Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Laptop infected with "ExtraShopper"


  • Please log in to reply
5 replies to this topic

#1 CincyDeb

CincyDeb

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Houston, TX
  • Local time:09:58 AM

Posted 25 July 2014 - 09:53 AM

Hello! Newbie here!  I'm no computer whiz by far, but I know enough to get into trouble :wink:

 

I'm running Windows 7 Home Premium on my laptop.  I must have unknowingly downloaded some malware by the name of "ExtraShopper".  Windows pop up on my screen, sometimes 3-5 at a time and in the bottom of the window it says "Ads by ExtraShopper". After some Googling, it turns out it also goes by the name "Shopper Pro".

 

I purchased and installed Malware Bytes and while that slowed them down, it didn't eliminate them completely.

I then purchased and installed Norton Antivirus and it had the same effect.

 

Now they show up usually when I'm on eBay, Amazon or some other "shopping" site, but not on other sites.  The virus also highlights words in articles in blue and if you pass over them with your mouse it opens a window.  Occasionally when I click on a legitimate link (like to continue reading a story on MSN.com) it will open a new tab and sometimes its X rated!  I don't know if this is the same "Extra Shopper' or another problem.

 

Any help would be appreciated.  Thank you!


Edited by CincyDeb, 25 July 2014 - 09:59 AM.


BC AdBot (Login to Remove)

 


#2 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,690 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:07:58 AM

Posted 25 July 2014 - 10:44 AM

Please download AdwCleaner and run it.
 
An image like the one below will open, click on Scan.
 
adwcleaner11_zps48314883.png
 
Once the search is complete a list of the pending items will be displayed.  If you see any which you do not want removed, remove the check mark next to it.  
 
Click on Clean to remove the selected items.  If you have any questions about any items in the list please copy and paste the list in your topic so we can review it.  
 
You will receive a message telling you that all programs will be close so that the infections can be removed.  Click on Ok.
 
When the cleaning process is complete a log of what was removed will be presented.  Please copy and the paste this log in your next post.
 
 

Please download Malwarebytes Anti-Malware.  After clicking on the link the download will start automatically.
 
1)  Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.
 
2)  Malwarebytes will automatically open.  If this is the first time you have run this version of Malwarbytes you will see an image like the one below.
 
mbam1_zps95cc812c.png
 
Click on Update Now, after Malwarebytes is updated click on Scan.
 
If this isn't the first time you have run this version, then you will see an image like the one below.  Click on Scan
 
mbam1_zps98e7fba9.png
 
You will be prompted to update Malwarebytes, to do so click on Update Now.
 
 mbam2_zps85f38f0c.png
 
3)  The scan will automatically run now.
 
mbamreplace_zps3ead4824.png
 
 
4)  When the scan is complete the results will be displayed.  Click on Quarantine All, then click on Apply Actions
 
mbam4_zps23e52ad4.png
 
 
5)  To complete any actions taken you will be asked if you want to restart your computer, click on Yes
 
 mbam4_zps490948cc.png
 
6)  Please post the Malwarebytes log.
 
To find your Malwarebytes log,download mbam-check.exe from here and save it to your desktop.
 
To open the log double click on mbam-check.exe on your desktop.  When the log opens, scroll down toward the bottom of the log to Quarantined Items.  Copy and paste this in your next post.
 
 
Please post which browser/s you are using and I will provide you with instructions for removing this as a search engine.

Edited by dc3, 25 July 2014 - 10:45 AM.

Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#3 CincyDeb

CincyDeb
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Houston, TX
  • Local time:09:58 AM

Posted 25 July 2014 - 01:48 PM

Thanks for the great input!  I will try this as soon as I get home tonight.  Thank you!



#4 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,690 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:07:58 AM

Posted 25 July 2014 - 02:29 PM

You are quite welcome.

 

Let us know how it works.


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 


#5 CincyDeb

CincyDeb
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Houston, TX
  • Local time:09:58 AM

Posted 25 July 2014 - 08:20 PM

Oh my gosh!  It worked!  I didn't even have to do the Malware Bytes part, because after I ran AdwCleaner and rebooted my computer, I saw all the ads were gone.  Amazing!  I've been messing with this crap for weeks now!  Thank you so much!  Here is the log from AdwCleaner:

 

# AdwCleaner v3.216 - Report created 25/07/2014 at 20:10:05
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : owner - DEBBIE
# Running from : C:\Users\owner\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\374311380
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\ProgramData\Systweak
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\ProgramData\easyatoshoipo
Folder Deleted : C:\ProgramData\LucikyCouippon
Folder Deleted : C:\ProgramData\LuckyCoiupOOn
Folder Deleted : C:\ProgramData\ShoppeerMausuter
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iWin
Folder Deleted : C:\Program Files (x86)\BrowseFox
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\Program Files (x86)\easyatoshoipo
Folder Deleted : C:\Program Files (x86)\LucikyCouippon
Folder Deleted : C:\Program Files (x86)\LuckyCoiupOOn
Folder Deleted : C:\Program Files\SavingsbullFilter
Folder Deleted : C:\Users\owner\AppData\Local\PackageAware
Folder Deleted : C:\Users\owner\AppData\Local\Rocket
Folder Deleted : C:\Users\owner\AppData\Local\Temp\NetCrawl
Folder Deleted : C:\Users\owner\AppData\LocalLow\Toolbar4
Folder Deleted : C:\Users\owner\AppData\Roaming\DigitalSites
Folder Deleted : C:\Users\owner\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\owner\AppData\Roaming\RocketUpdater
Folder Deleted : C:\Users\owner\AppData\Roaming\Systweak
Folder Deleted : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\dq0vht6z.default\Extensions\staged\{ecaa9181-d92a-47b9-8e14-bef9680f204b}
Folder Deleted : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\xabjx5ji.default-1400727001443\Extensions\{ecaa9181-d92a-47b9-8e14-bef9680f204b}
Folder Deleted : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\xabjx5ji.default-1400727001443\Extensions\n5aeao@kbtq-iiuu.co.uk
File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
File Deleted : C:\Windows\System32\ImhxxpComm.dll
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Windows\System32\sasnative64.exe
File Deleted : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\dq0vht6z.default\searchplugins\WSE Rocket.xml
File Deleted : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\xabjx5ji.default-1400727001443\searchplugins\WSE Rocket.xml
File Deleted : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\dq0vht6z.default\user.js
File Deleted : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\xabjx5ji.default-1400727001443\user.js
File Deleted : C:\Windows\System32\Tasks\Advanced System Protector
File Deleted : C:\Windows\System32\Tasks\Advanced System Protector_startup
File Deleted : C:\Windows\System32\Tasks\RegClean Pro
File Deleted : C:\Windows\Tasks\Rocket Updater.job
File Deleted : C:\Windows\System32\Tasks\Rocket Updater

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{EB132DB0-A4CA-11DF-9732-0E29E0D72085}]
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\ibnjmihbbanannlbobkbmnmckjnmdnom
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ToolbarBroker.EXE
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr
Key Deleted : HKLM\SOFTWARE\Classes\ZGClnt.Mngr.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\startnow_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\startnow_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseFox_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseFox_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilBrowseFox_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\utilBrowseFox_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\eoasytoShoep.eoasytoShoep
Key Deleted : HKLM\SOFTWARE\Classes\eoasytoShoep.eoasytoShoep.1.8
Key Deleted : HKLM\SOFTWARE\Classes\LuckyCouppon.LuckyCouppon
Key Deleted : HKLM\SOFTWARE\Classes\LuckyCouppon.LuckyCouppon.1.0
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3310511
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Soft32 Updater.exe]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{FAA8C612-F1B6-461B-8B60-B54D74D9642E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8B53F46F-AA39-3CA0-A01B-829A62178827}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F66D44E7-D806-DDAB-FF0B-C2E83C1E3234}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8B53F46F-AA39-3CA0-A01B-829A62178827}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F66D44E7-D806-DDAB-FF0B-C2E83C1E3234}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8B53F46F-AA39-3CA0-A01B-829A62178827}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F66D44E7-D806-DDAB-FF0B-C2E83C1E3234}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8B53F46F-AA39-3CA0-A01B-829A62178827}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F66D44E7-D806-DDAB-FF0B-C2E83C1E3234}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CBD2A57-2FD5-4F1A-9FC8-90ED48FA4187}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{2318C2B1-4965-11D4-9B18-009027A5CD4F}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{8B53F46F-AA39-3CA0-A01B-829A62178827}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F66D44E7-D806-DDAB-FF0B-C2E83C1E3234}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKCU\Software\dsiteproducts
Key Deleted : HKCU\Software\Rocket Browser
Key Deleted : HKCU\Software\RocketUpdater
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\WSE Rocket
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\Zugo
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKLM\Software\BrowseFox
Key Deleted : HKLM\Software\InstallCore
Key Deleted : HKLM\Software\StartNow Toolbar
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207


