Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer running really slowly after Adwcleaner was used


  • Please log in to reply
3 replies to this topic

#1 babajit

babajit

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:32 PM

Posted 19 March 2015 - 08:42 PM

I was having some adware problems where on some sites it would redirect me to some dumb website where I had to download a virus remover. I eventually had enough of this stupid adware virus so I looked online for a solution and one of them was to download adwcleaner. 

 

I did and after using the program, the adware wasn't there anymore. However, my computer is soooooo much slower now. I used to get 200+ fps on Counter Strike and now its down to like 30 or 20. This isn't just for games too, my whole computer is slower now. I'm at a loss for what to do. I'll post my log so you guys can see what happened

 

 

 

 

 

# AdwCleaner v4.112 - Logfile created 18/03/2015 at 22:09:03
# Updated 09/03/2015 by Xplode
# Database : 2015-03-15.1 [Server]
# Operating system : Windows 7 Ultimate  (x86)
# Username : Administrator - AVIJIT-PC
# Running from : C:\Users\Administrator\Downloads\adwcleaner_4.112.exe
# Option : Cleaning
 
***** [ Services ] *****
 
Service Deleted : hshld
[#] Service Deleted : 27961eae
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\SearchProtect
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Yahoo! Companion
Folder Deleted : C:\ProgramData\50Coupoons
Folder Deleted : C:\ProgramData\5500Couipons
Folder Deleted : C:\ProgramData\BBestSaveFForiYoUi
Folder Deleted : C:\ProgramData\GreatSaove4UU
Folder Deleted : C:\ProgramData\RRandomPrice
Folder Deleted : C:\ProgramData\saaVeenoshuaaRe
Folder Deleted : C:\ProgramData\df83f7548539c890
Folder Deleted : C:\Program Files\AVG Security Toolbar
Folder Deleted : C:\Program Files\EasyLife
Folder Deleted : C:\Program Files\ss helper
Folder Deleted : C:\Program Files\Coupons
Folder Deleted : C:\Program Files\5500Couipons
Folder Deleted : C:\Program Files\UtubeAAdReemovAL
Folder Deleted : C:\Windows\system32\SearchProtect
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\Administrator\AppData\Roaming\HPAppData
Folder Deleted : C:\Users\Avijit\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Avijit\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\Avijit\AppData\LocalLow\xfirexo
Folder Deleted : C:\Users\Avijit\AppData\Roaming\HPAppData
Folder Deleted : C:\Users\Avijit\AppData\Roaming\SendSpace
Folder Deleted : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\csbm5lyo.default\Extensions\aaauy@stcficxg.co.uk
Folder Deleted : C:\Users\Avijit\AppData\Roaming\Mozilla\Firefox\Profiles\5pihkw43.default\Extensions\aaauy@stcficxg.co.uk
Folder Deleted : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\csbm5lyo.default\Extensions\auee4-b@uaie-iodqug.org
Folder Deleted : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\csbm5lyo.default\Extensions\ddpcv@o-sxh.net
Folder Deleted : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\csbm5lyo.default\Extensions\i6.o@os-gwdyueo.com
Folder Deleted : C:\Users\Avijit\AppData\Roaming\Mozilla\Firefox\Profiles\5pihkw43.default\Extensions\i6.o@os-gwdyueo.com
Folder Deleted : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\csbm5lyo.default\Extensions\luueac@akxckcr.org
Folder Deleted : C:\Users\Avijit\AppData\Roaming\Mozilla\Firefox\Profiles\5pihkw43.default\Extensions\luueac@akxckcr.org
