Recommended Posts

Howdy Shantel and welcome to BestTechie !!! My name is flashh4 (Chuck) and i will be assisting you with the cleaning of your computer.

If you don't understand something, please don't hesitate to ask for clarification before proceeding !!! You can PM me if you need to !!

So Do Not Remove anything or run any tools/programs until advised to do so ! Please stay with us until we give you the "All Clean Speech"! Just because the problem has stopped it may still need some clean-up ! Please note that all instructions given are customized for this computer only, the tools used may cause damage if used on a computer with different infections. If you think you have similar problems, please post a log in the Malware Removal forum and wait for help.

Please download adwcleaner by Xplode onto your desktop..

* Double click on AdwCleaner.exe to run the tool.

* Click on Search.

* A logfile will automatically open after the scan has finished.

* Please post the contents of that logfile with your next reply.

* You can find the logfile at C:\AdwCleaner[R1].txt as well.

NEXT

MALWAREBYTES with Pics:

Please download Malwarebytes' Anti-Malware to your desktop.

* Double-click mbam-setup.exe and follow the prompts to install the program.

* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

* If an update is found, it will download and install the latest version.

* Once the program has loaded, select Perform quick scan, then click Scan.

mbam-1.jpg

When the scan is complete, click OK, then Show Results to view the results.

scan-finished.jpg

* Then click Remove Selected .

* When completed, a log will open in Notepad. Please save it to a convenient location and post the results.

* Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.

Also please describe how your computer behaves at the moment.

Please don't attach the scans / logs, use "copy/paste".

NEXT

thisisujrt.gif Please download Junkware Removal Tool and save to your desk top.

Shut down your protection software (antivirus) now to avoid potential conflicts. If you do not know how i will assist you .

* Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".

* The tool will open and start scanning your system.

* Please be patient as this can take a while to complete depending on your system's specifications.

* On completion, a log (JRT.txt) is saved to your desktop and will automatically open.

* Post the contents of JRT.txt into your next reply !

Re-Boot your computer now !!

Post next in this topic:

1. AdwCleaner log

2. Malwarebytes log

3. Junkware log

Thanks

Chuck

You can do these at your pace & time !!

Stay with me till i give you the "All Clean" please !

Link to post
Share on other sites

# AdwCleaner v2.300 - Logfile created 05/01/2013 at 13:26:42

# Updated 28/04/2013 by Xplode

# Operating system : Windows Vista Home Premium Service Pack 2 (64 bits)

# User : Tyler & Shantel - TYLERSHANTE-PC

# Boot Mode : Normal

# Running from : C:\Users\Tyler & Shantel\Downloads\adwcleaner.exe

# Option [search]

***** [services] *****

Found : vToolbarUpdater14.2.0

***** [Files / Folders] *****

Folder Found : C:\Program Files (x86)\adawaretb

Folder Found : C:\Program Files (x86)\Ask.com

Folder Found : C:\Program Files (x86)\AVG Secure Search

Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search

Folder Found : C:\Program Files (x86)\Conduit

Folder Found : C:\Program Files (x86)\ConduitEngine

Folder Found : C:\Program Files (x86)\SelectRebates

Folder Found : C:\Program Files (x86)\TranslatorBar_5.2

Folder Found : C:\ProgramData\AVG Secure Search

Folder Found : C:\Users\Tyler & Shantel\AppData\Local\AVG Secure Search

Folder Found : C:\Users\Tyler & Shantel\AppData\LocalLow\adawaretb

Folder Found : C:\Users\Tyler & Shantel\AppData\LocalLow\AskToolbar

Folder Found : C:\Users\Tyler & Shantel\AppData\LocalLow\AVG Secure Search

Folder Found : C:\Users\Tyler & Shantel\AppData\LocalLow\Conduit

Folder Found : C:\Users\Tyler & Shantel\AppData\LocalLow\ConduitEngine

Folder Found : C:\Users\Tyler & Shantel\AppData\LocalLow\PriceGong

Folder Found : C:\Users\Tyler & Shantel\AppData\LocalLow\TranslatorBar_5.2

Folder Found : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

***** [Registry] *****

Key Found : HKCU\Software\APN

Key Found : HKCU\Software\AppDataLow\Software\AskToolbar

Key Found : HKCU\Software\AppDataLow\Software\Conduit

Key Found : HKCU\Software\AppDataLow\Software\conduitEngine

Key Found : HKCU\Software\AppDataLow\Software\conduitEngine

Key Found : HKCU\Software\AppDataLow\Software\PriceGong

Key Found : HKCU\Software\AppDataLow\Software\TranslatorBar_5.2

Key Found : HKCU\Software\AppDataLow\Toolbar

Key Found : HKCU\Software\Ask.com

Key Found : HKCU\Software\AVG Secure Search

Key Found : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\TranslatorBar_5.2 Toolbar

