Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 7 slowdowns after PUP virus/malware removed


  • Please log in to reply
10 replies to this topic

#1 Khrev

Khrev

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:34 AM

Posted 18 September 2015 - 08:45 PM

Hello,

 

I have an Acer Aspire X1430 desktop running Windows 7 Home Premium 6.1.7601 Service Pack 1 Build 7601 on my bench currently that I am trying to fix for a friend.

 

He reported slowdowns and performance issues. His Windows install was behind the times in terms of updates, so updated it through the control panel Windows Update to latest patches.

 

After uninstalling McAfee (installed by prior techs at Office Depot unfortunately) and installing Avast, ran a scan and removed several hits that were PUP related.

 

Also installed and ran Malwarebytes, which also picked of PUP related files and removed them.

 

After that, both Avast (boot time scan) and Malwarebytes scans report back clean with no hits.

 

However, the browser (latest version of Firefox, uninstalled and reinstalled it) is still lagging a bit, so I thought I should post here and make sure that all traces of infection are truly removed from the machine.

 

edit: It may be unrelated, I don't know, but the icons for Malwarebytes shortcut that is pinned to the taskbar keeps changing to a generic icon.

 

Any advice would be much appreciated, thank you for your time.


Edited by Khrev, 18 September 2015 - 09:32 PM.


BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:34 AM

Posted 19 September 2015 - 07:05 AM

Clean up the computer and remove adware using the programs below. Do a clean uninstall of Firefox. That means to remove the user profile, too.

 

Use CCleaner to remove Temporary files, program caches, cookies, logs, etc. Use the Default settings. No need to use the

Registry Cleaning Tool...risky. Pay close attention while installing and UNcheck offers of toolbars....especially Google.

After install, open CCleaner and run by clicking on the Run Cleaner button in the bottom right corner.

CCleaner - PC Optimization and Cleaning - Free Download

 

Download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
  • download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 Khrev

Khrev
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:34 AM

Posted 20 September 2015 - 04:35 AM

I was in a hurry so I double posted this on another forum and found help there first. Apologies.

 

One thing though, your links are outdated in your reply, the ESET links no longer are correct. Here is the correct link for ESET in case anyone's following along:

 

http://www.eset.com/us/online-scanner/?CMP=knc-Google-G|S-US-BR-C-Other|B&gclid=CKX-y7OmhcgCFUFufgodxjgD-w

 

Other links still seem to be valid.



#4 buddy215

buddy215

  • Moderator
  • 13,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:34 AM

Posted 20 September 2015 - 06:40 AM

When I click on this link I get this:

 

Access Free Online Scanner

To run ESET Online Scanner in a browser other than Internet Explorer, you'll need to download ESET Smart Installer.

This application installs and launches ESET Online Scanner in a separate window.

 

When I click on your link I get a different page but still access to the online scanner.

 

Since you are using Firefox...at least I think you are if you reinstalled as instructed....then following the below directions:

  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.

That is a direct link to the download...and it is still correct....

 

I saw your topic at the other forum....but couldn't view the AdwCleaner log and others without signing up....I was just curious as to

what was found...but the comments from the helper implies nothing serious...just some adware.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#5 Khrev

Khrev
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:34 AM

Posted 20 September 2015 - 12:46 PM

Thank you for your help, not sure why that link didn't work for me. Ran eset and it found some more toolbar type adware so I think you are correct.



#6 buddy215

buddy215

  • Moderator
  • 13,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:34 AM

Posted 20 September 2015 - 01:06 PM

You can view and control Windows Startups, Browser Startups, Installed programs, and Scheduled Tasks using CCleaner's Tools....very useful. Often see

items in those lists leftover after adware and malware removal.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#7 Khrev

Khrev
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:34 AM

Posted 20 September 2015 - 01:28 PM

adw log...

 

# AdwCleaner v5.008 - Logfile created 19/09/2015 at 19:36:35
# Updated 18/09/2015 by Xplode
# Database : 2015-09-17.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Bill - BILL-PC
# Running from : C:\Users\Bill\Downloads\AdwCleaner.exe
# Option : Scan
# Support : http://toolslib.net/forum

***** [ Services ] *****

Service Found : globalUpdatem
Service Found : mcaudrv_simple
Service Found : ManyCam

