Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Malware cleanup

27 Aug 2014   #1
PSCO2007

Windows 7 Professional X64
 
 
Malware cleanup

Quote   Quote: Originally Posted by andrew129260 View Post
Yes it is an advanced tool, meant for someone to look at the log. Not just for anyone to install. Sorry If I did not make that clear at all. That was my fault. That does sound like a lot of items though, if you want I suggest creating a new thread and posting your log so I can take a look.
I had uninstalled the program yesterday and reinstalled it.

This scan took about 10 minutes and then said "failed" after finding 27 processes.

I ran it agin, but don't see a way to save a log.

It said 17 processes, but this is all I see.

I've included a pic.




Attached Images
Malware cleanup-herd-pic.png 
My System SpecsSystem Spec
.
27 Aug 2014   #2
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Let's see what AdwCleaner picks up ...


Download AdwCleaner by Xplode and save to your Desktop.



Step 1.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Step 2.
Using AdwCleaner v3: Scan & Clean:
This time click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
Copy and paste the contents of that logfile in your next reply.
A copy of that logfile will also be saved in the C:\AdwCleaner folder


******Post both .txt logs
My System SpecsSystem Spec
27 Aug 2014   #3
PSCO2007

Windows 7 Professional X64
 
 

# AdwCleaner v3.308 - Report created 27/08/2014 at 20:51:43
# Updated 20/08/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : PAUL 91512 - PAUL91512-PC
# Running from : C:\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
File Found : C:\Users\PAUL 91512\AppData\Roaming\Mozilla\Firefox\Profiles\ygxmtbyr.default\user.js
File Found : C:\Users\PAUL 91512-2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage
File Found : C:\Users\PAUL 91512-2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal
File Found : C:\Users\PAUL 91512-2\AppData\Roaming\Mozilla\Firefox\Profiles\ygxmtbyr.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
File Found : C:\Users\Public\Desktop\Open It!.lnk
Folder Found : C:\EZDownloader
Folder Found : C:\open it!
Folder Found : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found : C:\Program Files (x86)\fileopenerpro
Folder Found : C:\Program Files (x86)\NCH Software
Folder Found : C:\Program Files (x86)\openit
Folder Found : C:\Program Files (x86)\Ss-Helper
Folder Found : C:\Program Files (x86)\surf. and keepp
Folder Found : C:\Program Files\PC Optimizer Pro
Folder Found : C:\ProgramData\AVG SafeGuard toolbar
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\ProgramData\DeowNlooad keeper
Folder Found : C:\ProgramData\DownLiooaD keeeopeer
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\open it!
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Converter
Folder Found : C:\ProgramData\NCH Software
Folder Found : C:\ProgramData\QuickSet
Folder Found : C:\ProgramData\ssaafe saave
Folder Found : C:\ProgramData\surf. and keepp
Folder Found : C:\ProgramData\WinterSoft
Folder Found : C:\Users\PAUL 91512\AppData\Local\eSupport.com
Folder Found : C:\Users\PAUL 91512\AppData\Local\visi_coupon
Folder Found : C:\Users\PAUL 91512\AppData\LocalLow\AVG SafeGuard toolbar
Folder Found : C:\Users\PAUL 91512\AppData\Roaming\DSite
Folder Found : C:\Users\PAUL 91512\AppData\Roaming\Mozilla\Firefox\Profiles\ygxmtbyr.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Found : C:\Users\PAUL 91512\AppData\Roaming\Mozilla\Firefox\Profiles\ygxmtbyr.default\Extensions\iueeo6-x@yyoaviwbrkgoua.org
Folder Found : C:\Users\PAUL 91512\AppData\Roaming\NCH Software
Folder Found : C:\Users\PAUL 91512\AppData\Roaming\SendSpace
Folder Found : C:\Users\PAUL 91512-2\AppData\Local\AVG SafeGuard toolbar
Folder Found : C:\Users\PAUL 91512-2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf
Folder Found : C:\Users\PAUL 91512-2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
Folder Found : C:\Users\PAUL 91512-2\AppData\Local\visi_coupon
Folder Found : C:\Users\PAUL 91512-2\AppData\Roaming\Mozilla\Firefox\Profiles\ygxmtbyr.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Found : C:\Users\PAUL 91512-2\AppData\Roaming\NCH Software
Folder Found : C:\Video Converter

