Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: System restore keeps switching off

04 Feb 2014   #21
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

Ok, Mbam reported three Potentially Unwanted Programs (PUP). That's not bad, but you probably want to do a thorugh check. Hopefully Mbam took care of them, but others might be lurking.

These things usually come from SW installs where the author or site has bundled the SW with other things to promote their site or generate ad revenue. Most are legit and can be uninstalled through normal channels. Some cannot be uninstalled that way.

The best install advice is to click on custom (instead of auto or express) and pay attention to during and after the install. Remove any check marks from extraneous software offered by the install (sometimes tis isn't offered until you're about to hit finish - the extra software is ticked and you hit the finish button). Everybody does it, I miss it sometimes because the offer is small or situated in a "blind spot" on the window.

Anyway.....

Let's see what other scanners tell you.

AdwCleaner is a two step process. Scan then Clean

Step 1: Download and Scan

Click here to download AdwCleaner (author: Xplode)
>> save the application to your Desktop.
  • Double click on AdwCleaner.exe on your Desktop to run the scanner.
    Right-click and select Run As Administrator.
    AdwCleaner is a standalone executable, there is no install.

  • Click on the Scan button.
    >> AdwCleaner begins scanning your system. It might take some time to complete, be patient

  • When the scan has finished, click on the Report button
    >> the AdwCleaner log: AdwCleaner[R#].txt is opened in your default Text editor.
    [R#] gets incremented every time you run AdwCleaner - the highest number is the most recent.

  • Look through the log for any recognizable entries - don't worry about other details in the log.
    i.e. I use Textpad on my system and AdwCleaner flags it as a possilbe threat because I configured Textpad to replace Notepad. AdwCleaner says "Hey, that's not quite right - you should take a look a this - did you make this change"

  • Paste the entire AdwCleaner log in your next post.
    AdwCleaner logs are located in the C:\AdwCleaner folder if you need to reference them again.



My System SpecsSystem Spec
.
05 Feb 2014   #22
k0065126

Microsoft Windows 7 Professional 64-bit 7601 Multiprocessor Free Service Pack 1
 
 

Thanks,

I ran MSE to do a full check with no problems showing and ran Mbam again doing a full check and this is the report :-

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.04.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16476
Viv :: VIV-ASUSPC [administrator]

04/02/2014 22:47:18
mbam-log-2014-02-04 (22-47-18).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 638437
Time elapsed: 52 minute(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 1
HKCR\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1} (PUP.Optional.Conduit) -> No action taken.

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll (PUP.Optional.Conduit) -> No action taken.
D:\Software Backup\BBC iPlayer programs\YouTube_mp3_converter\YTDSetup.exe (PUP.Optional.Spigot.A) -> No action taken.

(end)

Yes, I do try to be careful when installing software, especially 'free' programs, in case they try to sneak something I don't want on to my computer, but sometimes I forget. I will try to remember to use the custom install option in future.

I will do another post with the results from Adwcleaner.

Viv
My System SpecsSystem Spec
05 Feb 2014   #23
k0065126

Microsoft Windows 7 Professional 64-bit 7601 Multiprocessor Free Service Pack 1
 
 

I am not sure why you suggested running AdwCleaner twice, once by double click and the second time as administrator. In fact the same results are obtained by the two methods. I do not recognise most of the entries in the Files/Folders section, and there seem to be a lot in the Firefox section relating to funmoods which I probably could do without as I think that they were installed without my sanctioning them. It is impossible to decide on the registry entries as there are few clues as to what they do, so I should probably leave well alone.