***** [ Folders ] *****

Folder Found : C:\SearchProtect
Folder Found : C:\Program Files\Shop For Rewards
Folder Found : C:\Program Files (x86)\globalUpdate
Folder Found : C:\Program Files (x86)\PC Cleaner
Folder Found : C:\Program Files (x86)\PepperZip
Folder Found : C:\Program Files (x86)\predm
Folder Found : C:\Program Files (x86)\SearchProtect
Folder Found : C:\Program Files (x86)\Systweak Support Dock
Folder Found : C:\Program Files (x86)\Web Protect
Folder Found : C:\Program Files (x86)\YouTube Accelerator
Folder Found : C:\Program Files (x86)\Super Optimizer
Folder Found : C:\Program Files (x86)\FelexibleSHopper
Folder Found : C:\Program Files (x86)\Optimizer Pro
Folder Found : C:\Program Files (x86)\Common Files\Umbrella
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\Browser
Folder Found : C:\ProgramData\FelexibleSHopper
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
Folder Found : C:\Users\Bill\AppData\Local\Conduit
Folder Found : C:\Users\Bill\AppData\Local\globalUpdate
Folder Found : C:\Users\Bill\AppData\Local\iac
Folder Found : C:\Users\Bill\AppData\LocalLow\Conduit
Folder Found : C:\Users\Bill\AppData\LocalLow\iac
Folder Found : C:\Users\Bill\AppData\LocalLow\ShopAtHome
Folder Found : C:\Users\Bill\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
Folder Found : C:\Users\Bill\AppData\Roaming\Systweak

***** [ Files ] *****

File Found : C:\END
File Found : C:\Users\Bill\Live PC Help.lnk
File Found : C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\wv3a5xkf.default\invalidprefs.js
File Found : C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\wv3a5xkf.default\user.js

***** [ Shortcuts ] *****

Shortcut Infected : C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk ( hxxp://feed.snapdo.com/?publisher=ShoppingHelper&dpid=OB_134&co=US&userid=c93094ab-87ff-565c-3715-1bbf0f9aed41&searchtype=sc&installDate=09/09/2014&barcodeid=151233&um=0 )
Shortcut Infected : C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www-search.net/?s=E3Sl&pi=2 )

***** [ Scheduled tasks ] *****

Task Found : LaunchApp
Task Found : LaunchSignup
Task Found : SMW_UpdateTask_Logon_3433363531383934312d455b2a34504141454a5a576c

***** [ Registry ] *****

Key Found : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
Key Found : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
Key Found : HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL
Key Found : HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}
Key Found : HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}
Key Found : HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}
Key Found : HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}
Key Found : HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}
Key Found : HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}
Key Found : HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}
Key Found : HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}
Key Found : HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}
Key Found : HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}
Key Found : HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}
Key Found : HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}
Key Found : HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}
Key Found : HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}
Key Found : HKCU\Software\Classes\PepperZip
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\smu.exe
Key Found : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
Key Found : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
Key Found : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
Key Found : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
Key Found : HKLM\SOFTWARE\Classes\FleexibbleeShopperr.FleexibbleeShopperr
Key Found : HKLM\SOFTWARE\Classes\FleexibbleeShopperr.FleexibbleeShopperr.4.75
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [Object Browser-bg.exe]
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{787D3F9B-69C6-427C-BF55-4419F932474A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D52F7CE0-A4BA-4220-A907-444CB6158A09}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{40A61B9E-B111-46EE-A1F2-C1100192BA48}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02794518-C0A9-14C9-57F6-5405F3E9E4CC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Found : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Found : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5075DFCC-F3F5-4B15-B364-270BC7C585AD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{895F78F3-9620-49AD-8AA8-E6802E5AC64E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{0902EBD9-C5B4-4400-8CF1-7ACA8E8805D9}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{76481128-CCDC-4073-8F65-B06F23B138FC}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{A549A4F7-FA70-421C-B0F2-8F6C0B4B85A8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02794518-C0A9-14C9-57F6-5405F3E9E4CC}
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{02794518-C0A9-14C9-57F6-5405F3E9E4CC}]
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{02794518-C0A9-14C9-57F6-5405F3E9E4CC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{5075DFCC-F3F5-4B15-B364-270BC7C585AD}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{895F78F3-9620-49AD-8AA8-E6802E5AC64E}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9}
Key Found : HKU\.DEFAULT\Software\Goobzo
Key Found : HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\TheBestDeals
Key Found : HKCU\Software\distromatic
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\GOffers
Key Found : HKCU\Software\Goobzo
Key Found : HKCU\Software\InstalledBrowserExtensions
Key Found : HKCU\Software\PennyBee
Key Found : HKCU\Software\systweak
Key Found : HKCU\Software\WebProtect
Key Found : HKCU\Software\StormWatch
Key Found : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Found : HKCU\Software\AppDataLow\Software\Object Browser
Key Found : HKCU\Software\AppDataLow\Software\TheBestDeals
Key Found : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Found : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\Goobzo
Key Found : HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : HKLM\SOFTWARE\systweak
Key Found : HKLM\SOFTWARE\WebProtect
Key Found : HKLM\SOFTWARE\SearchModule
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLVM Player
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C64BEB42-B25D-4674-BB55-4099CB720110}
Key Found : [x64] HKCU\Software\distromatic
Key Found : [x64] HKCU\Software\GlobalUpdate
Key Found : [x64] HKCU\Software\GOffers
Key Found : [x64] HKCU\Software\Goobzo
Key Found : [x64] HKCU\Software\InstalledBrowserExtensions
Key Found : [x64] HKCU\Software\PennyBee
Key Found : [x64] HKCU\Software\systweak
Key Found : [x64] HKCU\Software\WebProtect
Key Found : [x64] HKCU\Software\StormWatch
Key Found : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Key Found : [x64] HKLM\SOFTWARE\YTDownloader
Key Found : [x64] HKLM\SOFTWARE\SearchModule
Key Found : HKU\.DEFAULT\Software\AppDataLow\Software\TheBestDeals
Key Found : HKU\S-1-5-21-207330893-4226334810-2962846401-1000\Software\AppDataLow\Software\BackgroundContainer
Key Found : HKU\S-1-5-21-207330893-4226334810-2962846401-1000\Software\AppDataLow\Software\Object Browser
Key Found : HKU\S-1-5-21-207330893-4226334810-2962846401-1000\Software\AppDataLow\Software\TheBestDeals
Key Found : HKU\S-1-5-18\Software\AppDataLow\Software\TheBestDeals
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9}

