Solved Google chrome keeps opening by itself with ads

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Jjohn00

Thread Starter
Joined
Jun 10, 2016
Messages
17
So I downloaded a torrent a while ago (stupid idea) which turned out to be a virus. I ran like three different scanners and got rid of most. Now all that's left are 2 problems.. what I mentioned above: Google chrome opens automatically interrupting any other apps or programs im on or working with, and opens into unwanted ads and tabs and those annoying virus removal automated voice messages. I have to close out some pop up dialogue boxes and close out chrome. I tried uninstalling chrome and just so about every 20 minutes a dialogue box pops up that says this: "This file does not have a program associated with it for performing this action. Please install a program or, if one is already installed, create an association in the Default Programs control panel.". I then went onto locate the process that related to the dialogue box and i went into open folder location... It turned out to be cmd.exe.... My second problem is that svchost.exe is taking up over 400k memory (and there is another svchost.exe taking about 100k.) I tried resetting google chrome, running a full ad aware AND AVG anti virus scan through the system and to no avail. Please help! Thank you, I'm completely out of options here.. Sorry if this was really long =/

*The picture of the dialogue box is attached. AND a hijackthis log is attached as well

HIJACKTHIS LOG:

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 5:14:22 PM, on 6/10/2016
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18315)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe
C:\Program Files (x86)\NETGEAR\A6200\A6200.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
D:\Program Files (x86)\RocketDock\RocketDock.exe
D:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Windows\SysWOW64\cmd.exe
D:\Program Files (x86)\Origin\Origin.exe
D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Users\Skyborn\AppData\Local\MyComGames\MyComGames.exe
C:\Users\Skyborn\AppData\Local\MyComGames\MyComGames.exe
D:\Program Files (x86)\Steam\steamapps\common\Spatial Sound Card\Spatial Sound Card.exe
C:\Program Files (x86)\Bandicam\bdcam.exe
D:\Program Files (x86)\update\realsched.exe
C:\Users\Skyborn\Downloads\HijackThis (1).exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE07&ocid=UE07DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Web TuneUp - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Web TuneUp\4.3.1.831\AVG Web TuneUp.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O4 - HKLM\..\Run: [RealDownloader] C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
O4 - HKLM\..\Run: [AvgUi] "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\Av\avuirunnerx.exe" C:\Program Files (x86)\AVG\Av\avgui.exe
O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files (x86)\update\realsched.exe" -osboot
O4 - HKLM\..\RunOnce: [systwin] "systwin.exe"
O4 - HKCU\..\Run: [RocketDock] "D:\Program Files (x86)\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Steam] "D:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [MyComGames] "C:\Users\Skyborn\AppData\Local\MyComGames\MyComGames.exe" -autostart
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Rainmeter.lnk = D:\Program Files\Rainmeter\Rainmeter.exe
O4 - Startup: Verizon Wireless Software Utility Application for Android - Samsung.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device Service - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASGT - Unknown owner - C:\Windows\SysWOW64\ASGT.exe
O23 - Service: AvgAMPS - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgamps.exe
O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgfwsa.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
O23 - Service: AVG Service (avgsvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BitRaider Mini-Support Service Stub Loader (BRSptStub) - BitRaider, LLC - C:\ProgramData\BitRaider\BRSptStub.exe
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: Bukefeoe - Unknown owner - C:\Users\Skyborn\AppData\Roaming\AiibeXecla\Lydxig.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: NVIDIA GeForce Experience Service (GfExperienceService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.10.767.8917\AdAwareService.exe
O23 - Service: LavasoftTcpService - Lavasoft Limited - C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Network Service (NvNetworkService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
O23 - Service: NVIDIA Streamer Network Service (NvStreamNetworkSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - D:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
O23 - Service: RealTimes Desktop Service - RealNetworks, Inc. - D:\Program Files (x86)\RPDS\Bin\rpdsvc.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
O23 - Service: Survarium-Steam Update Service - Unknown owner - D:\Program Files (x86)\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe
O23 - Service: Airytec Switch Off - Task Scheduler (SwOffScheduler) - Airytec - C:\Program Files\Airytec\Switch Off\swoff.exe
O23 - Service: Airytec Switch Off - Web Interface (SwOffWeb) - