HerdProtect getting stopped by AVG

lpaigeg · 26 Jun 2014

Hi, I just downloaded and tried to run Herd Protect. Then AVG popped up with a security threat. The first time i clicked the "allow threat" The second and third time I clicked "remove threat." Then I turned off AVG in the task manager. But Herd Protect stayd stuck and the AVG window kept returning.

The screenshot shows the threat I created an exception for.

I apologize for not knowing what i'm doing. I have three questions:

How do I get HerdProtect to run?
How do I get rid of the Malware on my computer?
Why didn't AVG get rid of that stuff in the first place?

Jacee · 26 Jun 2014

Did you download it from here? Download herdProtect - Free Anti-Malware Platform

lpaigeg · 26 Jun 2014

Yes, I did. Downloaded it from a lin in another thread that seemed potentially related to my issues.

Jacee · 27 Jun 2014

Download DDS from one of these links:
DDS.com
DDS.pif

Disable any script blocking protection
Double click the dds icon to run the tool.
When done, DDS will open two (2) logs:
1. DDS.txt
2. Attach.txt <--- will be minimized in the task tray
Save both reports to your desktop.

Include the contents of both logs in your next post.

lpaigeg · 27 Jun 2014

Hi Jacee,
Here are the contents of the reports. THanK you in advance!!
Laurie

<<>><<>><<>><<>><<>><<>><<>><<>>

DDS
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: BrowserJavaVersion: 10.55.2
Run by rkl at 21:32:11 on 2014-06-27
Microsoft Windows 7 Starter 6.1.7600.0.1252.1.1033.18.1013.337 [GMT -4:00]
.
AV: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG AntiVirus Free Edition 2014 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ================
.
c:\PROGRA~1\AVG\AVG2014\avgrsx.exe
C:\Program Files\AVG\AVG2014\avgcsrvx.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2014\avgidsagent.exe
C:\Program Files\AVG\AVG2014\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Launch Manager\dsiwmis.exe
C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
C:\Program Files\Acer\Registration\GREGsvc.exe
C:\Program Files\Acer\Acer VCM\RS_Service.exe
C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Google\Update\1.3.24.15\GoogleCrashHandler.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\AVG\AVG2014\avgui.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\AVG\AVG2014\avgnsx.exe
C:\Program Files\AVG\AVG2014\avgemcx.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
C:\Windows\system32\SearchIndexer.exe
c:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [Acer ePower Management] c:\program files\acer\acer epower management\ePowerTray.exe
mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey
mRun: [AVG_UI] "c:\program files\avg\avg2014\avgui.exe" /TRAYONLY
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - c:\program files\paltalk messenger\Paltalk.exe
TCP: NameServer = 64.72.64.10 8.8.8.8
TCP: Interfaces\{2B169545-0321-4137-ACB4-A1CA7E59889C} : DHCPNameServer = 64.72.64.10 8.8.8.8
TCP: Interfaces\{2B169545-0321-4137-ACB4-A1CA7E59889C}\34347457563747 : DHCPNameServer = 136.244.1.1 136.244.1.2 8.8.8.8
TCP: Interfaces\{2B169545-0321-4137-ACB4-A1CA7E59889C}\35D616C6C644565627 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{2B169545-0321-4137-ACB4-A1CA7E59889C}\64964646C6568656164637D27457563747 : DHCPNameServer = 192.168.2.253
TCP: Interfaces\{2B169545-0321-4137-ACB4-A1CA7E59889C}\C41607964657D6028496C6C602641627D6 : DHCPNameServer = 10.1.10.1 75.75.76.76
TCP: Interfaces\{2B169545-0321-4137-ACB4-A1CA7E59889C}\D496E6E61672370286964656F65747 : DHCPNameServer = 10.0.1.1
TCP: Interfaces\{A81087B2-589B-456F-8D51-F5A5BADAE6F1} : DHCPNameServer = 192.168.0.1 192.168.0.1
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
Notify: igfxcui - igfxdev.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\35.0.1916.153\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2014-5-13 149784]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2014-5-13 237848]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2014-5-13 107288]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2014-5-13 27416]
R0 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2013-9-27 214696]
R1 Avgdiskx;AVG Disk Driver;c:\windows\system32\drivers\avgdiskx.sys [2014-5-13 122136]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2014-5-13 198936]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2014-5-13 21272]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2014-5-13 192280]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2014-5-13 210200]
