Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

AdwCleaner File To Look Over


  • Please log in to reply
1 reply to this topic

#1 Alphenex

Alphenex

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:02:34 AM

Posted 12 May 2016 - 06:42 PM

I want to make sure to not delete anything i should not, i have an issue with something being installed on my computer that creates ads that popup on steam, i use chrome as my main browser, i followed one instruction to uninstall steam and delete its appdata, then reinstall, i did this twice to be sure and it did not work so the issue must lie somewhere else, following other advice the first step is to scan with AdwCleaner, so here is the file if anyone can help me look through and make sure i do not delete necessary registry files:

 

# AdwCleaner v5.115 - Logfile created 07/05/2016 at 05:45:01
# Updated 01/05/2016 by Xplode
# Database : 2016-05-04.2 [Server]
# Operating system : Windows 8.1  (X64)
# Username : Stephen - STEPHEN_LR-MSI
# Running from : C:\Users\Stephen\Desktop\adwcleaner_5.115.exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : WtuSystemSupport
 
***** [ Folders ] *****
 
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\ProgramData\avg web tuneup
Folder Found : C:\ProgramData\Application Data\AVG Secure Search
Folder Found : C:\ProgramData\Application Data\avg web tuneup
Folder Found : C:\Program Files (x86)\avg web tuneup
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\tencent
Folder Found : C:\Users\Stephen\AppData\Local\avg web tuneup
Folder Found : D:\Users\Stephen\Documents\Mobogenie
Folder Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm
Folder Found : C:\Program Files\avg web tuneup
Folder Found : C:\Program Files\Common Files\AVG Secure Search
Folder Found : C:\Users\Stephen\AppData\Local\VirtualStore\Program Files (x86)\tencent
 
***** [ Files ] *****
 
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage-journal
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_animeshow.tv_0.localstorage
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_animeshow.tv_0.localstorage-journal
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_daemon-tools-lite.en.softonic.com_0.localstorage
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_daemon-tools-lite.en.softonic.com_0.localstorage-journal
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wallycrawler.blogspot.com_0.localstorage
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wallycrawler.blogspot.com_0.localstorage-journal
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage-journal
 
***** [ DLL ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\AVG Tuneup
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\akamaihd.net
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearch.avg.com
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
 
***** [ Web browsers ] *****
 
[C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : aol.com
[C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ask.com
[C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : ccleaner.en.softonic.com
[C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : netflix.com
[C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Found : >
[C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : ooebklgpfnbcnpokahmdidgbmlcdepkm
 
*************************
 
C:\AdwCleaner\AdwCleaner[S1].txt - [5396 bytes] - [07/05/2016 05:45:01]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [5469 bytes] ##########
# AdwCleaner v5.116 - Logfile created 12/05/2016 at 16:58:45
# Updated 09/05/2016 by Xplode
# Database : 2016-05-09.1 [Server]
# Operating system : Windows 8.1  (X64)
# Username : Stephen - STEPHEN_LR-MSI
# Running from : D:\Users\Stephen\Downloads\adwcleaner_5.116 (2).exe
# Option : Scan
 
***** [ Services ] *****
 
Service Found : WtuSystemSupport
Service Found : vToolbarUpdater40.2.9
 
***** [ Folders ] *****
 
Folder Found : C:\ProgramData\AVG Secure Search
Folder Found : C:\ProgramData\avg web tuneup
Folder Found : C:\ProgramData\Application Data\AVG Secure Search
Folder Found : C:\ProgramData\Application Data\avg web tuneup
Folder Found : C:\Program Files (x86)\avg web tuneup
Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Found : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\tencent
Folder Found : C:\Users\Stephen\AppData\Local\avg web tuneup
Folder Found : D:\Users\Stephen\Documents\Mobogenie
Folder Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ooebklgpfnbcnpokahmdidgbmlcdepkm
Folder Found : C:\Program Files\avg web tuneup
Folder Found : C:\Program Files\Common Files\AVG Secure Search
Folder Found : C:\Users\Stephen\AppData\Local\VirtualStore\Program Files (x86)\tencent
 