-\\ Mozilla Firefox v30.0 (en-US)

[ File : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\dq0vht6z.default\prefs.js ]

Line Deleted : user_pref("browser.startup.homepage", "hxxp://rocket-find.com/?f=1&a=rckt_suma_14_28_ch&cd=2XzuyEtN2Y1L1Qzu0CtD0C0BtAzzyCzz0E0ByEzy0CtAyE0FtN0D0Tzu0SzytByDtN1L2XzutBtFtBtCtFtCyEtFtCtN1L1CzutCyEtBzytDy[...]

[ File : C:\Users\owner\AppData\Roaming\Mozilla\Firefox\Profiles\xabjx5ji.default-1400727001443\prefs.js ]

Line Deleted : user_pref("extensions.1wF.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.net[...]

-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\owner\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000031&src=kw&q={searchTerms}&locale=en_US&apn_ptnrs=TV&apn_dtid=OSJ000YYUS&apn_uid=A0FFA15C-347B-4520-A11D-E4A9E1176A76&apn_sauid=7BF5A8D0-CD3A-4558-A0AA-5C5B7B9A4A1E
Deleted [Search Provider] : hxxp://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_suma_14_28_ch&cd=2XzuyEtN2Y1L1Qzu0CtD0C0BtAzzyCzz0E0ByEzy0CtAyE0FtN0D0Tzu0SzytByDtN1L2XzutBtFtBtCtFtCyEtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyC0DyByB0FyByDzytGtC0ByC0CtG0FzztB0BtGtD0C0B0CtGtBzytByDtCzzyEtDyCzzyB0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtDyEyCyBzzzy0CtG0Ezz0FtCtG0A0FyD0EtGtCtDtA0EtGtA0AzyyBtAtAzy0AtBtD0C0F2Q&cr=495158984&ir=
Deleted [Startup_urls] : hxxp://rocket-find.com/?f=7&a=rckt_suma_14_28_ch&cd=2XzuyEtN2Y1L1Qzu0CtD0C0BtAzzyCzz0E0ByEzy0CtAyE0FtN0D0Tzu0SzytByDtN1L2XzutBtFtBtCtFtCyEtFtCtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyC0DyByB0FyByDzytGtC0ByC0CtG0FzztB0BtGtD0C0B0CtGtBzytByDtCzzyEtDyCzzyB0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StAtDyEyCyBzzzy0CtG0Ezz0FtCtG0A0FyD0EtGtCtDtA0EtGtA0AzyyBtAtAzy0AtBtD0C0F2Q&cr=495158984&ir=
Deleted [Extension] : ibnjmihbbanannlbobkbmnmckjnmdnom

*************************

AdwCleaner[R0].txt - [16281 octets] - [25/07/2014 20:06:55]
AdwCleaner[S0].txt - [15577 octets] - [25/07/2014 20:10:05]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15638 octets] ##########



#6 dc3

dc3

    Bleeping Treehugger


  • Members
  • 30,690 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Sierra Foothills of Northern Ca.
  • Local time:07:58 AM

Posted 25 July 2014 - 08:37 PM

Let us know if you need any further assistance. :thumbup2:


Family and loved ones will always be a priority in my daily life.  You never know when one will leave you.

 

 

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users