Results from Adwcleaner :-
# AdwCleaner v3.018 - Report created 05/02/2014 at 08:25:37
# Updated 28/01/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Viv - VIV-ASUSPC
# Running from : C:\Users\Viv\Desktop\AdwCleaner.exe
# Option : Scan
***** [ Services ] *****
 
***** [ Files / Folders ] *****
File Found : C:\Users\Viv\AppData\Roaming\Mozilla\Firefox\Profiles\nbnr5uos.default\invalidprefs.js
File Found : C:\Users\Viv\AppData\Roaming\Mozilla\Firefox\Profiles\nbnr5uos.default\searchplugins\funmoods.xml
File Found : C:\Users\Viv\AppData\Roaming\Mozilla\Firefox\Profiles\nbnr5uos.default\user.js
Folder Found C:\Program Files (x86)\Conduit
Folder Found C:\Program Files (x86)\myfree codec
Folder Found C:\ProgramData\apn
Folder Found C:\ProgramData\Tarma Installer
Folder Found C:\Users\Viv\AppData\Local\Conduit
Folder Found C:\Users\Viv\AppData\Local\PackageAware
Folder Found C:\Users\Viv\AppData\Local\Zoom_Downloader
Folder Found C:\Users\Viv\AppData\LocalLow\Conduit
Folder Found C:\Users\Viv\AppData\LocalLow\PriceGong
Folder Found C:\Users\Viv\AppData\LocalLow\Toolbar4
Folder Found C:\Users\Viv\AppData\Roaming\Babylon
Folder Found C:\Users\Viv\AppData\Roaming\Common\LuaRT
Folder Found C:\Users\Viv\AppData\Roaming\DataMgr
Folder Found C:\Users\Viv\AppData\Roaming\fbDownloader
Folder Found C:\Users\Viv\AppData\Roaming\Intermediate
Folder Found C:\Users\Viv\AppData\Roaming\SCheck
Folder Found C:\Users\Viv\AppData\Roaming\SSync
***** [ Shortcuts ] *****
 
***** [ Registry ] *****
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Software\smartbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5812E8F-0E16-4C65-88F7-492D36174CB2}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKCU\Software\PIP
Key Found : HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\PIP
Key Found : [x64] HKCU\Software\Softonic
Key Found : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Found : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\TBSB03150.IEToolbar
Key Found : HKLM\SOFTWARE\Classes\TBSB03150.IEToolbar.1
Key Found : HKLM\SOFTWARE\Classes\TBSB03150.TBSB03150
Key Found : HKLM\SOFTWARE\Classes\TBSB03150.TBSB03150.3
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2704262
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2737658
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB03150
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB03150
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB03150.1
Key Found : HKLM\SOFTWARE\Classes\Toolbar3.TBSB03150.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Key Found : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\InstallIQ
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_unlocker_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_unlocker_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Key Found : HKLM\Software\PIP
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CA3EB689-8F09-4026-AA10-B9534C691CE0}]
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.16428
 