***** [ Web browsers ] *****

[C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : aol.com
[C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com
[C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : www-search.net

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [16579 bytes] ##########
 


adw log after cleaning...

 

# AdwCleaner v5.008 - Logfile created 19/09/2015 at 19:41:49
# Updated 18/09/2015 by Xplode
# Database : 2015-09-17.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Bill - BILL-PC
# Running from : C:\Users\Bill\Downloads\AdwCleaner.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : globalUpdatem
[-] Service Deleted : mcaudrv_simple
[-] Service Deleted : ManyCam

***** [ Folders ] *****

[-] Folder Deleted : C:\SearchProtect
[-] Folder Deleted : C:\Program Files\Shop For Rewards
[-] Folder Deleted : C:\Program Files (x86)\globalUpdate
[-] Folder Deleted : C:\Program Files (x86)\PC Cleaner
[-] Folder Deleted : C:\Program Files (x86)\PepperZip
[-] Folder Deleted : C:\Program Files (x86)\predm
[+] Folder Deleted : C:\Program Files (x86)\SearchProtect
[-] Folder Deleted : C:\Program Files (x86)\Systweak Support Dock
[-] Folder Deleted : C:\Program Files (x86)\Web Protect
[-] Folder Deleted : C:\Program Files (x86)\YouTube Accelerator
[-] Folder Deleted : C:\Program Files (x86)\Super Optimizer
[-] Folder Deleted : C:\Program Files (x86)\FelexibleSHopper
[-] Folder Deleted : C:\Program Files (x86)\Optimizer Pro
[-] Folder Deleted : C:\Program Files (x86)\Common Files\Umbrella
[-] Folder Deleted : C:\ProgramData\apn
[-] Folder Deleted : C:\ProgramData\Browser
[-] Folder Deleted : C:\ProgramData\FelexibleSHopper
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
[-] Folder Deleted : C:\Users\Bill\AppData\Local\Conduit
[-] Folder Deleted : C:\Users\Bill\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\Bill\AppData\Local\iac
[-] Folder Deleted : C:\Users\Bill\AppData\LocalLow\Conduit
[-] Folder Deleted : C:\Users\Bill\AppData\LocalLow\iac
[-] Folder Deleted : C:\Users\Bill\AppData\LocalLow\ShopAtHome
[-] Folder Deleted : C:\Users\Bill\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
[-] Folder Deleted : C:\Users\Bill\AppData\Roaming\Systweak

***** [ Files ] *****

[-] File Deleted : C:\END
[-] File Deleted : C:\Users\Bill\Live PC Help.lnk
[-] File Deleted : C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\wv3a5xkf.default\invalidprefs.js
[-] File Deleted : C:\Users\Bill\AppData\Roaming\Mozilla\Firefox\Profiles\wv3a5xkf.default\user.js

