How do I remove this virus/malware url?

Page 1 of 3 123 LastLast

  1. Posts : 27
    Windows 7 Home Premium(64 bit)
       #1

    How do I remove this virus/malware url?


    I tried programs and features and search, but came up empty. It constantly shows up in Firefox and Chrome


    http://cache.icmwebserv.com/blank7.html#{%22namespace%22%3A%22LITE%22%2C%22revMode%22%3A16%2C%22marketingCampaignID%22%3A999999% 2C%22campaignID%22%3A%22000339%22%2C%22browser%22%3A%22ff%22%2C%22url%22%3A%22http%3A%2F%2Fonpoint.w bur.org%2Fways-to-listen%22%2C%22install%22%3A%221415626139%22%2C%22appID%22%3A63831%2C%22subID%22%3A%2230003392102300 0000%22%2C%22windowName%22%3A%22icm_inline_p%22%2C%22ad_width%22%3A1%2C%22ad_height%22%3A100%2C%22ad _type%22%3A%22focus%22%2C%22asw%22%3A%22na%22%2C%22pstn%22%3A%220%22%2C%22icmVersion%22%3A%221105%22 }
      My Computer


  2. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #2

    You have 'adware'. follow both step1. and step 2.


    Please download AdwCleaner by Xplode and save to your Desktop.


    Step 1.

    • Double click on AdwCleaner.exe to run the tool.
      Vista/Windows 7/8 users right-click and select Run As Administrator.
    • Click on the Scan button.
    • AdwCleaner will begin...be patient as the scan may take some time to complete.
    • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
    • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
    • Copy and paste the contents of that logfile in your next reply.
    • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.



    Step 2.


    This time click on the Clean button.
    Press OK when asked to close all programs and follow the onscreen prompts.
    Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
    Copy and paste the contents of that logfile in your next reply.
    A copy of that logfile will also be saved in the C:\AdwCleaner folder


    ******Post both .txt logs in your next reply
      My Computer


  3. Posts : 27
    Windows 7 Home Premium(64 bit)
    Thread Starter
       #3

    Here's the first part of the log file(SevenForums will only allow 20,0


    20,000 characters at a time:

    dwCleaner v4.101 - Report created 13/11/2014 at 19:52:31
    # Updated 09/11/2014 by Xplode
    # Database : 2014-11-12.2 [Live]
    # Operating System : Windows 7 Ultimate Service Pack 1 (32 bits)
    # Username : Lanovo - LANOVO-PC
    # Running from : C:\Users\Lanovo\Desktop\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****

    [#] Service Deleted : globalUpdate
    [#] Service Deleted : globalUpdatem
    [#] Service Deleted : trntv
    Service Deleted : {a71b752a-bac5-48e3-a420-f8c453035f81}Gw
    Service Deleted : {a8fcc7a3-7149-4cd7-bc81-f5c3c4a18978}Gw

    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\baidu
    Folder Deleted : C:\ProgramData\IePluginServices
    Folder Deleted : C:\ProgramData\WindowsMangerProtect
    Folder Deleted : C:\Program Files\Babylon
    Folder Deleted : C:\Program Files\baidu
    [!] Folder Deleted : C:\Program Files\globalUpdate
    [!] Folder Deleted : C:\Program Files\HomeTab
    Folder Deleted : C:\Program Files\SupTab
    Folder Deleted : C:\Program Files\LuckyTab
    Folder Deleted : C:\Program Files\CinPlus-2.4cV10.11
    Folder Deleted : C:\Users\Lanovo\AppData\Local\globalUpdate
    Folder Deleted : C:\Users\Lanovo\AppData\LocalLow\HomeTab
    Folder Deleted : C:\Users\Lanovo\AppData\LocalLow\SimplyTech
    Folder Deleted : C:\Users\Lanovo\AppData\Roaming\baidu
    Folder Deleted : C:\Users\Lanovo\AppData\Roaming\FirefoxToolbar
    Folder Deleted : C:\Users\Lanovo\AppData\Roaming\SimpleFiles
    Folder Deleted : C:\Users\Lanovo\AppData\Roaming\SimplyTech
    Folder Deleted : C:\Users\Lanovo\AppData\Roaming\Systweak
    Folder Deleted : C:\Users\Lanovo\AppData\Roaming\TornTV.com
    Folder Deleted : C:\Users\Lanovo\AppData\Roaming\WebNavi
    Folder Deleted : C:\Users\Public\Documents\baidu
    Folder Deleted : C:\Users\Lanovo\AppData\Roaming\Mozilla\Firefox\Profiles\rfymn4ct.default\Extensions\faststartff@gma il.com
    Folder Deleted : C:\Users\Lanovo\AppData\Roaming\Mozilla\Firefox\Profiles\rfymn4ct.default\Extensions\0cd1569197354ec f9be03@d3ee3bc4210848f7b5a58324f064f.com
    Folder Deleted : C:\Users\Lanovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl
    Folder Deleted : C:\Users\Lanovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
    Folder Deleted : C:\Users\Lanovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\plimopelmdneikoknbgpopffpbmlhgpa
    File Deleted : C:\Windows\system32\roboot.exe
    File Deleted : C:\Windows\system32\\drivers\{a71b752a-bac5-48e3-a420-f8c453035f81}Gw.sys
    File Deleted : C:\Windows\system32\\drivers\{a8fcc7a3-7149-4cd7-bc81-f5c3c4a18978}Gw.sys
    File Deleted : C:\Users\Lanovo\Desktop\Live PC Help.lnk
    File Deleted : C:\Users\Lanovo\AppData\Roaming\Mozilla\Firefox\Profiles\rfymn4ct.default\searchplugins\default-search.xml
    File Deleted : C:\Users\Lanovo\AppData\Roaming\Mozilla\Firefox\Profiles\rfymn4ct.default\searchplugins\Web Search.xml
    File Deleted : C:\Users\Lanovo\AppData\Roaming\Mozilla\Firefox\Profiles\rfymn4ct.default\user.js
    File Deleted : C:\Users\Lanovo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_istart.webssearches.com_0.localstorage
    File Deleted : C:\Users\Lanovo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_istart.webssearches.com_0.localstorage-journal
    File Deleted : C:\Users\Lanovo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
    File Deleted : C:\Users\Lanovo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

    ***** [ Scheduled Tasks ] *****

    Task Deleted : globalUpdateUpdateTaskMachineCore
    Task Deleted : globalUpdateUpdateTaskMachineUA
    Task Deleted : LaunchSignup
    Task Deleted : 1021b133-1a27-43e4-9252-e2a4dcb2b33f-1
    Task Deleted : 1021b133-1a27-43e4-9252-e2a4dcb2b33f-11
    Task Deleted : 1021b133-1a27-43e4-9252-e2a4dcb2b33f-2
    Task Deleted : 1021b133-1a27-43e4-9252-e2a4dcb2b33f-3
    Task Deleted : 1021b133-1a27-43e4-9252-e2a4dcb2b33f-4
    Task Deleted : 1021b133-1a27-43e4-9252-e2a4dcb2b33f-5
    Task Deleted : 1021b133-1a27-43e4-9252-e2a4dcb2b33f-5_user
    Task Deleted : 1021b133-1a27-43e4-9252-e2a4dcb2b33f-6
    Task Deleted : 1021b133-1a27-43e4-9252-e2a4dcb2b33f-7
      My Computer


  4. Posts : 27
    Windows 7 Home Premium(64 bit)
    Thread Starter
       #4

    Here's the Second Part of the logfile


    ** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
    Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ocr@babylon.com]
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\coljhboelhlkbgaaolcngflenaggpeao
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fcljdicbcnmfhekdcaobgbpjjifniemh
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fjbbjfdilbioabojmcplalojlmdngbjl
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kmedakdfngfmagjlndeckcbfcmidlbio
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
    Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\Superfish
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate this web page with Babylon
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\MenuExt\Translate with Babylon
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\HomeTab.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
    Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
    Key Deleted : HKLM\SOFTWARE\Classes\wtb.Band
    Key Deleted : HKLM\SOFTWARE\Classes\wtb.Band.1
    Key Deleted : HKLM\SOFTWARE\Classes\wtb.NotificationSource
    Key Deleted : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1
    Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl
    Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1
    Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo
    Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
    Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
    Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
    Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
    Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611381131}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622382231}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655385531}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666386631}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440644384431}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611381131}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DEDAF650-12B8-48F5-A843-BBA100716106}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110611381131}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2492}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
    Key Deleted : HKCU\Software\1ClickDownload
    Key Deleted : HKCU\Software\APN PIP
    Key Deleted : HKCU\Software\GlobalUpdate
    Key Deleted : HKCU\Software\HomeTab
    Key Deleted : HKCU\Software\InstallCore
    Key Deleted : HKCU\Software\InstalledBrowserExtensions
    Key Deleted : HKCU\Software\Linkey
    Key Deleted : HKCU\Software\Popajar
    Key Deleted : HKCU\Software\SimpleFiles
    Key Deleted : HKCU\Software\simplytech
    Key Deleted : HKCU\Software\SmileysWeLove
    Key Deleted : HKCU\Software\Softonic
    Key Deleted : HKCU\Software\SupHpUISoft
    Key Deleted : HKCU\Software\systweak
    Key Deleted : HKCU\Software\Tune
    Key Deleted : HKCU\Software\TornTv Downloader
    Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
    Key Deleted : HKCU\Software\AppDataLow\Software\simplytech
    Key Deleted : HKCU\Software\AppDataLow\Software\CinPlus-2.4cV10.11
    Key Deleted : HKLM\SOFTWARE\GlobalUpdate
    Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
    Key Deleted : HKLM\SOFTWARE\SimpleFiles
    Key Deleted : HKLM\SOFTWARE\SmdmF
    Key Deleted : HKLM\SOFTWARE\SupDp
    Key Deleted : HKLM\SOFTWARE\SupTab
    Key Deleted : HKLM\SOFTWARE\supWindowsMangerProtect
    Key Deleted : HKLM\SOFTWARE\supWPM
    Key Deleted : HKLM\SOFTWARE\systweak
    Key Deleted : HKLM\SOFTWARE\Tune
    Key Deleted : HKLM\SOFTWARE\webssearchesSoftware
    Key Deleted : HKLM\SOFTWARE\LuckyTab
    Key Deleted : HKLM\SOFTWARE\CinPlus-2.4cV10.11
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ad Blocker_is1
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CinPlus-2.4cV10.11