R1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\drivers\mwlPSDFilter.sys [2009-6-2 18992]
R1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\drivers\mwlPSDNserv.sys [2009-6-2 16432]
R1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\drivers\mwlPSDVDisk.sys [2009-6-2 60976]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2014\avgidsagent.exe [2014-5-13 3644432]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2014\avgwdsvc.exe [2014-5-13 292424]
R2 cvhsvc;Client Virtualization Handler;c:\program files\common files\microsoft shared\virtualization handler\CVHSVC.EXE [2013-4-22 822504]
R2 DsiWMIService;Dritek WMI Service;c:\program files\launch manager\dsiwmis.exe [2010-11-26 321104]
R2 ePowerSvc;Acer ePower Service;c:\program files\acer\acer epower management\ePowerSvc.exe [2010-12-21 735776]
R2 GREGService;GREGService;c:\program files\acer\registration\GREGsvc.exe [2010-1-8 23584]
R2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\drivers\NisDrvWFP.sys [2013-6-18 104768]
R2 RS_Service;Raw Socket Service;c:\program files\acer\acer vcm\RS_Service.exe [2010-11-26 260640]
R2 sftlist;Application Virtualization Client;c:\program files\microsoft application virtualization client\sftlist.exe [2013-6-26 523944]
R2 Updater Service;Updater Service;c:\program files\acer\acer updater\UpdaterService.exe [2010-11-26 243232]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x86.sys [2010-11-26 68208]
R3 NETwNs32;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETwsn00.sys [2013-7-25 10382576]
R3 NisSrv;Microsoft Network Inspection;c:\program files\microsoft security client\NisSrv.exe [2013-10-23 280288]
R3 Sftfs;Sftfs;c:\windows\system32\drivers\Sftfslh.sys [2013-6-26 583848]
R3 Sftplay;Sftplay;c:\windows\system32\drivers\Sftplaylh.sys [2013-6-26 197800]
R3 Sftredir;Sftredir;c:\windows\system32\drivers\Sftredirlh.sys [2013-6-26 24232]
R3 Sftvol;Sftvol;c:\windows\system32\drivers\Sftvollh.sys [2013-6-26 20136]
R3 sftvsa;Application Virtualization Service Agent;c:\program files\microsoft application virtualization client\sftvsa.exe [2013-6-26 207528]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 EUCR;EUCR;c:\windows\system32\drivers\EUCR6SK.sys [2010-11-26 82768]
S3 MWLService;MyWinLocker Service;c:\program files\egistec mywinlocker\x86\MWLService.exe [2010-5-26 305520]
S3 NETw5s32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 32 Bit;c:\windows\system32\drivers\NETw5s32.sys [2010-11-26 6766080]
.
=============== Created Last 30 ================
.
2014-06-28 00:57:26 8140904 ----a-w- c:\programdata\microsoft\microsoft antimalware\definition updates\{cbe428b8-5687-4a43-b8f8-4521ea8a8015}\mpengine.dll
2014-06-26 15:14:43 -------- d-----w- c:\program files\Reason
2014-06-26 14:49:18 8140904 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\backup\mpengine.dll
2014-06-24 03:16:00 765968 ------w- c:\programdata\microsoft\microsoft antimalware\definition updates\{96d6491b-f4eb-4643-a1dd-d5de05b86820}\gapaengine.dll
2014-06-19 16:38:49 -------- d-----w- c:\users\rkl\appdata\local\Adobe
2014-06-05 22:48:52 -------- d-----w- c:\program files\CCleaner
2014-06-05 22:40:10 -------- d-----w- c:\users\rkl\appdata\roaming\rightbackup
2014-06-05 22:34:11 -------- d-----w- c:\users\rkl\appdata\roaming\systweak
2014-06-02 12:10:52 -------- d-----w- c:\windows\pss
2014-05-31 15:37:22 -------- d-----w- c:\users\rkl\appdata\roaming\Paltalk
2014-05-31 15:37:16 71344 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2014-05-31 15:37:16 699056 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2014-05-31 15:36:31 -------- d-----w- c:\program files\Paltalk Messenger
.
==================== Find3M ====================
.
2014-05-13 18:19:14 192280 ----a-w- c:\windows\system32\drivers\avgldx86.sys
2014-05-13 18:17:24 237848 ----a-w- c:\windows\system32\drivers\avglogx.sys
2014-05-13 18:17:22 210200 ----a-w- c:\windows\system32\drivers\avgtdix.sys
2014-05-13 18:17:22 122136 ----a-w- c:\windows\system32\drivers\avgdiskx.sys
2014-05-13 18:17:20 149784 ----a-w- c:\windows\system32\drivers\avgidshx.sys
2014-05-13 18:09:12 198936 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
2014-05-13 18:04:36 27416 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
2014-05-13 18:04:34 21272 ----a-w- c:\windows\system32\drivers\avgidsshimx.sys
2014-05-05 16:55:33 0 ----a-w- c:\windows\system32\shoADB.tmp
2014-04-21 02:38:21 0 ----a-w- c:\windows\system32\sho2AB5.tmp
2014-04-15 00:13:52 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
.
============= FINISH: 21:34:39.14 ===============