***** [ Shortcuts ] *****

[-] Shortcut Disinfected : C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
[-] Shortcut Disinfected : C:\Users\Bill\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk

***** [ Scheduled tasks ] *****

[-] Task Deleted : LaunchApp
[-] Task Deleted : LaunchSignup
[-] Task Deleted : SMW_UpdateTask_Logon_3433363531383934312d455b2a34504141454a5a576c

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
[-] Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
[-] Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
[-] Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
[-] Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
[-] Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
[-] Key Deleted : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{37AC0F3B-749F-3B22-811B-5A019EED2E85}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{4392A6CC-7940-310E-8E16-799A8D93A438}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{66DF7821-ED6D-3534-893C-0E89E74B0F91}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{755CAFCC-F016-3B06-8F22-945EAA3AD10D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{76552F88-640C-314D-82B6-0D8A740907F7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{05660A04-00F1-3A04-AB3B-BC1074B84D67}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{903F9872-E87F-3B74-83B0-DBE10073B29D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{9558EEB4-CDA6-3778-B53B-98076F0A1E90}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{B25AA9BA-FD52-3E5E-BFE3-9B106779DA6E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{C852CF9F-37DC-35AC-926A-7E6CFFF7C501}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{C9777796-4378-3C90-B52D-7238FFFC2A5C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{DB1BC8B2-FDBF-30E7-BE1C-AFF9160059E6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{F3D5729C-7DEB-3850-A026-D0E323ECFEF5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{FEC70973-CB8B-351C-8047-CAE1274CE249}
[-] Key Deleted : HKCU\Software\Classes\PepperZip
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\smu.exe
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\FleexibbleeShopperr.FleexibbleeShopperr
[-] Key Deleted : HKLM\SOFTWARE\Classes\FleexibbleeShopperr.FleexibbleeShopperr.4.75
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [Object Browser-bg.exe]
[-] Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{787D3F9B-69C6-427C-BF55-4419F932474A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D52F7CE0-A4BA-4220-A907-444CB6158A09}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{40A61B9E-B111-46EE-A1F2-C1100192BA48}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02794518-C0A9-14C9-57F6-5405F3E9E4CC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5075DFCC-F3F5-4B15-B364-270BC7C585AD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{895F78F3-9620-49AD-8AA8-E6802E5AC64E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{CBEF8724-D080-4737-88DA-111EEC6651AA}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0902EBD9-C5B4-4400-8CF1-7ACA8E8805D9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{76481128-CCDC-4073-8F65-B06F23B138FC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A549A4F7-FA70-421C-B0F2-8F6C0B4B85A8}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02794518-C0A9-14C9-57F6-5405F3E9E4CC}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{58124A0B-DC32-4180-9BFF-E0E21AE34026}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{977AE9CC-AF83-45E8-9E03-E2798216E2D5}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{02794518-C0A9-14C9-57F6-5405F3E9E4CC}]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{02794518-C0A9-14C9-57F6-5405F3E9E4CC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CE057E0D-2D7E-4DFF-A890-07BA69B8C762}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5075DFCC-F3F5-4B15-B364-270BC7C585AD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{895F78F3-9620-49AD-8AA8-E6802E5AC64E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9}
[-] Key Deleted : HKU\.DEFAULT\Software\Goobzo
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\TheBestDeals
[-] Key Deleted : HKCU\Software\distromatic
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\GOffers
[-] Key Deleted : HKCU\Software\Goobzo
[-] Key Deleted : HKCU\Software\InstalledBrowserExtensions
[-] Key Deleted : HKCU\Software\PennyBee
[-] Key Deleted : HKCU\Software\systweak
[-] Key Deleted : HKCU\Software\WebProtect
[-] Key Deleted : HKCU\Software\StormWatch
[!] Key Not Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKCU\Software\AppDataLow\Toolbar
[-] Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
[-] Key Deleted : HKCU\Software\AppDataLow\Software\Object Browser
[-] Key Deleted : HKCU\Software\AppDataLow\Software\TheBestDeals
[-] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\Goobzo
[-] Key Deleted : HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : HKLM\SOFTWARE\systweak
[-] Key Deleted : HKLM\SOFTWARE\WebProtect
[-] Key Deleted : HKLM\SOFTWARE\SearchModule
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLVM Player
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C64BEB42-B25D-4674-BB55-4099CB720110}
[!] Key Not Deleted : [x64] HKCU\Software\distromatic
[!] Key Not Deleted : [x64] HKCU\Software\GlobalUpdate
[!] Key Not Deleted : [x64] HKCU\Software\GOffers
[!] Key Not Deleted : [x64] HKCU\Software\Goobzo
[!] Key Not Deleted : [x64] HKCU\Software\InstalledBrowserExtensions
[!] Key Not Deleted : [x64] HKCU\Software\PennyBee
[!] Key Not Deleted : [x64] HKCU\Software\systweak
[!] Key Not Deleted : [x64] HKCU\Software\WebProtect
[!] Key Not Deleted : [x64] HKCU\Software\StormWatch
[-] Key Deleted : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
[-] Key Deleted : [x64] HKLM\SOFTWARE\YTDownloader
[-] Key Deleted : [x64] HKLM\SOFTWARE\SearchModule
[!] Key Not Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\TheBestDeals
[!] Key Not Deleted : HKU\S-1-5-21-207330893-4226334810-2962846401-1000\Software\AppDataLow\Software\BackgroundContainer
[!] Key Not Deleted : HKU\S-1-5-21-207330893-4226334810-2962846401-1000\Software\AppDataLow\Software\Object Browser
[!] Key Not Deleted : HKU\S-1-5-21-207330893-4226334810-2962846401-1000\Software\AppDataLow\Software\TheBestDeals
[!] Key Not Deleted : HKU\S-1-5-18\Software\AppDataLow\Software\TheBestDeals
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
[!] Key Not Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AE986AAE-21E4-49ED-8A99-6C9A7E4FF4D9}