***** [ Scheduled Tasks ] *****

Task Found : Driver Booster Update
Task Found : DSite

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\Classes\pokki
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\dsiteproducts
Key Found : HKCU\Software\Headlight
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\pc optimizer pro
Key Found : HKCU\Software\RegisteredApplicationsEx
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\tuguu sl
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\dsiteproducts
Key Found : [x64] HKCU\Software\Headlight
Key Found : [x64] HKCU\Software\IM
Key Found : [x64] HKCU\Software\InstallCore
Key Found : [x64] HKCU\Software\pc optimizer pro
Key Found : [x64] HKCU\Software\RegisteredApplicationsEx
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\tuguu sl
Key Found : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Found : HKLM\SOFTWARE\Classes\and
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Classes\Installer\Features\0C776EBEBCBCFBE408892EE7B12517FC
Key Found : HKLM\SOFTWARE\Classes\Installer\Products\0C776EBEBCBCFBE408892EE7B12517FC
Key Found : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\surf
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_dvd43_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_dvd43_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_faststone-capture_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_faststone-capture_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_photoscape_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_photoscape_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\openit open it!
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_289822ec
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_f5d3e0aa
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\SOFTWARE\SP Global
Key Found : HKLM\SOFTWARE\SProtector
Key Found : HKLM\SOFTWARE\Uniblue
Key Found : HKLM\SOFTWARE\Uniblue\DriverScanner
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Found : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9 D0
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0C776EBEBCBCFBE408892EE7B12517FC
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0C776EBEBCBCFBE408892EE7B12517FC
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239


-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Users\PAUL 91512\AppData\Roaming\Mozilla\Firefox\Profiles\ygxmtbyr.default\prefs.js ]

Line Found : user_pref("aol_toolbar.default.homepage.check", false);
Line Found : user_pref("aol_toolbar.default.search.check", false);
Line Found : user_pref("extensions.4smM.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self.location.protocol.indexOf('hxxp')>-1 && window.self==window.top && ![...]
Line Found : user_pref("extensions.CIT3457.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if (window.self.location.protocol.indexOf('hxxp') > -1 && window.self == window.[...]
Line Found : user_pref("extensions.CyyMSyQV5.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if (window.self.location.protocol.indexOf('hxxp') > -1 && window.self == windo[...]
Line Found : user_pref("extensions.QjhJX1.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self==window.top){var script=document.createElement('script');script.ty[...]
Line Found : user_pref("extentions.webcake.defaultEnableAppsList", "layers,brain/features,newOffers/wc");
Line Found : user_pref("extentions.webcake.installId", "5440dce4-9e54-4f4d-ac9f-3e0b9cb4eed9");
Line Found : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1371083307628");
Line Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Line Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Line Found : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Line Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Line Found : user_pref("sweetim.toolbar.searchguard.enable", "");
Line Found : user_pref("{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocationType=tb50-ff-aolsoftonic[...]
Line Found : user_pref("{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}.ScriptData_product_name", "Updater By SweetPacks");

[ File : C:\Users\PAUL 91512-2\AppData\Roaming\Mozilla\Firefox\Profiles\ygxmtbyr.default\prefs.js ]

Line Found : user_pref("browser.search.defaultenginename", "AVG Secure Search");

-\\ Google Chrome v37.0.2062.94

[ File : C:\Users\PAUL 91512\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Found [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Found [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Found [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Found [Search Provider] : hxxp://www.shop.arbroinc.com/searchquick-submit.sc?keywords={searchTerms}
Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Found [Search Provider] : hxxp://www.vidohe.com/video-search-results.php?q={searchTerms}&cx=005536796155304041479%3Ahbixpuuu7l8&cof=FORID%3A11&from=os-family

[ File : C:\Users\PAUL 91512-2\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Found [Extension] : bpegkgagfojjbcpkihigfmkojdmmimdf
Found [Extension] : ejpbbhjlbipncjklfjjaedaieimbmdda
Found [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Found [Extension] : jbolfgndggfhhpbnkgnpjkfhinclbigj
Found [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Found [Extension] : kincjchfokkeneeofpeefomkikfkiedl

*************************

AdwCleaner[R0].txt - [16488 octets] - [27/08/2014 20:51:43]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [16549 octets] ##########

Ran the cleaner as well.
My System SpecsSystem Spec
.

27 Aug 2014   #4
PSCO2007

Windows 7 Professional X64
 
 

Tried to send the cleaning file - said too long.

I tried to send it in a Zip file - does not attach.
My System SpecsSystem Spec
27 Aug 2014   #5
PSCO2007

Windows 7 Professional X64
 
 