    ***
      My Computer


  5. Posts : 27
    Windows 7 Home Premium(64 bit)
    Thread Starter
       #5

    Here's the Third and Final Part of the Logfile


    ** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17280

    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
    Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
    Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
    Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
    Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar]
    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Search Bar]
    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Search Page]
    Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL]
    Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar]
    Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page]
    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl []
    Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl []

    -\\ Mozilla Firefox v33.1 (x86 en-US)

    [rfymn4ct.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultengine", "Web Search");
    [rfymn4ct.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "default-search.net");
    [rfymn4ct.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "default-search.net");
    [rfymn4ct.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "default-search.net");
    [rfymn4ct.default\prefs.js] - Line Deleted : user_pref("extensions.a0cd1569197354ecf9be03d3ee3bc4210848f7b5a58324f064fcom63831.63831.internaldb._ _ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22a[...]
    [rfymn4ct.default\prefs.js] - Line Deleted : user_pref("extensions.a0cd1569197354ecf9be03d3ee3bc4210848f7b5a58324f064fcom63831.63831.internaldb.m onetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D[...]
    [rfymn4ct.default\prefs.js] - Line Deleted : user_pref("extensions.a6cfae8cc4676442fa78d9dcdfbd4ea874e76d4af1994bacom63285.63285.internaldb.__ICM _LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22amazo[...]
    [rfymn4ct.default\prefs.js] - Line Deleted : user_pref("extensions.a6cfae8cc4676442fa78d9dcdfbd4ea874e76d4af1994bacom63285.63285.internaldb.monet ization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%[...]
    [rfymn4ct.default\prefs.js] - Line Deleted : user_pref("extensions.crossrider.bic", "149999d222e0fe41732c3115d36031c9");
    [rfymn4ct.default\prefs.js] - Line Deleted : user_pref("extensions.ocr@babylon.com.install-event-fired", true);

    -\\ Google Chrome v40.0.2209.0


    *************************

    AdwCleaner[R0].txt - [21496 octets] - [13/11/2014 19:31:02]
    AdwCleaner[S0].txt - [19059 octets] - [13/11/2014 19:52:31]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19120 octets] ##########
      My Computer


  6. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #6

    Tell me how your computer is running now.
      My Computer


  7. Posts : 27
    Windows 7 Home Premium(64 bit)
    Thread Starter
       #7

    Since I live in Thailand, we're around 10-12 hours ahead of you. I just woke up and, unfortunately, that same(cache icm) adware and at least one other ad so far, has appeared.
      My Computer


  8. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #8

    Let's try ESET....
    I'd like you to scan your machine with ESET OnlineScan
    1. Hold down Control and click on the following link to open ESET OnlineScan in a new window.
      ESET OnlineScan
    2. Click the button.
    3. For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
      1. Click on to download the ESET Smart Installer. Save it to your desktop.
      2. Double click on the icon on your desktop.
    4. Check
    5. Click the button.
    6. Accept any security warnings from your browser.
    7. Check
    8. Push the Start button.
    9. ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    10. When the scan completes, push
    11. Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    12. Push the button.
    13. Push
      My Computer


  9. Posts : 27
    Windows 7 Home Premium(64 bit)
    Thread Starter
       #9

    I could be overlooking something and I'll certainly follow your guide, but I think all the problems stem from Firefox, since I don't see ad intrusions when I use Chrome(I rarely use I/E). Does that affect anythng Should I uninstall Firefox and reinstall it?
      My Computer


  10. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #10

    Can you please run the ESET scan? We'll determine from the results. :)
      My Computer


 
Page 1 of 3 123 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 05:48.
Find Us