Folder Deleted : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\csbm5lyo.default\Extensions\psthv@ooorfe.edu
Folder Deleted : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\csbm5lyo.default\Extensions\qk7.ia@vtpftxyoyeoz.edu
Folder Deleted : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\csbm5lyo.default\Extensions\qzc3kkuw@ioyilo-kt.net
Folder Deleted : C:\Users\Avijit\AppData\Roaming\Mozilla\Firefox\Profiles\5pihkw43.default\Extensions\qzc3kkuw@ioyilo-kt.net
Folder Deleted : C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\csbm5lyo.default\Extensions\xaszt@eeaovq.com
File Deleted : C:\END
File Deleted : C:\Users\Administrator\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Avijit\AppData\Roaming\Mozilla\Firefox\Profiles\5pihkw43.default\searchplugins\EasyLife.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml
File Deleted : C:\Users\Avijit\AppData\Roaming\Mozilla\Firefox\Profiles\5pihkw43.default\user.js
File Deleted : C:\Users\Avijit\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Avijit_2.Avijit-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Avijit\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Avijit_2.Avijit-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Avijit_2.Avijit-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage
File Deleted : C:\Users\Avijit_2.Avijit-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.ask.com_0.localstorage-journal
File Deleted : C:\Users\Avijit\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\Avijit_2.Avijit-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\Avijit\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Avijit_2.Avijit-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Avijit_2.Avijit-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal
File Deleted : C:\Users\Avijit_2.Avijit-PC\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKCU\Software\Classes\pokki
Key Deleted : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\HssIE.HssIEApp
Key Deleted : HKLM\SOFTWARE\Classes\HssIE.HssIEApp.1
Key Deleted : HKLM\SOFTWARE\Classes\UtuubbeAdRemooVAl.UtuubbeAdRemooVAl
Key Deleted : HKLM\SOFTWARE\Classes\UtuubbeAdRemooVAl.UtuubbeAdRemooVAl.2.1
Key Deleted : HKLM\SOFTWARE\Classes\50CoupONus.50CoupONus
Key Deleted : HKLM\SOFTWARE\Classes\50CoupONus.50CoupONus.1.8
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2304157
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3290520
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B9F7F3B7-8D32-6F75-18CB-306518CF4E2D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C96F9644-3C8D-DD1A-1834-58705932AC7A}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B9F7F3B7-8D32-6F75-18CB-306518CF4E2D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C96F9644-3C8D-DD1A-1834-58705932AC7A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{c99fdc39-a1ae-4b24-8d71-e5274f8d7c54}
Key Deleted : HKCU\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKLM\SOFTWARE\SP Global
Key Deleted : HKLM\SOFTWARE\SProtector
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3D2C9DE6-9ADE-4252-A241-E43723B0CE02}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{76DEE3DC-2B8B-E212-2126-D31D9E73DFE4}
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - accelerator\contentaccelerator.dll
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local;<local>
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v9.0.8112.16464
 