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{23256F20-0D9B-4323-B005-6E5DE569C4B7}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{23256F20-0D9B-4323-B005-6E5DE569C4B7}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKLM\Software\APN

Key Found : HKLM\Software\AskToolbar

Link to post
Share on other sites

Shantel, we will remove all that junk after i see the Malwarebytes log and the Junkware log !! Thanks Chuck

Malwarebytes Anti-Malware (Trial) 1.75.0.1300

www.malwarebytes.org

Database version: v2013.05.01.07

Windows Vista Service Pack 2 x64 NTFS

Internet Explorer 9.0.8112.16421

Tyler & Shantel :: TYLERSHANTE-PC [administrator]

Protection: Enabled

5/1/2013 2:28:56 PM

mbam-log-2013-05-01 (14-28-56).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 222459

Time elapsed: 16 minute(s), 11 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

(end)

Link to post
Share on other sites

Shantel, you are doing great ! Malwarebytes came back clean, thats good, now lets see how much junk is in the Junkware log ! The i will give you a fix to clean that crap out of the AdwCleaner log ! So run the Junkware program/tool & post results !!

Thanks

Chuck

Link to post
Share on other sites

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 4.9.3 (04.29.2013:2)

OS: Windows Vista Home Premium x64

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{30F9B915-B755-4826-820B-08FBA6BD249D}

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\AboutURLs\\Tabs

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440}

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}

Successfully deleted: [Registry Key] "hkey_current_user\software\apn"

Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\asktoolbar"

Successfully deleted: [Registry Key] "hkey_current_user\software\ask.com"

Successfully deleted: [Registry Key] "hkey_local_machine\software\apn"

Successfully deleted: [Registry Key] "hkey_local_machine\software\asktoolbar"

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\ask.com"

Successfully deleted: [Folder] "C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Wed 05/01/2013 at 15:13:38.78

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Link to post
Share on other sites

Shantel, thats not as bad as i thought it would be. Ok lets remove the crap in the AdwCleaner log !

AdwCleaner (should be on desktop)

This will clean out all that crap/junk found in the log !!

* Close all open programs and internet browsers.

* Double click on adwcleaner.exe to run the tool.

* Click on Delete.

* Confirm each time with Ok.

* You will be prompted to restart your computer. A text file will open after the restart.

* Please post the contents of that logfile with your next reply.

* You can find the logfile at C:\AdwCleaner[s1].txt as well.

Thanks

Chuck

Link to post
Share on other sites

Shantel, one last scan after i see the AdwCleaner log !

Lets hope this next one comes back clean !!!

ESET online scannner >>> http://www.eset.com/onlinescan/

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

1. Firstly please Disable any Antivirus you have active , as shown in This topic.

2. Note: Don't forget to re-enable it after the scan.

3. Next please click on the following link to open a new window to ESET online scannnerhttp://www.eset.com/us/online-scanner/features

4. Then click on:ESETONLINESCAN.gif

Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

5. Select the option YES, I accept the Terms of Use then click on:EOLS2.gif

6. When prompted allow the Add-On/Active X to install.

7. Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.

8. Now click on Advanced Settings and select the following:

* Scan for potentially unwanted applications

* Scan for potentially unsafe applications

* Enable Anti-Stealth Technology

9. Now click on:EOLS3.gif

10. The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.

11. When completed the Online Scan will begin automatically.

12. Do not touch either the mouse or keyboard during the scan otherwise it may stall.

13. When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!

14. Now click on: EOLS4.gif

15. Use notepad to open the log file located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.

or may be ESETSmartInstaller@High as CAB hook log:

16. Copy and paste that log as a reply to this topic.

How is it running now ??? Is any of the problems still there ?? It will be a little slow until it re-boots a few times !

You can delete/remove any tools/programs we used in the cleaning !

