD6AB4EB164A86999D0AF0ABE1D

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v36.0.1985.143

[ File : C:\Users\Owner-1\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://www.search.ask.com/web?tpid=ORJ-V7C&o=APN11411&l=dis&pf=V7&p2=%5EBBJ%5EOSJ000%5EYY%5EUS&gct=&itbv=12.12.2.83&doi=2014-07-02&apn_uid=4AC8DD0D-F4AC-4D0C-9550-0D47EBE6D4DA&apn_ptnrs=BBJ&apn_dtid=%5EOSJ000%5EYY%5EUS&apn_dbr=cr_35.0.1916.153&psv=&pt=tb&trgb=CR&q={searchTerms}
Deleted [Search Provider] : hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_suma_14_50_ch&cd=2XzuyEtN2Y1L1QzuyCyEtAtCyDtDyD0FyD0Azzzz0F0DyEyBtN0D0Tzu0SzyyDyEtN1L2XzutAtFtDtFtCtDtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDtDzytA0Azz0EtBtGtB0AtC0EtGtByE0CyEtGyCyE0AyDtGyC0Azzzz0E0EzztDyDyByD0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0F0CtB0CzytCtDtGtA0ByEtAtGyEzzyD0EtGzztAzzyBtGyC0BtDtCyB0FyE0Ezz0CzzyB2Q&cr=1316248977&ir=
Deleted [Startup_urls] : hxxp://astromenda.com/?f=7&a=ast_suma_14_50_ch&cd=2XzuyEtN2Y1L1QzuyCyEtAtCyDtDyD0FyD0Azzzz0F0DyEyBtN0D0Tzu0SzyyDyEtN1L2XzutAtFtDtFtCtDtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDtDzytA0Azz0EtBtGtB0AtC0EtGtByE0CyEtGyCyE0AyDtGyC0Azzzz0E0EzztDyDyByD0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0F0CtB0CzytCtDtGtA0ByEtAtGyEzzyD0EtGzztAzzyBtGyC0BtDtCyB0FyE0Ezz0CzzyB2Q&cr=1316248977&ir=
Deleted [Startup_urls] : hxxp://www.search.ask.com/?tpid=ORJ-V7C&o=APN11411&pf=V7&trgb=CR&p2=%5EBBJ%5EOSJ000%5EYY%5EUS&gct=hp&apn_ptnrs=BBJ&apn_dtid=%5EOSJ000%5EYY%5EUS&apn_dbr=cr_35.0.1916.153&apn_uid=4AC8DD0D-F4AC-4D0C-9550-0D47EBE6D4DA&itbv=12.12.2.83&doi=2014-07-02&psv=&pt=tb
Deleted [Homepage] : hxxp://astromenda.com/?f=1&a=ast_suma_14_50_ch&cd=2XzuyEtN2Y1L1QzuyCyEtAtCyDtDyD0FyD0Azzzz0F0DyEyBtN0D0Tzu0SzyyDyEtN1L2XzutAtFtDtFtCtDtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyDtDzytA0Azz0EtBtGtB0AtC0EtGtByE0CyEtGyCyE0AyDtGyC0Azzzz0E0EzztDyDyByD0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2StB0F0CtB0CzytCtDtGtA0ByEtAtGyEzzyD0EtGzztAzzyBtGyC0BtDtCyB0FyE0Ezz0CzzyB2Q&cr=1316248977&ir=
Deleted [Extension] : pljcgbedjplidkdjahbaalanadmjfgop

*************************

AdwCleaner[R0].txt - [12147 octets] - [30/08/2014 22:15:56]
AdwCleaner[S0].txt - [11507 octets] - [30/08/2014 22:17:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [11568 octets] ##########


And



Results of screen317's Security Check version 0.99.87
Windows 7 Service Pack 1 x86 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Firewall Disabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 60
Java version out of Date!
Adobe Flash Player 14.0.0.145
Adobe Reader XI
Google Chrome 36.0.1985.125
Google Chrome 36.0.1985.143
Google Chrome plugins...
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Malwarebytes Anti-Malware mbamscheduler.exe
iolo System Mechanic iologovernor.exe
iolo Common Lib ioloServiceManager.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````



And




Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 8/30/2014
Scan Time: 10:30:56 PM
Logfile: fdsf.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.31.01
Rootkit Database: v2014.08.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Owner-1

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 281000
Time Elapsed: 8 min, 55 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 3
PUP.Optional.AdPeak.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{10AD2C61-0898-4348-8600-14A342F22AC3}, Quarantined, [1409933a0873b77f4f823b3e927047b9],
PUP.Optional.ClearThink.A, HKLM\SOFTWARE\ClearThink, Quarantined, [e03d8d40a3d8e6502f0b2334c53fbb45],
PUP.Optional.ClearThink.A, HKU\S-1-5-21-1484660218-3856736019-134160805-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ClearThink, Quarantined, [4fcebb12611a6dc9003be5727c88e020],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 3
PUP.Optional.Amonetize, C:\Users\Owner-1\Downloads\alien vs predator arcade game pc__3039_i984502094_il2406994.exe, Quarantined, [c6577c51fe7dc76fce659b02837e30d0],
PUP.Optional.Astromenda.A, C:\Windows\System32\Tasks\WSE_Astromenda, Quarantined, [32ebfdd0eb90bc7a6bda46a746bc19e7],
PUP.Optional.Astromenda.A, C:\Windows\Tasks\WSE_Astromenda.job, Quarantined, [5dc0686581fa8da9b096668715ed0df3],

Physical Sectors: 0
(No malicious items detected)


(end)

and


Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 8/30/2014
Scan Time: 10:28:54 PM
Logfile: ss.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.31.01
Rootkit Database: v2014.08.21.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Owner-1

Scan Type: Threat Scan
Result: Cancelled
Objects Scanned: 0
(No malicious items detected)
Time Elapsed: 0 min, 23 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************
Update Your Java (JRE)

Old versions of Java have vulnerabilities that malware can use to infect your system.