***** [ Web browsers ] *****

[-] [C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : aol.com
[-] [C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : ask.com
[-] [C:\Users\Bill\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : www-search.net

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [17774 bytes] ##########
 


eset log...

 

C:\AdwCleaner\Quarantine\C\Program Files (x86)\Web Protect\PCProxyDLL.dll.vir    a variant of Win32/AdWare.Loadshop.A application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Web Protect\pcwtc64f.sys.vir    Win64/Adware.Loadshop.D application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Web Protect\postcollect.exe.vir    Win32/AdWare.Loadshop.A application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Bill\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll.vir    Win32/Toolbar.Conduit.Y potentially unwanted application    cleaned by deleting - quarantined
C:\AdwCleaner\Quarantine\C\Users\Bill\AppData\Local\Conduit\BackgroundContainer\TBUpdaterLogic_1.0.0.2.dll.vir    Win32/Toolbar.Conduit.Y potentially unwanted application    cleaned by deleting - quarantined
C:\OEM\Preload\Autorun\APP\Nero 10 Essentials Acer Edition\ISSetupPrerequisites\{BF80A1C0-C3FF-4B1C-ABEF-22CD4F97A0AB}\Toolbar.exe    a variant of Win32/Bundled.Toolbar.Ask.A potentially unsafe application    cleaned by deleting - quarantined
C:\Users\Bill\AppData\LocalLow\Installl_Converter\hk64tbInst.dll    a variant of Win64/Toolbar.Conduit.B potentially unwanted application    cleaned by deleting - quarantined
C:\Users\Bill\AppData\LocalLow\Installl_Converter\hktbInst.dll    a variant of Win32/Toolbar.Conduit.X potentially unwanted application    cleaned by deleting - quarantined
C:\Users\Bill\AppData\LocalLow\Installl_Converter\ldrtbInst.dll    a variant of Win32/Toolbar.Conduit.P potentially unwanted application    cleaned by deleting - quarantined
C:\Users\Bill\AppData\LocalLow\Installl_Converter\tbInst.dll    a variant of Win32/Toolbar.Conduit.X potentially unwanted application    cleaned by deleting - quarantined
C:\Users\Bill\AppData\LocalLow\Installl_Converter\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.6.12\bin\PriceGongIE.dll    a variant of Win32/PriceGong.A potentially unwanted application    cleaned by deleting - quarantined
C:\Users\Bill\AppData\Roaming\DCUP    JS/Toolbar.Crossrider.C potentially unwanted application    deleted - quarantined
C:\Users\Bill\Downloads\ccsetup509.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Windows\Installer\MSIEBE9.tmp    a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application    cleaned by deleting - quarantined
C:\Windows\Installer\MSIEDCE.tmp-\ProxySettings.dll    a variant of MSIL/Toolbar.Linkury.X potentially unwanted application    cleaned by deleting - quarantined
C:\Windows\Installer\MSIEDCE.tmp-\Smartbar.Communication.NamedPipe.dll    a variant of MSIL/Toolbar.Linkury.W potentially unwanted application    cleaned by deleting - quarantined
C:\Windows\Installer\MSIEDCE.tmp-\Smartbar.GUI.Docking.dll    a variant of MSIL/Toolbar.Linkury.AC potentially unwanted application    cleaned by deleting - quarantined
C:\Windows\Installer\MSIEDCE.tmp-\Smartbar.Infrastructure.Utilities.dll    a variant of MSIL/Toolbar.Linkury.T potentially unwanted application    cleaned by deleting - quarantined
C:\Windows\Installer\MSIEDCE.tmp-\Smartbar.Resources.HistoryAndStatsWrapper.dll    a variant of MSIL/Toolbar.Linkury.I potentially unwanted application    cleaned by deleting - quarantined
C:\Windows\Installer\MSIEDCE.tmp-\Smartbar.Resources.LanguageSettings.resources.dll    a variant of MSIL/Toolbar.Linkury.E potentially unwanted application    cleaned by deleting - quarantined