Chuck

Link to post
Share on other sites

# AdwCleaner v2.300 - Logfile created 05/01/2013 at 16:24:07

# Updated 28/04/2013 by Xplode

# Operating system : Windows Vista Home Premium Service Pack 2 (64 bits)

# User : Tyler & Shantel - TYLERSHANTE-PC

# Boot Mode : Normal

# Running from : C:\Users\Tyler & Shantel\Desktop\adwcleaner.exe

# Option [Delete]

***** [services] *****

Stopped & Deleted : vToolbarUpdater14.2.0

***** [Files / Folders] *****

Deleted on reboot : C:\Program Files (x86)\AVG Secure Search

Deleted on reboot : C:\Program Files (x86)\Common Files\AVG Secure Search

Deleted on reboot : C:\Program Files (x86)\TranslatorBar_5.2

Deleted on reboot : C:\ProgramData\AVG Secure Search

Deleted on reboot : C:\Users\Tyler & Shantel\AppData\Local\AVG Secure Search

Deleted on reboot : C:\Users\Tyler & Shantel\AppData\LocalLow\adawaretb

Deleted on reboot : C:\Users\Tyler & Shantel\AppData\LocalLow\AskToolbar

Deleted on reboot : C:\Users\Tyler & Shantel\AppData\LocalLow\AVG Secure Search

Deleted on reboot : C:\Users\Tyler & Shantel\AppData\LocalLow\Conduit

Deleted on reboot : C:\Users\Tyler & Shantel\AppData\LocalLow\ConduitEngine

Deleted on reboot : C:\Users\Tyler & Shantel\AppData\LocalLow\PriceGong

Deleted on reboot : C:\Users\Tyler & Shantel\AppData\LocalLow\TranslatorBar_5.2

***** [Registry] *****

Key Deleted : HKCU\Software\AppDataLow\Software\TranslatorBar_5.2

Key Deleted : HKCU\Software\AVG Secure Search

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\TranslatorBar_5.2 Toolbar

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{23256F20-0D9B-4323-B005-6E5DE569C4B7}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{23256F20-0D9B-4323-B005-6E5DE569C4B7}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\Software\AVG Secure Search

Key Deleted : HKLM\Software\AVG Security Toolbar

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj

Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{73173E63-89E7-499F-BAC9-C4BBDB59B574}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Key Deleted : HKLM\Software\TranslatorBar_5.2

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{23256F20-0D9B-4323-B005-6E5DE569C4B7}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{73173E63-89E7-499F-BAC9-C4BBDB59B574}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{761F6A83-F007-49E4-8EAC-CDB6808EF06F}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{76C45B18-A29E-43EA-AAF8-AF55C2E1AE17}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{96EF404C-24C7-43D0-9096-4CCC8BB7CCAC}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97720195-206A-42AE-8E65-260B9BA5589F}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{97D69524-BB57-4185-9C7F-5F05593B771A}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{986F7A5A-9676-47E1-8642-F41F8C3FCF82}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B18788A4-92BD-440E-A4D1-380C36531119}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{513DAFFF-18ED-461E-9872-64FADFF68B05}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{23256F20-0D9B-4323-B005-6E5DE569C4B7}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

Key Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\TranslatorBar_5.2 Toolbar

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{23256F20-0D9B-4323-B005-6E5DE569C4B7}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{23256F20-0D9B-4323-B005-6E5DE569C4B7}]

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{23256F20-0D9B-4323-B005-6E5DE569C4B7}]

Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]

Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

Value Deleted : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{98279C38-DE4B-4BCF-93C9-8EC26069D6F4}]

***** [internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16476

[OK] Registry is clean.

*************************

AdwCleaner[R1].txt - [15595 octets] - [01/05/2013 13:26:42]

AdwCleaner[R2].txt - [15656 octets] - [01/05/2013 13:31:24]

AdwCleaner[s1].txt - [10544 octets] - [01/05/2013 16:24:07]

########## EOF - C:\AdwCleaner[s1].txt - [10605 octets] ##########

Link to post
Share on other sites

Shantel, sorry i missed your last post !

ESET online scannner >>> http://www.eset.com/onlinescan/

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

1. Next please click on the following link to open a new window to ESET online scannnerhttp://www.eset.com/us/online-scanner/features

2. Then click on:ESETONLINESCAN.gif

Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

5. Select the option YES, I accept the Terms of Use then click on:EOLS2.gif

6. When prompted allow the Add-On/Active X to install.

7. Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.

8. Now click on Advanced Settings and select the following:

* Scan for potentially unwanted applications

* Scan for potentially unsafe applications

* Enable Anti-Stealth Technology

9. Now click on:EOLS3.gif

10. The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.

11. When completed the Online Scan will begin automatically.

12. Do not touch either the mouse or keyboard during the scan otherwise it may stall.

13. When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!

14. Now click on: EOLS4.gif

15. Use notepad to open the log file located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.

or may be ESETSmartInstaller@High as CAB hook log:

16. Copy and paste that log as a reply to this topic.

Also let me know how it's running & if the problems seem gone !!

Thanks

Chuck

Link to post
Share on other sites

Got a PM from shantel that ESET came back clean & happy with running of her computer ! I am closing this topic,all others please start another topic, if this needs re-opened contact me or another Mod !

Chuck

Link to post
Share on other sites
Guest
This topic is now closed to further replies.