 
-\\ Mozilla Firefox v21.0 (en-US)
 
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("CT2504091.embeddedsData", "[{\"appId\":\"129079840422026594\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("CT2504091.installId", "ConduitNSISIntegration");
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("CT2504091.installType", "ConduitNSISIntegration");
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("CT2504091.isPerformedSmartBarTransition", "true");
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("CT2504091.smartbar.CTID", "CT2504091");
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("CT2504091.smartbar.Uninstall", "0");
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("CT2504091.smartbar.toolbarName", "Vuze Remote ");
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("CT3287822.smartbar.homepage", "true");
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("CT3290520.embeddedsData", "[{\"appId\":\"130071703171218000\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("CT3290520.installId", "conduitinstaller.exe");
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("CT3290520.installType", "conduitnsisintegration");
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("CT3290520.smartbar.CTID", "CT3290520");
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("CT3290520.smartbar.Uninstall", "0");
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("CT3290520.smartbar.homepage", true);
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("CT3290520.smartbar.toolbarName", "MyFreeGames ");
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "");
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "");
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3290520");
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "Conduit Search");
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultthis.engineName", "MixiDJ V8 Customized Web Search");
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "SpeedBit Search");
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "Conduit Search");
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("extensions.3lja7.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumorobo.n[...]
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("extensions.94g6j1ft8xj.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumo[...]
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("extensions.FR2A368qNQnx.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sum[...]
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("extensions.Gti7iA8PeU2a.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sum[...]
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("extensions.aqk_b.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumorobo.n[...]
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("extensions.b4B.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumorobo.net[...]
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("extensions.kbWYTkYiHG.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumor[...]
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("extensions.wqZX.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumorobo.ne[...]
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("extensions.yaiZ4Hi.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"warnalert11.com\")>-1url.indexOf(\"sumorobo[...]
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("smartBar.searchInNewTabOwner", "CT3290520");
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3287822");
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3287822");
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3287822");
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("smartbar.machineId", "GDFJZQCZQNOX7WQLIGHVTBJIP4VX3V7YRGKIZDRG2MWL1IK8/8ARVYPCBM+VNXBPCAIIF0AEESY+6M509N1OUG");
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("smartbar.originalHomepage", "google.ca");
[csbm5lyo.default\prefs.js] - Line Deleted : user_pref("smartbar.originalSearchEngine", "Google");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.default.homepage.check", false);
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("aol_toolbar.default.search.check", false);
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "EasyLife");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename,S", "EasyLife");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("browser.search.defaulturl", "hxxp://searchy.easylifeapp.com/?pid=34&src=ff2&r=2013/09/12&hid=13185792479659599670&lg=EN&cc=CA&l=1&q=");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "EasyLife");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1,S", "EasyLife");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "EasyLife");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine,S", "EasyLife");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.3lja7.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1url.indexOf(\"txtlnkusaolp00000800\")>-1url.indexOf(\"sumorobo\")>-1url.index[...]
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.94g6j1ft8xj.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"txtlnkusaolp00000800\")>-1url.indexOf(\[...]
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.babExt", "");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=100482");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 1);
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.dfltSrch", false);
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.hmpg", false);
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.id", "26c4ef250000000000006c626dc701e7");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15375");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.lastDP", 1);
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1711:18:45");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "21.0");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.newTab", true);
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?babsrc=NT_bb");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 119234877);
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 0);
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true);
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "azb");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "tb9");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1711:18:45");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=100482");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "26c4ef250000000000006c626dc701e7");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.id", "26c4ef250000000000006c626dc701e7");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15375");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?AF=100482&babsrc=NT_ss&mntrId=26c4ef250000000000006c626dc701e7");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1711:18:45");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.G3xPmsfU4g0.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};new function(){var a=this;a.domain_storage=\"hxxp://xls.searchfun.in\";a.pre[...]
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.Gti7iA8PeU2a.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1url.indexOf(\"txtlnkusaolp00000800\")>-1url.indexOf(\"sumorobo\")>-1ur[...]
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.aqk_b.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1url.indexOf(\"txtlnkusaolp00000800\")>-1url.indexOf(\"sumor[...]
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("extensions.yMQXyxKhB.scode", "(function(){if(window.self.location.hostname.indexOf(\"acebook.co\")>-1){return};if(window.self.location.hostname.indexOf('mail.')==-1)\r\n{try{for(i=0;i<5;i++[...]
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
[5pihkw43.default\prefs.js] - Line Deleted : user_pref("sweetim.toolbar.searchguard.enable", "");
 
-\\ Google Chrome v41.0.2272.89
 
[C:\Users\Avijit\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&AF=100482&babsrc=SP_ss&mntrId=26c4ef250000000000006c626dc701e7
[C:\Users\Avijit\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&AF=100482&babsrc=SP_ss&mntrId=26c4ef250000000000006c626dc701e7
[C:\Users\Avijit\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://searchy.easylifeapp.com/?q={searchTerms}&pid=34&src=ch2&r=2013/09/12&hid=13185792479659599670&lg=EN&cc=CA
[C:\Users\Avijit\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.hotspotshield.com/g/results.php?c=s&q={searchTerms}
[C:\Users\Avijit\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN16524762251855479&ctid=CT3287822&UM=2
[C:\Users\Avijit\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://home.speedbit.com/search.aspx?aff=106&q={searchTerms}
[C:\Users\Avijit\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Avijit_2.Avijit-PC\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://searchy.easylifeapp.com/?q={searchTerms}&pid=34&src=ch2&r=2013/09/12&hid=13185792479659599670&lg=EN&cc=CA
[C:\Users\Avijit_2.Avijit-PC\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
[C:\Users\Avijit_2.Avijit-PC\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&AF=100482&babsrc=SP_ss&mntrId=26c4ef250000000000006c626dc701e7
[C:\Users\Avijit_2.Avijit-PC\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&AF=100482&babsrc=SP_ss&mntrId=26c4ef250000000000006c626dc701e7
[C:\Users\Avijit_2.Avijit-PC\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.hotspotshield.com/g/results.php?c=s&q={searchTerms}
[C:\Users\Avijit_2.Avijit-PC\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.gboxapp.com/?category=web&query={searchTerms}&x=62&y=23&language=en
 