C:\Windows\Installer\MSIEDCE.tmp-\spbe.dll    a variant of MSIL/Toolbar.Linkury.I potentially unwanted application    cleaned by deleting - quarantined
C:\Windows\Installer\MSIEDCE.tmp-\spbl.dll    a variant of MSIL/Toolbar.Linkury.G potentially unwanted application    cleaned by deleting - quarantined
C:\Windows\Installer\MSIEDCE.tmp-\sppsm.dll    a variant of MSIL/Toolbar.Linkury.G potentially unwanted application    cleaned by deleting - quarantined
C:\Windows\Installer\MSIEDCE.tmp-\spusm.dll    a variant of MSIL/Toolbar.Linkury.G potentially unwanted application    cleaned by deleting - quarantined
C:\Windows\Installer\MSIEDCE.tmp-\srbs.dll    a variant of MSIL/Toolbar.Linkury.C potentially unwanted application    cleaned by deleting - quarantined
C:\Windows\Installer\MSIEDCE.tmp-\srbu.dll    a variant of MSIL/Toolbar.Linkury.F potentially unwanted application    cleaned by deleting - quarantined
C:\Windows\Installer\MSIEDCE.tmp-\sreu.dll    a variant of MSIL/Toolbar.Linkury.V potentially unwanted application    cleaned by deleting - quarantined
C:\Windows\Installer\MSIEDCE.tmp-\srptc.dll    a variant of MSIL/Toolbar.Linkury.G potentially unwanted application    cleaned by deleting - quarantined
C:\Windows\Installer\MSIEDCE.tmp-\srpu.dll    a variant of MSIL/Toolbar.Linkury.I potentially unwanted application    cleaned by deleting - quarantined
C:\Windows\Installer\MSIEDCE.tmp-\srut.dll    a variant of MSIL/Toolbar.Linkury.M.gen potentially unwanted application    cleaned by deleting - quarantined
F:\BILL-PC\Backup Set 2015-09-17 235856\Backup Files 2015-09-17 235856\Backup files 1.zip    JS/Toolbar.Crossrider.C potentially unwanted application    deleted - quarantined
F:\BILL-PC\Backup Set 2015-09-17 235856\Backup Files 2015-09-17 235856\Backup files 3.zip    a variant of Win64/Toolbar.Conduit.B potentially unwanted application    deleted - quarantined
 


eset log...

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.2 (09.14.2015:1)
OS: Windows 7 Home Premium x64
Ran by Bill on Sun 09/20/2015 at 10:49:50.26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks

Successfully deleted: [Task] C:\Windows\system32\tasks\PCSpeedCleanPRO_Popup
Successfully deleted: [Task] C:\Windows\system32\tasks\PCSpeedCleanPRO_Start



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322282250}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220622282246}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660366286650}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660666286646}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.PseudoTransparentPlugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.PseudoTransparentPlugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.Radio
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.Radio.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.SettingsPlugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.SettingsPlugin.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.SkinLauncher
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.SkinLauncher.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322282250}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220622282246}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660366286650}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\Interface\{66666666-6666-6666-6666-660666286646}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660366286650}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660666286646}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660366286650}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Wow6432Node\Interface\{66666666-6666-6666-6666-660666286646}