-\\ Mozilla Firefox v26.0 (en-GB)
[ File : C:\Users\Viv\AppData\Roaming\Mozilla\Firefox\Profiles\nbnr5uos.default\prefs.js ]
Line Found : user_pref("CT2704262_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1356525098993,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Found : user_pref("CT2737658_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1356120159269,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Found : user_pref("extensions.funmoods.aflt", "iron2");
Line Found : user_pref("extensions.funmoods.autoRvrt", false);
Line Found : user_pref("extensions.funmoods.brwsrsrc", "ietlbr");
Line Found : user_pref("extensions.funmoods.cntry", "GB");
Line Found : user_pref("extensions.funmoods.cv", "cv5");
Line Found : user_pref("extensions.funmoods.dfltLng", "");
Line Found : user_pref("extensions.funmoods.dfltSrch", true);
Line Found : user_pref("extensions.funmoods.dfltlng", "en");
Line Found : user_pref("extensions.funmoods.dfltsrch", "false");
Line Found : user_pref("extensions.funmoods.dnsErr", true);
Line Found : user_pref("extensions.funmoods.envrmnt", "production");
Line Found : user_pref("extensions.funmoods.excTlbr", false);
Line Found : user_pref("extensions.funmoods.hdrMd5", "2AA82D3926F585311B57DD6203BCC425");
Line Found : user_pref("extensions.funmoods.hmpg", true);
Line Found : user_pref("extensions.funmoods.hmpgUrl", "hxxp://searchfunmoods.com/?f=1&a=iron2&ir=iron2&cd=2XzuyEtN2Y1L1QzutAtDzzyD0Azyzz0E0ByEyEtBtD0B0C0EtN0D0Tzu0CtAyCtCtN1L2XzutBt FtBtFtCtFyEtDyB&cr=948980012");
Line Found : user_pref("extensions.funmoods.hrdid", "3085A98EB4420BCE");
Line Found : user_pref("extensions.funmoods.id", "3085A98EB4420BCE");
Line Found : user_pref("extensions.funmoods.instlDay", "15700");
Line Found : user_pref("extensions.funmoods.instlRef", "iron2");
Line Found : user_pref("extensions.funmoods.instlday", "15700");
Line Found : user_pref("extensions.funmoods.instlref", "iron2");
Line Found : user_pref("extensions.funmoods.isdcmntcmplt", true);
Line Found : user_pref("extensions.funmoods.keywordurl", "");
Line Found : user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2212:17:32");
Line Found : user_pref("extensions.funmoods.mntrvrsn", "1.3.0");
Line Found : user_pref("extensions.funmoods.newTab", true);
Line Found : user_pref("extensions.funmoods.newTabUrl", "hxxp://searchfunmoods.com/?f=2&a=iron2&ir=iron2&cd=2XzuyEtN2Y1L1QzutAtDzzyD0Azyzz0E0ByEyEtBtD0B0C0EtN0D0Tzu0CtAyCtCtN1L2XzutBt FtBtFtCtFyEtDyB&cr=948980012")[...]
Line Found : user_pref("extensions.funmoods.newtab", true);
Line Found : user_pref("extensions.funmoods.newtaburl", "hxxp://searchfunmoods.com/?f=2&a=iron2&ir=iron2&cd=2XzuyEtN2Y1L1QzutAtDzzyD0Azyzz0E0ByEyEtBtD0B0C0EtN0D0Tzu0CtAyCtCtN1L2XzutBt FtBtFtCtFyEtDyB&cr=948980012")[...]
Line Found : user_pref("extensions.funmoods.prdct", "funmoods");
Line Found : user_pref("extensions.funmoods.prtnrId", "funmoods");
Line Found : user_pref("extensions.funmoods.prtnrid", "funmoods");
Line Found : user_pref("extensions.funmoods.savedVrsnTs", "1");
Line Found : user_pref("extensions.funmoods.sg", "none");
Line Found : user_pref("extensions.funmoods.smplGrp", "none");
Line Found : user_pref("extensions.funmoods.smplgrp", "none");
Line Found : user_pref("extensions.funmoods.srch", "");
Line Found : user_pref("extensions.funmoods.srchPrvdr", "Funmoods");
Line Found : user_pref("extensions.funmoods.srchprvdr", "Funmoods");
Line Found : user_pref("extensions.funmoods.tlbrId", "base");
Line Found : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://searchfunmoods.com/?f=3&a=iron2&ir=iron2&cd=2XzuyEtN2Y1L1QzutAtDzzyD0Azyzz0E0ByEyEtBtD0B0C0EtN0D0Tzu0CtAyCtCtN1L2XzutBt FtBtFtCtFyEtDyB&cr=948980012[...]
Line Found : user_pref("extensions.funmoods.tlbrid", "base");
Line Found : user_pref("extensions.funmoods.tlbrsrchurl", "hxxp://searchfunmoods.com/?f=3&a=iron2&ir=iron2&cd=2XzuyEtN2Y1L1QzutAtDzzyD0Azyzz0E0ByEyEtBtD0B0C0EtN0D0Tzu0CtAyCtCtN1L2XzutBt FtBtFtCtFyEtDyB&cr=948980012[...]
Line Found : user_pref("extensions.funmoods.vrsn", "1.5.23.22");
Line Found : user_pref("extensions.funmoods.vrsnTs", "1.5.23.2212:17:32");
Line Found : user_pref("extensions.funmoods.vrsni", "1.5.23.22");
Line Found : user_pref("extensions.funmoods.vrsnts", "1.5.23.2212:17:32");
Line Found : user_pref("extensions.funmoods_i.newTab", true);
Line Found : user_pref("extensions.funmoods_i.smplGrp", "none");
Line Found : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2212:17:32");
-\\ Google Chrome v32.0.1700.107
[ File : C:\Users\Viv\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
*************************
AdwCleaner[R0].txt - [18252 octets] - [05/02/2014 08:21:16]
AdwCleaner[R1].txt - [17991 octets] - [05/02/2014 08:25:37]
########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [18052 octets] ##########

Viv
My System SpecsSystem Spec
.