First Verify your Java Version

If there are any other version(s) installed then update now.

Get the new version (if needed)

If your version is out of date install the newest version of the Sun Java Runtime Environment.

Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Be sure to close ALL open web browsers before starting the installation.

Remove any old versions

1. Download JavaRa and unzip the file to your Desktop.
2. Open JavaRA.exe and choose Remove Older Versions
3. Once complete exit JavaRA.

Additional Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer.
*********************************************
Malwarebytes' Anti-Rootkit

Please download Malwarebytes' Anti-Rootkit and save it to your desktop.

• Be sure to print out and follow the instructions provided on that same page for performing a scan.
  
• Caution: This is a beta version so also read the disclaimer and back up all your data before using.
  
• When the scan completes, click on the Cleanup button to remove any threats found and reboot the computer if prompted to do so.
  
• Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
  
• If there are problems with Internet access, Windows Update, Windows Firewall or other system issues, run the fixdamage tool located in the folder Malwarebytes Anti-Rootkit was run from and reboot your computer.
  
• Two files (mbar-log-YYYY-MM-DD, system-log.txt) will be created and saved within that same folder.
  
• Copy and paste the contents of these two log files in your next reply.
  

*************************************************
Please download Junkware Removal Tool to your desktop.

•Warning! Once the scan is complete JRT will shut down your browser with NO warning.

•Shut down your protection software now to avoid potential conflicts.

•Temporarily disable your Antivirus and any Antispyware real time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

•Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click JRT and select Run as Administrator

•The tool will open and start scanning your system.

•Please be patient as this can take a while to complete depending on your system's specifications.

•On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

•Copy and Paste the JRT.txt log into your next message.

Ok so updated java and Rootkit didnt find any malicious items. here is the JRT Log



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Ultimate x86
Ran by Owner-1 on Sun 08/31/2014 at 16:46:15.72
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{8fe8d013-c3fd-4802-af48-79274e9f969e}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{b0441a0e-a49a-4e16-afc1-74ecced1921f}



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\Program Files\coupons"
Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 08/31/2014 at 16:49:30.06
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan

•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

• Click on to download the ESET Smart Installer. Save it to your desktop.
  
• Double click on the icon on your desktop.
  

•Check
•Click the button.
•Accept any security warnings from your browser.

• Leave the check mark next to Remove found threats.
  

•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the button.
•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

So I tried to run Eset 2 times and both times it crashed and gave me the blue screen of death before finishing

Ok, let's try this one.

Run the BitDefender Online scanner

Agree to the license and then select Scan. DO NOT CHANGE THE OPTIONS TO SHOW ALL FILES SCANNED. That will make your logs huge and we don't need to see clean files.

Once Bitdefender completes the scan:
Click-on the Detected Problems tab.
Then select Click here to export the scan report.

When the window comes up to save the report, change the Save as type: box to:
Text (Tab Delimited) (*.txt) and then in the File name box enter change to bdscan then click Save.

This will save a file named bdscan.txt. I would suggest saving it to the Desktop so you can easily find it. (take notice of where you save it so you can find it later).
This bdcan.txt file will actually contain HTML code that we can easily view later while reviewing your log. All we have to do is rename the file to bdscan.html.

If you do not follow these step, you will have an incorrect log or worse a log summary which is useless to us.

Post the bdscan.txt file as an Attachment.

This is all it said

You’re Good To Go! No Active Viruses Found.
Stay safe with The Best Antivirus of 2014!
GET FREE 6 MONTH LICENSE

Good. How's your computer running now? Any other issues?

It seems to be running fine. The only thing that concerns me is when the eset ran it said there was 31 issues at 50% but it never got to finish cuz it just kept crashing

The only thing that concerns me is when the eset ran it said there was 31 issues at 50% but it never got to finish cuz it just kept crashing.

It probably cleaned the infections even though it crashed. Let's do some clean up.

This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

• Activate UAC (optional; some users prefer to keep it off)
  
• Remove disinfection tools
  
• Create Registry backup
  
• Purge System Restore Points
  
• Re-set system settings
  

Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.
***********************************
Click Start> Computer> right click the C Drive and choose Properties> enter
Click Disk Cleanup from there.



Click OK on the Disk Cleanup Screen.
Click Yes on the Confirmation screen.



This runs the Disk Cleanup utility along with other selections if you have chosen any. (if you had a lot System Restore points, you will see a significant change in the free space in C drive)
***********************************
Go to Microsoft Windows Update and get all critical updates.
----------

I suggest using WOT - Web of Trust. WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

Thank you sir