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Bill\Appdata\Local\{04CB5F56-FC44-4C5F-BBDA-CE05848CC186}
Successfully deleted: [Empty Folder] C:\Users\Bill\Appdata\Local\{0C2FF78D-CDE8-484C-9A03-78DC8CA6DB7F}
Successfully deleted: [Empty Folder] C:\Users\Bill\Appdata\Local\{18A0D1EA-D2F7-4AF4-AC96-2111AAEF2979}
Successfully deleted: [Empty Folder] C:\Users\Bill\Appdata\Local\{2BE44302-9CD1-44C9-AD34-3D2B2B53A4FF}
Successfully deleted: [Empty Folder] C:\Users\Bill\Appdata\Local\{2DFE2458-1ECD-454C-9D0A-50F559E06C29}
Successfully deleted: [Empty Folder] C:\Users\Bill\Appdata\Local\{6A77FDB0-363C-450C-B294-69F8ED74AE6A}
Successfully deleted: [Empty Folder] C:\Users\Bill\Appdata\Local\{71DE602D-FCB5-40A3-A84F-385157C8C611}
Successfully deleted: [Empty Folder] C:\Users\Bill\Appdata\Local\{87707C79-2656-4893-814D-ED6C938BBA07}
Successfully deleted: [Empty Folder] C:\Users\Bill\Appdata\Local\{B98CAE61-BB29-4DF4-9783-5C49DC4E478F}
Successfully deleted: [Empty Folder] C:\Users\Bill\Appdata\Local\{C9F5AD56-8A8E-4DC8-B04F-8DA13C3C8011}
Successfully deleted: [Empty Folder] C:\Users\Bill\Appdata\Local\{DE1BFD1D-DA1A-4820-8089-8DDEDC2E10C2}
Successfully deleted: [Empty Folder] C:\Users\Bill\Appdata\Local\{DE77F99E-15FC-402F-9E79-D4E372A30DF7}
Successfully deleted: [Folder] C:\Program Files (x86)\pricef~1
Successfully deleted: [Folder] C:\Users\Bill\Appdata\Local\com
Successfully deleted: [Folder] C:\Users\Bill\Appdata\Local\icsharpcode.net
Successfully deleted: [Folder] C:\Users\Bill\Appdata\LocalLow\company
Successfully deleted: [Folder] C:\Users\Bill\Appdata\LocalLow\pricefinder
Successfully deleted: [Folder] C:\Users\Bill\AppData\Roaming\pricefinder
Successfully deleted: [Folder] C:\ProgramData\daeeale4me



~~~ FireFox

Emptied folder: C:\Users\Bill\AppData\Roaming\mozilla\firefox\profiles\wv3a5xkf.default\minidumps [35 files]



~~~ Chrome


[C:\Users\Bill\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Bill\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Bill\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Bill\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 09/20/2015 at 11:01:19.06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 


Just posting those because you mentioned you were curious. Thanks for taking a look at this, much appreciated.



#8 Khrev

Khrev
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:34 AM

Posted 20 September 2015 - 01:51 PM

Followed your advice, last step I took was checking "tools" in CCleaner...

 

--- CCleaner Tools list start ---

 