-\\ Chromium v
 
[C:\Users\Avijit\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&AF=100482&babsrc=SP_ss&mntrId=26c4ef250000000000006c626dc701e7
[C:\Users\Avijit\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&AF=100482&babsrc=SP_ss&mntrId=26c4ef250000000000006c626dc701e7
[C:\Users\Avijit\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://searchy.easylifeapp.com/?q={searchTerms}&pid=34&src=ch2&r=2013/09/12&hid=13185792479659599670&lg=EN&cc=CA
[C:\Users\Avijit\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.hotspotshield.com/g/results.php?c=s&q={searchTerms}
[C:\Users\Avijit\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN16524762251855479&ctid=CT3287822&UM=2
[C:\Users\Avijit\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://home.speedbit.com/search.aspx?aff=106&q={searchTerms}
[C:\Users\Avijit\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\Avijit_2.Avijit-PC\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://searchy.easylifeapp.com/?q={searchTerms}&pid=34&src=ch2&r=2013/09/12&hid=13185792479659599670&lg=EN&cc=CA
[C:\Users\Avijit_2.Avijit-PC\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
[C:\Users\Avijit_2.Avijit-PC\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&AF=100482&babsrc=SP_ss&mntrId=26c4ef250000000000006c626dc701e7
[C:\Users\Avijit_2.Avijit-PC\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&AF=100482&babsrc=SP_ss&mntrId=26c4ef250000000000006c626dc701e7
[C:\Users\Avijit_2.Avijit-PC\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.hotspotshield.com/g/results.php?c=s&q={searchTerms}
[C:\Users\Avijit_2.Avijit-PC\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.gboxapp.com/?category=web&query={searchTerms}&x=62&y=23&language=en
 
*************************
 
AdwCleaner[R0].txt - [25205 bytes] - [18/03/2015 21:49:43]
AdwCleaner[S0].txt - [28886 bytes] - [18/03/2015 22:09:03]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [28946  bytes] ##########
 

 



BC AdBot (Login to Remove)

 


#2 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:32 AM

Posted 20 March 2015 - 04:52 AM

Hello and Welcome.
There has been a lot of garbage removed by AdwCleaner, now reset your main browsers.
 
Use the details by Brink in this guide Internet Explorer - Reset - Windows 7 Help Forums
Now follow How to reset Mozilla Firefox.
Chrome browser can be fixed once these 2 have been repaired. It is not required to begin with.
 
Next - Malwarebytes Anti-Malware program. If you already have a current version installed, Please update it
Please download Malwarebytes Anti-Malware
  • Follow the simple directions to install the program to desktop
  • Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
  • Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
  • Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.
  • If you find malware and tick it to remove it, you may be asked to re-boot the computer to finish cleaning.
  • Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.
Run ESET Online Scanner.
  • For Internet Explorer users only, hold down Control  (Ctrl) and click on This Link to open ESET OnlineScan in a new window.
  • Click the ESET Online button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu. to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser. Temporarily Disable your Antivirus
  • Under scan settings, check "Scan Archives and Remove Threats"
  • Click Advanced settings and select the following:
    Scan potentially unwanted applications
     Scan for potentially unsafe applications
     Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer.
  • Please be patient as this will take some time (2 hours is not unusual for a first scan).
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.

 

Now tell us if anything has improved ...

