Author Topic: win32:relevantAA  (Read 3367 times)

0 Members and 1 Guest are viewing this topic.

Offline Jimmy9190

  • Newbie
  • *
  • Posts: 18
win32:relevantAA
« on: June 30, 2013, 08:45:22 PM »
I have Avast Free version 8, did a scan and it found this win32:relevantAA PUP. I tried to move it to the virus chest, Avast said access was denied. So I selected delete and it was successful. Then I ran another scan and it came back clean with no threats detected. I tried to look online and had no luck finding out what win32:relevantAA really is. I think it is some sort of adware file, Avast said the threat risk was low. I did a quick scan with Malwarebytes Pro, it did not find that file or anything else. Does anyone here know what win32:relevantAA is, what it does or is it dangerous?

Thanks,

Jimmy

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37612
  • Not a avast user
Re: win32:relevantAA
« Reply #1 on: June 30, 2013, 08:55:16 PM »
Quote
win32:relevantAA PUP
PUP = not a virus / Possible Unwanted Program

http://www.spywareguide.com/product_show.php?id=488
it usually comes bundled with programs you download...

http://blog.spywareguide.com/mt-search.cgi?search=Relevant+Knowledge&IncludeBlogs=4



« Last Edit: June 30, 2013, 08:57:59 PM by Pondus »

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37612
  • Not a avast user
Re: win32:relevantAA
« Reply #2 on: June 30, 2013, 09:02:20 PM »
run a scan with AdwCleaner...click delete....post log here

http://forum.avast.com/index.php?topic=53253.0

Offline Jimmy9190

  • Newbie
  • *
  • Posts: 18
Re: win32:relevantAA
« Reply #3 on: June 30, 2013, 09:09:12 PM »
Thanks for your help..here is the log first from AdwCleaner:

# AdwCleaner v2.303 - Logfile created 06/30/2013 at 15:03:59
# Updated 08/06/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : James-Admin - JAMES-HP
# Boot Mode : Normal
# Running from : C:\Users\James\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\James-Admin\AppData\Roaming\OpenCandy

***** [Registry] *****

Key Found : HKCU\Software\SmartBar
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}
Key Found : HKLM\Software\Classes\Installer\Features\90C64EA18BA25EE488BF80DCF07F2FFD
Key Found : HKLM\Software\Classes\Installer\Products\90C64EA18BA25EE488BF80DCF07F2FFD
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}
Key Found : HKU\S-1-5-21-1089338662-2046710004-379936597-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKU\S-1-5-21-1089338662-2046710004-379936597-1000\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKU\S-1-5-21-1089338662-2046710004-379936597-1000\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}
Key Found : HKU\S-1-5-21-1089338662-2046710004-379936597-1003\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Key Found : HKU\S-1-5-21-1089338662-2046710004-379936597-1003\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Key Found : HKU\S-1-5-21-1089338662-2046710004-379936597-1003\Software\Microsoft\Internet Explorer\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Registry is clean.

-\\ Mozilla Firefox v22.0 (en-US)

File : C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\6jhjchst.default-1369530616764\prefs.js

[OK] File is clean.

File : C:\Users\James-Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7wu66xzx.default\prefs.js

Found : user_pref("extensions.helperbar.SmartbarDisabled", false);
Found : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);

-\\ Google Chrome v [Unable to get version]

File : C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\James-Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [3960 octets] - [30/06/2013 15:03:59]

########## EOF - \AdwCleaner[R1].txt - [4020 octets] ##########

Offline Jimmy9190

  • Newbie
  • *
  • Posts: 18
Re: win32:relevantAA
« Reply #4 on: June 30, 2013, 09:26:22 PM »
I did the delete function from adwcleaner, it said it would show a log file after reboot, it never showed the log, not even after I did the delete function again and rebooted a second time. Thanks again for your help on this.

Jimmy

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37612
  • Not a avast user
Re: win32:relevantAA
« Reply #5 on: June 30, 2013, 10:42:36 PM »
I did the delete function from adwcleaner, it said it would show a log file after reboot, it never showed the log, not even after I did the delete function again and rebooted a second time. Thanks again for your help on this.

Jimmy
run AdwCleaner again...and click search
if all the crap files listed in the first log you posted is not there, then they was deleted when you clicked delete

meaning your browser should be clear of any crap toolbars and files

if you want a thorough check, you can attach a OTL diagnostic log...
you find it in the same guide.... then a removal expert will check it for any leftovers

OTL log must be attached....not copy and paste





« Last Edit: June 30, 2013, 10:46:45 PM by Pondus »

Offline Jimmy9190

  • Newbie
  • *
  • Posts: 18
Re: win32:relevantAA
« Reply #6 on: July 01, 2013, 03:17:20 AM »
Thanks again for your help here. I believe my system is doing OK. I did the search one more time and here is the log:

# AdwCleaner v2.303 - Logfile created 06/30/2013 at 21:15:00
# Updated 08/06/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : James-Admin - JAMES-HP
# Boot Mode : Normal
# Running from : C:\Users\James\Downloads\adwcleaner(2).exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Internet Browsers] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Registry is clean.

-\\ Mozilla Firefox v22.0 (en-US)

File : C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\6jhjchst.default-1369530616764\prefs.js

[OK] File is clean.

File : C:\Users\James-Admin\AppData\Roaming\Mozilla\Firefox\Profiles\7wu66xzx.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v [Unable to get version]

File : C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

File : C:\Users\James-Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [4071 octets] - [30/06/2013 15:03:59]
AdwCleaner[R2].txt - [4190 octets] - [30/06/2013 15:06:46]
AdwCleaner[R3].txt - [1199 octets] - [30/06/2013 21:15:00]
AdwCleaner[S1].txt - [326 octets] - [30/06/2013 15:05:27]
AdwCleaner[S2].txt - [3844 octets] - [30/06/2013 15:06:58]
AdwCleaner[S3].txt - [1445 octets] - [30/06/2013 15:15:01]

########## EOF - C:\AdwCleaner[R3].txt - [1438 octets] ##########

Looks good to me, thanks very much for helping me with this.

Jimmy

Offline Jimmy9190

  • Newbie
  • *
  • Posts: 18
Re: win32:relevantAA
« Reply #7 on: July 01, 2013, 04:49:32 AM »
I did one more scan with Avast, no viruses or PUP's were found. I do appreciate your help.

Jimmy