7-Zip 15.07 beta (x64)    Igor Pavlov    9/18/2015    4.65 MB    15.07
Acer eRecovery Management    Acer Incorporated    8/2/2011        5.00.3502
Acer Registration    Acer Incorporated    5/13/2012        1.04.3503
Acer ScreenSaver    Acer Incorporated    5/13/2012        1.1.0609.2011
Adobe AIR    Adobe Systems Incorporated    5/13/2012        2.7.1.19610
Adobe Flash Player 18 ActiveX    Adobe Systems Incorporated    8/12/2015    8.30 MB    18.0.0.232
Adobe Flash Player 18 NPAPI    Adobe Systems Incorporated    9/18/2015    17.8 MB    18.0.0.232
Adobe Reader X (10.1.13) MUI    Adobe Systems Incorporated    12/17/2014    482 MB    10.1.13
ATI Catalyst Install Manager    ATI Technologies, Inc.    5/13/2012    22.4 MB    3.0.829.0
Avast Free Antivirus    AVAST Software    9/17/2015        10.4.2233
CCleaner    Piriform    9/20/2015        5.09
Evernote v. 4.5.1    Evernote Corp.    5/13/2012    151 MB    4.5.1.5451
Google Chrome    Google Inc.    1/20/2015        45.0.2454.93
Hotkey Utility    Acer Incorporated    5/13/2012        2.05.3505
Identity Card    Acer Incorporated    5/13/2012        1.00.3501
Installl Converter Toolbar    Installl Converter    7/4/2013        6.13.3.505
Malwarebytes Anti-Malware version 2.1.8.1057    Malwarebytes Corporation    9/18/2015    64.5 MB    2.1.8.1057
Microsoft .NET Framework 4.5.2    Microsoft Corporation    3/15/2015    38.8 MB    4.5.51209
Microsoft Office 2010    Microsoft Corporation    5/13/2012    6.31 MB    14.0.4763.1000
Microsoft Office Click-to-Run 2010    Microsoft Corporation    6/29/2013        14.0.4763.1000
Microsoft Office Starter 2010 - English    Microsoft Corporation    6/29/2013        14.0.5131.5000
Microsoft Silverlight    Microsoft Corporation    9/17/2015    50.7 MB    5.1.40728.0
Microsoft SQL Server 2005 Compact Edition [ENU]    Microsoft Corporation    8/2/2011    1.69 MB    3.1.0000
Microsoft Visual C++ 2005 Redistributable    Microsoft Corporation    10/5/2012    300 KB    8.0.61001
Microsoft Visual C++ 2005 Redistributable (x64)    Microsoft Corporation    8/2/2011    708 KB    8.0.61000
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17    Microsoft Corporation    4/27/2014    788 KB    9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161    Microsoft Corporation    5/4/2014    788 KB    9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17    Microsoft Corporation    8/2/2011    240 KB    9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148    Microsoft Corporation    8/2/2011    596 KB    9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161    Microsoft Corporation    10/5/2012    600 KB    9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319    Microsoft Corporation    2/22/2013    13.7 MB    10.0.30319
Mozilla Firefox 40.0.3 (x86 en-US)    Mozilla    9/18/2015    85.0 MB    40.0.3
Mozilla Maintenance Service    Mozilla    9/18/2015    247 KB    40.0.3
MSXML 4.0 SP2 (KB954430)    Microsoft Corporation    9/21/2012    1.27 MB    4.20.9870.0
MSXML 4.0 SP2 (KB973688)    Microsoft Corporation    9/21/2012    1.33 MB    4.20.9876.0
MyWinLocker Suite    Egis Technology Inc.    8/2/2011    2.63 MB    4.0.14.15
Nero DiscSpeed 10    Nero AG    8/2/2011    7.21 MB    6.2.10500.2.100
Nero Express 10    Nero AG    8/2/2011    165 MB    10.2.12000.21.100
Nero Multimedia Suite 10 Essentials    Nero AG    8/2/2011    372 MB    10.5.10300
Nero StartSmart 10    Nero AG    8/2/2011    143 MB    10.2.11600.14.100
Nero Update    Nero AG    8/2/2011    1.43 MB    1.0.0018
Realtek Ethernet Controller Driver    Realtek    8/2/2011        7.45.516.2011
Realtek High Definition Audio Driver    Realtek Semiconductor Corp.    5/13/2012        6.0.1.6242
Shared C Run-time for x64    McAfee    10/27/2012    2.78 MB    10.0.0
Shopping Helper Smartbar        9/8/2014        
Times Reader    The New York Times Company    9/9/2012        2.055
Welcome Center    Acer Incorporated    5/13/2012        1.02.3504
Windows Live Essentials    Microsoft Corporation    8/2/2011        15.4.3508.1109
 

--- CCleaner Tools list end ---

 

I feel like I should delete:

 

Installl Converter Toolbar    Installl Converter    7/4/2013        6.13.3.505

Shopping Helper Smartbar        9/8/2014     

 

 

Anything else there look like a red flag to you?

 



#9 buddy215

buddy215

  • Moderator
  • 13,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:34 AM

Posted 20 September 2015 - 03:03 PM

Yes, uninstall those two programs. Use Download Revo Uninstaller Freeware in Advanced Mode.

 

Suggest Uninstall of these programs:

Adobe AIR    Adobe Systems Incorporated    5/13/2012        2.7.1.19610 (Old Adobe products are malware magnets)

Adobe Reader X (10.1.13) MUI    Adobe Systems Incorporated    12/17/2014    482 MB    10.1.13 (Firefox has its own PDF reader)

Shared C Run-time for x64    McAfee    10/27/2012    2.78 MB    10.0.0

 

Rerun AdwCleaner as it will often find more on second pass after so much has been found. Be sure to choose CLEAN when scan finishes.


Edited by buddy215, 20 September 2015 - 03:08 PM.

“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#10 Khrev

Khrev
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:34 AM

Posted 20 September 2015 - 06:36 PM

Thanks for the suggestions, followed them. Additional pass on AdwCleaner came up with absolutely nothing, and performance seems to be optimal now. Video is a bit sluggish at times but I think that's just due to the capabilities of the on-board graphics with that processor.

 

Thanks for taking a look, much appreciated, and again, apologies for double-timing in that other forum, I know it's not ideal.



#11 buddy215

buddy215

  • Moderator
  • 13,199 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:34 AM

Posted 20 September 2015 - 07:00 PM

I have no problem with that. As far 'sluggish'...if stuttering is a better description...then you might check temps.

You're welcome...


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users