Thank You -

 



#3 babajit

babajit
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:07:32 PM

Posted 20 March 2015 - 02:25 PM

Okay I'm back. Here are the results. I'll see how my computer is now and then get back to you

 

 

C:\Users\All Users\hnjlkeciehgojpfcpcpopgfekjopgjeg\hnjlkeciehgojpfcpcpopgfekjopgjeg.crx Win32/Adware.MultiPlug.EB application
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\csbm5lyo.default\Extensions\aaauy@stcficxg.co.uk\content\bg.js.vir Win32/Adware.MultiPlug.EK application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\csbm5lyo.default\Extensions\auee4-b@uaie-iodqug.org\content\bg.js.vir Win32/Adware.MultiPlug.EK application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\csbm5lyo.default\Extensions\ddpcv@o-sxh.net\content\bg.js.vir Win32/Adware.MultiPlug.EK application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\csbm5lyo.default\Extensions\i6.o@os-gwdyueo.com\content\bg.js.vir Win32/Adware.MultiPlug.EK application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\csbm5lyo.default\Extensions\luueac@akxckcr.org\content\bg.js.vir Win32/Adware.MultiPlug.EK application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\csbm5lyo.default\Extensions\psthv@ooorfe.edu\content\bg.js.vir JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\csbm5lyo.default\Extensions\qk7.ia@vtpftxyoyeoz.edu\content\bg.js.vir Win32/Adware.MultiPlug.EK application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\csbm5lyo.default\Extensions\qzc3kkuw@ioyilo-kt.net\content\bg.js.vir Win32/Adware.MultiPlug.EK application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\csbm5lyo.default\Extensions\xaszt@eeaovq.com\content\bg.js.vir Win32/Adware.MultiPlug.EK application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Avijit\AppData\LocalLow\xfirexo\ldrtbXfir.dll.vir a variant of Win32/Toolbar.Conduit.P potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Avijit\AppData\LocalLow\xfirexo\tbXfir.dll.vir a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\AdwCleaner\Quarantine\C\Users\Avijit\AppData\Roaming\Mozilla\Firefox\Profiles\5pihkw43.default\Extensions\aaauy@stcficxg.co.uk\content\bg.js.vir Win32/Adware.MultiPlug.EK application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Avijit\AppData\Roaming\Mozilla\Firefox\Profiles\5pihkw43.default\Extensions\i6.o@os-gwdyueo.com\content\bg.js.vir Win32/Adware.MultiPlug.EK application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Avijit\AppData\Roaming\Mozilla\Firefox\Profiles\5pihkw43.default\Extensions\luueac@akxckcr.org\content\bg.js.vir Win32/Adware.MultiPlug.EK application cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Avijit\AppData\Roaming\Mozilla\Firefox\Profiles\5pihkw43.default\Extensions\qzc3kkuw@ioyilo-kt.net\content\bg.js.vir Win32/Adware.MultiPlug.EK application cleaned by deleting - quarantined
C:\Program Files\FoxTabPDFConverter\Uninstall\Uninstall.exe a variant of Win32/InstallCore.G potentially unwanted application deleted - quarantined
C:\Program Files\Vuze\.install4j\i4j_extf_27_5p83tu.dll a variant of Win32/Bunndle potentially unsafe application deleted - quarantined
C:\ProgramData\hnjlkeciehgojpfcpcpopgfekjopgjeg\hnjlkeciehgojpfcpcpopgfekjopgjeg.crx Win32/Adware.MultiPlug.EB application deleted - quarantined
C:\Users\Administrator\AppData\Local\CRE\oajgghejjpgkmpgbchgjieahoefimdle.crx a variant of Win32/Toolbar.Conduit.AH potentially unwanted application deleted - quarantined
C:\Users\Administrator\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.6.exe a variant of Win32/OpenCandy.C potentially unsafe application deleted - quarantined