09 Feb 2014   #24
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

Quote   Quote: Originally Posted by k0065126 View Post
I am not sure why you suggested running AdwCleaner twice, once by double click and the second time as administrator.
Viv
Sorry viv,

The dbl click was a carry over text editing error - run as should have been the only one.

Let me look through the log and see what I can see.

There will be a 2nd AdwCleaner run - but that one is intentional - it is the clean cycle.

I'll post instructions after reading the first log(s)

Bill
.
My System SpecsSystem Spec
09 Feb 2014   #25
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

All right, it's a bit messy and will probably require more utilities to really cleanse your system, but let's let AdwCleaner do it's clean step.


AdwCleaner Step 2: Scan and Clean
  • Right-click AdwCleaner.exe whre you originally saved it and select Run As Administrator.

  • Click on the Scan button.
    >> AdwCleaner begins scanning your system. It might take some time to complete.

  • After the scan has finished... click on the Clean button.
    • Answer OK to the "close all programs" prompt, then follow the onscreen prompts.
    • Answer OK to the "restart the computer" prompt to complete the removal process.
      >> The AdwCleaner[S#].txt log is opened in your default Text editor when the machine has restarted.
      [R#] gets incremented every time you run AdwCleaner - the highest number is the most recent.
  • Paste the entire AdwCleaner log in your next post.
    AdwCleaner logs are located in the C:\AdwCleaner folder if you need to reference them again
My System SpecsSystem Spec
09 Feb 2014   #26
Slartybart

x64 (6.3.9600) Win8.1 Pro & soon dual boot x64 (6.1.7601) Win7_SP1 HomePrem
 
 

When you get the chance, please follow this tutorial to provide the current operating environment of your machine:
Speccy - Publish Snapshot of your System Specs

There are some files in the AdwCleaner log that make me think your machine needs a good look at what is installed in Pgms & Feats - not malware related, but perhaps unecessary utilties.

I'll know more when I see the Speccy report.

How is the system behaving with regards to System Protection / Restore Points?

Thanks,

Bill
.
My System SpecsSystem Spec
Reply

 System restore keeps switching off




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Allocated System Restore space holds far fewer restore points now
I have 8gb of space allocated to System Restore, all monitoring my C partition only. This space is always at least 85-90% used according to the System Protection screen. In the past I have had at least 15 restore points to choose from after ticking "show more restore points." But today I went to...
Backup and Restore
BSOD while switching back and forth from system user
I am going to give you a little back story first. Sorry for it being so long. I have a program I am creating that needs to run a service. I have been experiencing issues with it and found that turning on 'Allow service to interact with desktop' solves the issue. I know turning this on is not...
BSOD Help and Support
System Restore - Restore system settings and previous versions of file
estore system settings and previous versions of file is greyed out on my system, I may have disabled a required service for this, can anyone point me to the right direction for this? As I'm about to try the X-Fi MB2 mod again as the last time I tried it my system was messed up that it wont even...
Backup and Restore
Backup/Restore Questions (Apple user switching back to Windows)
Hi Guys, I have been a on a Windows hiatus and using Mac for some time now, but now I am switching back. I am little confused about the backup restore feature in Windows 7 Ultimate even after doing a search of this forum and Microsoft’s website. From my understanding a System Image pretty much...
Backup and Restore
Slower bootup after switching system locale?
Hi all, I normally have a quick splash/log-in sequence ever since my first installation of Win 7 until recently. Last night I switched system locale for the first time in order for me to read some garbled text and as I expected the splash and log-in took a while to load perhaps due to switching...
Performance & Maintenance


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd

All times are GMT -5. The time now is 09:14.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App