# AdwCleaner v3.308 - Report created 27/08/2014 at 20:54:46
# Updated 20/08/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : PAUL 91512 - PAUL91512-PC
# Running from : C:\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\EZDownloader
Folder Deleted : C:\open it!
Folder Deleted : C:\Video Converter
Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\ProgramData\QuickSet
Folder Deleted : C:\ProgramData\WinterSoft
Folder Deleted : C:\ProgramData\DeowNlooad keeper
Folder Deleted : C:\ProgramData\DownLiooaD keeeopeer
Folder Deleted : C:\ProgramData\ssaafe saave
Folder Deleted : C:\ProgramData\surf. and keepp
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\open it!
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Video Converter
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\fileopenerpro
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\Program Files (x86)\openit
Folder Deleted : C:\Program Files (x86)\Ss-Helper
Folder Deleted : C:\Program Files (x86)\surf. and keepp
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Program Files\PC Optimizer Pro
Folder Deleted : C:\Users\PAUL 91512\AppData\Local\eSupport.com
Folder Deleted : C:\Users\PAUL 91512\AppData\Local\visi_coupon
Folder Deleted : C:\Users\PAUL 91512\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\PAUL 91512\AppData\Roaming\DSite
Folder Deleted : C:\Users\PAUL 91512\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\PAUL 91512\AppData\Roaming\SendSpace
Folder Deleted : C:\Users\PAUL 91512-2\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\PAUL 91512-2\AppData\Local\visi_coupon
Folder Deleted : C:\Users\PAUL 91512-2\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\PAUL 91512\AppData\Roaming\Mozilla\Firefox\Profiles\ygxmtbyr.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Deleted : C:\Users\PAUL 91512-2\AppData\Roaming\Mozilla\Firefox\Profiles\ygxmtbyr.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Folder Deleted : C:\Users\PAUL 91512\AppData\Roaming\Mozilla\Firefox\Profiles\ygxmtbyr.default\Extensions\iueeo6-x@yyoaviwbrkgoua.org
Folder Deleted : C:\Users\PAUL 91512-2\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf
Folder Deleted : C:\Users\PAUL 91512-2\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj
File Deleted : C:\Users\PAUL 91512-2\AppData\Roaming\Mozilla\Firefox\Profiles\ygxmtbyr.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
File Deleted : C:\Users\Public\Desktop\Open It!.lnk
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\avg-secure-search.xml
File Deleted : C:\Users\PAUL 91512\AppData\Roaming\Mozilla\Firefox\Profiles\ygxmtbyr.default\user.js
File Deleted : C:\Users\PAUL 91512-2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage
File Deleted : C:\Users\PAUL 91512-2\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_facebook.conduitapps.com_0.localstorage-journal

***** [ Scheduled Tasks ] *****

Task Deleted : Driver Booster Update
Task Deleted : DSite

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKLM\SOFTWARE\Classes\and
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\surf
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_289822ec
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_f5d3e0aa
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_dvd43_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_dvd43_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_faststone-capture_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_faststone-capture_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_photoscape_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_photoscape_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1663C10B-0D55-438D-8496-19A3DBAEC0E4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\Headlight
Key Deleted : HKCU\Software\IM
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\pc optimizer pro
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\tuguu sl
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\SP Global
Key Deleted : HKLM\SOFTWARE\SProtector
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\openit open it!
Key Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbar
Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\0C776EBEBCBCFBE408892EE7B12517FC
Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\0C776EBEBCBCFBE408892EE7B12517FC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0C776EBEBCBCFBE408892EE7B12517FC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\0C776EBEBCBCFBE408892EE7B12517FC
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9 D0

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17239


-\\ Mozilla Firefox v31.0 (x86 en-US)

[ File : C:\Users\PAUL 91512\AppData\Roaming\Mozilla\Firefox\Profiles\ygxmtbyr.default\prefs.js ]

Line Deleted : user_pref("aol_toolbar.default.homepage.check", false);
Line Deleted : user_pref("aol_toolbar.default.search.check", false);
Line Deleted : user_pref("extensions.4smM.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self.location.protocol.indexOf('hxxp')>-1 && window.self==window.top && ![...]
Line Deleted : user_pref("extensions.CIT3457.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if (window.self.location.protocol.indexOf('hxxp') > -1 && window.self == window.[...]
Line Deleted : user_pref("extensions.CyyMSyQV5.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if (window.self.location.protocol.indexOf('hxxp') > -1 && window.self == windo[...]
Line Deleted : user_pref("extensions.QjhJX1.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self==window.top){var script=document.createElement('script');script.ty[...]
Line Deleted : user_pref("extentions.webcake.defaultEnableAppsList", "layers,brain/features,newOffers/wc");
Line Deleted : user_pref("extentions.webcake.installId", "5440dce4-9e54-4f4d-ac9f-3e0b9cb4eed9");
Line Deleted : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1371083307628");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "");
Line Deleted : user_pref("{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocationType=tb50-ff-aolsoftonic[...]
Line Deleted : user_pref("{7D4F1959-3F72-49d5-8E59-F02F8AA6815D}.ScriptData_product_name", "Updater By SweetPacks");

[ File : C:\Users\PAUL 91512-2\AppData\Roaming\Mozilla\Firefox\Profiles\ygxmtbyr.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");