ATTACH
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Starter
Boot Device: \Device\HarddiskVolume2
Install Date: 2/14/2011 1:07:06 AM
System Uptime: 6/27/2014 8:44:34 PM (1 hours ago)
.
Motherboard: Acer | | JE02_PT
Processor: Intel(R) Atom(TM) CPU N455 @ 1.66GHz | CPU | 1666/667mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 220 GiB total, 183.748 GiB free.
.
==== Disabled Device Manager Items =============
.
==== System Restore Points ===================
.
RP180: 6/5/2014 6:58:53 PM - Removed Microsoft Silverlight
RP181: 6/6/2014 7:54:25 PM - Windows Update
RP182: 6/11/2014 8:17:45 AM - Windows Update
RP183: 6/14/2014 7:13:22 PM - Windows Update
RP184: 6/15/2014 3:45:35 PM - Removed Paint.NET v3.5.11
RP185: 6/18/2014 2:03:36 PM - Windows Update
RP186: 6/21/2014 5:36:18 PM - Windows Update
RP187: 6/24/2014 11:21:02 PM - Windows Update
.
==== Installed Programs ======================
.
Acer Crystal Eye webcam Ver:1.1.192.810
Acer ePower Management
Acer eRecovery Management
Acer Game Console
Acer Games
Acer Registration
Acer ScreenSaver
Acer System Information
Acer Updater
Acer VCM
Acrobat.com
Adobe AIR
Adobe Flash Player 13 ActiveX
Adobe Flash Player 14 Plugin
Adobe Reader 9.1 MUI
Adobe Shockwave Player 12.1
Apple Application Support
Apple Mobile Device Support
Apple Software Update
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
AVG 2014
Bing Rewards Client Installer
Blackhawk Striker 2
Bonjour
CCleaner
D3DX10
ENE USB Card Reader Driver
eSobi v2
Farm Frenzy
Final Drive Nitro
Google Chrome
Google Drive
Google Update Helper
herdProtect Anti-Malware Scanner
Identity Card
Intel(R) Graphics Media Accelerator Driver
Intel(R) Rapid Storage Technology
iTunes
Java 7 Update 55
Java Auto Updater
Jewel Quest Solitaire 2
Launch Manager
Microsoft .NET Framework 4 Client Profile
Microsoft Application Error Reporting
Microsoft Default Manager
Microsoft Office 2010
Microsoft Office Click-to-Run 2010
Microsoft Office Starter 2010 - English
Microsoft Security Client
Microsoft Security Essentials
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
MSVCRT
MyWinLocker
MyWinLocker Suite
Paltalk Messenger 11.4
Penguins!
Picasa 3
QuickTime 7
Realtek High Definition Audio Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Shredder
Skype™ 6.14
swMSM
Synaptics Pointing Device Driver
System Requirements Lab for Intel
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
Virtual Villagers 4 - The Tree of Life
Visual Studio 2012 x86 Redistributables
Welcome Center
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live Sync
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
.
==== Event Viewer Messages From Past Week ========
.
6/26/2014 12:00:03 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the avgwd service.
6/25/2014 11:21:34 PM, Error: Service Control Manager [7022] - The Security Center service hung on starting.
6/25/2014 11:20:36 PM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the eventlog service.
.
==== End Of File ===========================