C:\Users\Administrator\AppData\Local\Temp\FreemakeVideoConverter_4.1.4.6.exe_1 a variant of Win32/OpenCandy.C potentially unsafe application deleted - quarantined
C:\Users\Administrator\AppData\Local\Temp\tbMyFr.dll a variant of Win32/Toolbar.Conduit.X potentially unwanted application deleted - quarantined
C:\Users\Administrator\AppData\Local\Temp\tbVuz0.dll a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\Users\Administrator\AppData\Local\Temp\tbXfi0.dll a variant of Win32/Toolbar.Conduit.B potentially unwanted application deleted - quarantined
C:\Users\Administrator\AppData\Local\Temp\Bunndle\BunndleOfferManager.dll a variant of Win32/Bunndle potentially unsafe application deleted - quarantined
C:\Users\Administrator\AppData\Local\Temp\ct2504091\ffLogic.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined
C:\Users\Administrator\AppData\Local\Temp\ct2504091\statisticsStub.exe Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined
C:\Users\Administrator\AppData\Local\Temp\ct3287822\CT3287822.xpi a variant of Win32/Conduit.SearchProtect.N potentially unwanted application deleted - quarantined
C:\Users\Administrator\AppData\Local\Temp\dlmC7A2.tmp\Pazera_Free_MP4_to_AVI_Converter.exe Win32/InstallMonetizer.AF potentially unwanted application deleted - quarantined
C:\Users\Administrator\Downloads\American Sniper 2015 720p.BluRay.DTSHD.x264 HD TG POWER.exe a variant of Win32/Adware.MultiPlug.FV application cleaned by deleting - quarantined
C:\Users\Administrator\Downloads\cbsidlm-cbsi118-Pazera_Free_MP4_to_AVI_Converter-ORG-10784027.exe a variant of Win32/CNETInstaller.B potentially unwanted application deleted - quarantined
C:\Users\Administrator\Downloads\ccsetup503.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Users\Administrator\Downloads\FreemakeVideoConverterSetup.exe a variant of Win32/OpenCandy.C potentially unsafe application deleted - quarantined
C:\Users\Administrator\Downloads\FreeVideoFlipAndRotate.exe Win32/OpenCandy potentially unsafe application deleted - quarantined
C:\Users\Administrator\Downloads\setup.exe Win32/OutBrowse.BU potentially unwanted application deleted - quarantined
C:\Users\Administrator\Downloads\Unconfirmed 405271.crdownload Win32/OutBrowse.BU potentially unwanted application deleted - quarantined
C:\Users\Administrator\Downloads\backups\backup-20141101-141134-585.dll a variant of Win32/AdWare.MultiPlug.AY application cleaned by deleting - quarantined
C:\Users\Avijit\AppData\Local\Temp\AskSLib.dll a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined
C:\Users\Avijit\AppData\Local\Temp\FastDownload.exe Win32/Duckegg.A potentially unwanted application deleted - quarantined
C:\Users\Avijit\AppData\Local\Temp\00294823\efwzgpaa@addrouaa.edu\content\bg.js Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Users\Avijit\AppData\Local\Temp\00294823\fehbhhaplkjpniockbanioeoenhhjlnh\byOWKoCJIk.js Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Users\Avijit\AppData\Local\Temp\18be6784\aeiokcdjhkgfnhnkhlmckapamkemgogp\T78sw4HX.js Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Users\Avijit\AppData\Local\Temp\18be6784\ahh-je@xookr.org\content\bg.js Win32/Adware.MultiPlug.H application cleaned by deleting - quarantined
C:\Users\Avijit\AppData\Local\Temp\CT2786678\CT2786678.xpi Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined
C:\Users\Avijit\AppData\Local\Temp\FAAFAC9E-BAB0-7891-89C4-43CE6D2D0AE5\BExternal.dll a variant of Win32/Toolbar.Babylon.F potentially unwanted application deleted - quarantined
C:\Users\Avijit\AppData\Local\Temp\FAAFAC9E-BAB0-7891-89C4-43CE6D2D0AE5\IECookieLow.dll a variant of Win32/Toolbar.Babylon.E potentially unwanted application deleted - quarantined