***** [ Files ] *****
 
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_chfdnecihphmhljaaejmgoiahnihplgn_0.localstorage-journal
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_mysearch.avg.com_0.localstorage-journal
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_animeshow.tv_0.localstorage
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_animeshow.tv_0.localstorage-journal
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_daemon-tools-lite.en.softonic.com_0.localstorage
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_daemon-tools-lite.en.softonic.com_0.localstorage-journal
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wallycrawler.blogspot.com_0.localstorage
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_wallycrawler.blogspot.com_0.localstorage-journal
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage
File Found : C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.veoh.com_0.localstorage-journal
 
***** [ DLL ] *****
 
 
***** [ WMI ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
Key Found : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.GenericWnd.1
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.NativeApi.1
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Found : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Found : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
Key Found : HKLM\SOFTWARE\AVG Tuneup
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://mysearch.avg.com/?cid={0AC58702-90B1-4962-80A0-45AD8F07F804}&mid=761d572791d447cca1c7c141f721aad5-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=en&ds=AVG&coid=avgtbavg&cmpid=0615piz&pr=fr&d=2016-01-29 05:20:11&v=4.2.5.441&pid=wtu&sg=&sap=hp
Data Found : HKU\S-1-5-21-2921161366-2743848227-2758972168-1001\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxps://mysearch.avg.com/?cid={0AC58702-90B1-4962-80A0-45AD8F07F804}&mid=761d572791d447cca1c7c141f721aad5-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=en&ds=AVG&coid=avgtbavg&cmpid=0615piz&pr=fr&d=2016-01-29 05:20:11&v=4.2.5.441&pid=wtu&sg=&sap=hp
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : HKU\S-1-5-21-2921161366-2743848227-2758972168-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Data Found : HKU\S-1-5-21-2921161366-2743848227-2758972168-1001\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] - {95B7759C-8C7F-4BF1-B163-73684A933233}
Key Found : HKU\S-1-5-21-2921161366-2743848227-2758972168-1001\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\akamaihd.net
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\coupontime.co
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mysearch.avg.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\st.chatango.com
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\static.coupontime00.coupontime.co
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
 
***** [ Web browsers ] *****
 
[C:\Users\Stephen\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Found : ooebklgpfnbcnpokahmdidgbmlcdepkm
 
*************************
 
C:\AdwCleaner\AdwCleaner[S1].txt - [12610 bytes] - [07/05/2016 05:45:01]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [12684 bytes] ##########
 


BC AdBot (Login to Remove)

 


#2 olgun52

olgun52

  • Malware Response Team
  • 3,782 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:34 AM

Posted 12 May 2016 - 07:31 PM

Hello Alphenex and Welcome to the BleepingComputer. :welcome:  
 
My name is Yılmaz and I'll help you with the cleanup of malware from your computer.

Before we move on, please read the following points carefully.

  • Please complete all steps in the specified order.
  • Even if tools don't find malware, I want you to post the logfiles anyway.
  • Please copy and paste the logfiles directly into your posts. Please do not attach them unless you are instructed to do so.
  • Read the instructions carefully. If you have problems, stop what you  were doing and describe the problems you encountered as precisely as  you can.
  • Don't install or uninstall software during the cleanup unless you are told to do so.
  • Ensure your external and/or USB drives are inserted during always the scan.
  • If you can't answer for the next few days, please let me know. If  you haven't answered within 5 days, I am assuming that you don't need  help anymore and your topic will be closed.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
  • I can not guarantee that we will find and be able to remove all  malware. The cleaning process is not instant. Please continue to review  my answers until I tell you that your computer is clean
  • Please reply to this thread. Do not start a new topic
  • As my first language is not English, please do not use slang or idioms. It could be hard for me to understand.
  • Please open as administrator  the computer. How is open as administrator  the computer?
  • Disable your AntiVirus and AntiSpyware applications, as they will  interfere with our tools and the removal. If you are unsure how to do  this, please refer to get help here

Thanks
 
 
Adwcleaner software open again;

  • Click on Scan and follow the prompts.
  • Let it run unhindered.
  • When done, click on the Clean button, and follow the prompts.
  • Allow the system to reboot.
  • After that, you will then be presented with the report. Copy & Paste this report on your next reply.

    The report will be saved in the C:\AdwCleaner folder, as AdwCleaner[S0].txt.

===============================================================================
How is the PC now ? is there still issue ?


Best regards
 
paypal.gif
If you wish to show appreciation and support me personally fighting against malware, then you can consider a donation. Thank you. :thumbup2:
Malware fix forum
If I don't reply within 24 hours please PM me!

 


 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users