-\\ Google Chrome v37.0.2062.94

[ File : C:\Users\PAUL 91512\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
Deleted [Search Provider] : hxxp://www.shop.arbroinc.com/searchquick-submit.sc?keywords={searchTerms}
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
Deleted [Search Provider] : hxxp://www.vidohe.com/video-search-results.php?q={searchTerms}&cx=005536796155304041479%3Ahbixpuuu7l8&cof=FORID%3A11&from=os-family

[ File : C:\Users\PAUL 91512-2\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Extension] : bpegkgagfojjbcpkihigfmkojdmmimdf
Deleted [Extension] : ejpbbhjlbipncjklfjjaedaieimbmdda
Deleted [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Deleted [Extension] : jbolfgndggfhhpbnkgnpjkfhinclbigj
Deleted [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Deleted [Extension] : kincjchfokkeneeofpeefomkikfkiedl

*************************

AdwCleaner[R0].txt - [16722 octets] - [27/08/2014 20:51:43]
AdwCleaner[S0].txt - [16339 octets] - [27/08/2014 20:54:46]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16400 octets] ##########
My System SpecsSystem Spec
28 Aug 2014   #6
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Good PSCO ... now download TFC by Old Timer TFC - Temp File Cleaner by OldTimer - Geeks to Go Forum and save it to your desktop.
Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe to run it. If you are using Vista/Windows 7 right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.

Important! Manually reboot the machine to ensure a complete clean.


After cleaning all temps using TFC, see if Herdprotect is still flagging 27 things.
My System SpecsSystem Spec
28 Aug 2014   #7
PSCO2007

Windows 7 Professional X64
 
 

Hi,

I had a hard time finding this thread- the email sent me to the old one and I guess you moved this thread.

Here are the results after following your instructions and rerunning Herdprotect:

I don't see a way to to see the log - If I go to the folder, it just has the logs from yesterday.

I've not removed anything yet.

I also noticed that my C drive is now 9gbs less, even though I didn't do anything.

My PC is also running quite a bit faster - had no idea that so much garbage was slowing it down.!


Attached Images
Malware cleanup-herd-pic-1-8-28-14.png Malware cleanup-herd-pic-2-8-28-14.png Malware cleanup-herd-pic-3-8-28-14.png Malware cleanup-herd-pic-4-8-28-14.png Malware cleanup-herd-pic-5-8-28-14.png Malware cleanup-herd-pic-6-8-28-14.png 
My System SpecsSystem Spec
29 Aug 2014   #8
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

Please do this next ..


Remove/Uninstall AdwCleaner:
Double click on AdwCleaner.exe to run the tool again. Click on the Uninstall button.
Click Yes when asked are you sure you want to uninstall.
Both AdwCleaner.exe, its folder and all logs will be removed.


This cleaner is continually being updated, so if you need it again, you'll need to redownload it.


Keep TFC and use it!
My System SpecsSystem Spec
29 Aug 2014   #9
PSCO2007

Windows 7 Professional X64
 
 

What about the processes that Herd found - I didn't delete anything.
My System SpecsSystem Spec
29 Aug 2014   #10
Jacee
Microsoft MVP

Windows 7 Ultimate 32bit SP1
 
 

I don't use Herdprotect (it mostly found 'unsigned files').... let's see what Eset finds.


I'd like you to scan your machine with ESET OnlineScan
  1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  2. Click the button.
  3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    1. Click on to download the ESET Smart Installer. Save it to your desktop.
    2. Double click on the icon on your desktop.
  4. Check
  5. Click the button.
  6. Accept any security warnings from your browser.
  7. Check
  8. Push the Start button.
  9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  10. When the scan completes, push
  11. Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  12. Push the button.
  13. Push
My System SpecsSystem Spec
Reply

 Malware cleanup




Thread Tools Search this Thread
Search this Thread:

Advanced Search




Similar help and support threads
Thread Forum
Changing File Decription for link to Malware Bytes Anti-Malware
Have been using Win 7 Ultimate x64 for quite a while but tonight ran into a small problem. I like to keep the titles for links very short and want to rename "Malwarebytes Anti-Malware" (I am a registered, paid user) to simply "Malwarebytes". I am listed as an Administrator and I used LockHunter to...
System Security
Win7 almost loads desktop (after malware cleanup)
My friend brings me his Win7Pro laptop with some newish variant of the Ukash malware (Trojan.Winlock). System Restore didn't work, so I used the Admin account to run Malwarebytes scan which helped. His usual login account (Fred) has admin privs, but just before it should load the desktop, it...
System Security
Malware Removal Guide 2011: How to Get Rid of All The Latest Malware
Read more at: Maximum PC | Malware Removal Guide 2011: How to Get Rid of All The Latest Malware
Security Basics


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 12:22.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App