C:\Users\Avijit\AppData\Local\Temp\FAAFAC9E-BAB0-7891-89C4-43CE6D2D0AE5\Setup.exe a variant of Win32/Toolbar.Babylon.E potentially unwanted application deleted - quarantined
C:\Users\Avijit\AppData\Local\Temp\is1438683437\MyBabylonTB.exe Win32/Toolbar.Babylon potentially unwanted application deleted - quarantined
C:\Users\Avijit\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome\utorrentbar.jar Win32/Toolbar.Conduit potentially unwanted application deleted - quarantined
C:\Users\Avijit\AppData\Roaming\Mozilla\Firefox\Profiles\5pihkw43.default\extensions\staged\auee4-b@uaie-iodqug.org\content\bg.js Win32/Adware.MultiPlug.EK application cleaned by deleting - quarantined
C:\Users\Avijit\AppData\Roaming\Mozilla\Firefox\Profiles\5pihkw43.default\extensions\staged\ddpcv@o-sxh.net\content\bg.js Win32/Adware.MultiPlug.EK application cleaned by deleting - quarantined
C:\Users\Avijit\AppData\Roaming\Mozilla\Firefox\Profiles\5pihkw43.default\extensions\staged\psthv@ooorfe.edu\content\bg.js JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\Users\Avijit\AppData\Roaming\Mozilla\Firefox\Profiles\5pihkw43.default\extensions\staged\qk7.ia@vtpftxyoyeoz.edu\content\bg.js Win32/Adware.MultiPlug.EK application cleaned by deleting - quarantined
C:\Users\Avijit\AppData\Roaming\Mozilla\Firefox\Profiles\5pihkw43.default\extensions\staged\xaszt@eeaovq.com\content\bg.js Win32/Adware.MultiPlug.EK application cleaned by deleting - quarantined
C:\Users\Avijit\Downloads\cht-bn.rar a variant of Win32/GameHack.HH potentially unsafe application deleted - quarantined
C:\Users\Avijit\Downloads\Banished_V1.00_32bit-64bit_Trainer_plus9\Banished V1.00 32bit Trainer +9 MrAntiFun Final.EXE a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application deleted - quarantined
C:\Users\Avijit\Downloads\Banished_V1.00_32bit-64bit_Trainer_plus9\Banished V1.00 64Bit Trainer +9 MrAntiFun Final.EXE a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application deleted - quarantined
C:\Users\Avijit_2.Avijit-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfhlngbcdalpjiejaenfchpcajdmpeom\149\lsdb.js JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\Users\Avijit_2.Avijit-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfhlngbcdalpjiejaenfchpcajdmpeom\149\Ofm.js JS/Kryptik.ATB trojan cleaned by deleting - quarantined
C:\Users\Avijit_2.Avijit-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\jladghljinmlokelojmdmblikkifabea\107\BGQu4ULuFE.js Win32/Adware.MultiPlug.EB application cleaned by deleting - quarantined
C:\Users\Avijit_2.Avijit-PC\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\00\00000000 a variant of Win32/InstalleRex.P potentially unwanted application deleted - quarantined
C:\Users\Avijit_2.Avijit-PC\AppData\Local\Google\Chrome\User Data\Default\File System\003\t\00\00000000 Win32/AdWare.1ClickDownload.AT application cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnjlkeciehgojpfcpcpopgfekjopgjeg\2.1_0\bRvClo9Aoja9.js Win32/Adware.MultiPlug.EB application cleaned by deleting - quarantined
X:\Grand Strategies\Crusader Kings II\steam_api.dll a variant of Win32/Packed.VMProtect.ABD trojan cleaned by deleting - quarantined


#4 noknojon

noknojon

  • Banned
  • 10,871 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:09:32 AM

Posted 20 March 2015 - 05:05 PM

C:\AdwCleaner\Quarantine\C\Users\Administrator

These items are just the cleaning out of AdwCleaner quarantine, as AdwCleaner only quarantines any removals.

To fully remove them, you must open AdwCleaner and hit the Uninstall button ...

 

Please run Malwarebytes Anti-Malware and post the log as directed above,


Edited by noknojon, 20 March 2015 - 05:07 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users