Jacee · 27 Jun 2014

Let's see what adware we can get rid of first.

Please download AdwCleaner by Xplode and save to your Desktop.
Step 1.

Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator.
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
Copy and paste the contents of that logfile in your next reply.
A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

Step 2.
Using AdwCleaner v3: Scan & Clean:
This time click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
Copy and paste the contents of that logfile in your next reply.
A copy of that logfile will also be saved in the C:\AdwCleaner folder

******Post both .txt logs

andrew129260 · 28 Jun 2014

When you downloaded herdprotect did you choose installer or portable?

lpaigeg · 28 Jun 2014

Hi Jacee -- the scan report looks pretty small to me, but yes confusing. I don't really know what any of those programs are.

Andrew: I downloaded the installer version, not the portable. I think so anyway.

I'll run the cleaner now and post that in my next reply.

ADW SCAn REPORT
# AdwCleaner v3.213 - Report created 28/06/2014 at 17:13:46
# Updated 23/06/2014 by Xplode
# Operating System : Windows 7 Starter (32 bits)
# Username : rkl - LPAIGEG
# Running from : C:\Users\rkl\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Found : C:\Users\rkl\AppData\Roaming\Systweak

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\systweak
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC9510D-A439-4950-9399-B6399EDF9EA7}
Key Found : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Key Found : HKLM\Software\systweak

***** [ Browsers ] *****

-\\ Internet Explorer v0.0.0.0

-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\rkl\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1378 octets] - [28/06/2014 17:13:46]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [1438 octets] ##########

andrew129260 · 28 Jun 2014

1.) Download herdprotect: (choose the portable version)

Download herdProtect - Free Anti-Malware Platform

2.) Run the scan.

3.) When the scan finishes, save the results per the screenshot below. Then upload the log here.

DO NOT REMOVE ANYTHING YET. I will advise if anything needs removed when I receive the log.

Attached Images

lpaigeg · 28 Jun 2014

ADCLEANER REPORT

# AdwCleaner v3.213 - Report created 28/06/2014 at 17:24:00
# Updated 23/06/2014 by Xplode
# Operating System : Windows 7 Starter (32 bits)
# Username : rkl - LPAIGEG
# Running from : C:\Users\rkl\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Users\rkl\AppData\Roaming\Systweak

***** [ Shortcuts ] *****

***** [ Registry ] *****

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC9510D-A439-4950-9399-B6399EDF9EA7}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Key Deleted : HKCU\Software\systweak
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browsers ] *****

-\\ Internet Explorer v0.0.0.0

-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\rkl\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}

*************************

AdwCleaner[R0].txt - [1518 octets] - [28/06/2014 17:13:46]
AdwCleaner[S0].txt - [1615 octets] - [28/06/2014 17:24:00]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1675 octets] ##########

HerdProtect getting stopped by AVG

HerdProtect getting stopped by AVG

RE: HerdProtect getting stopped by AVG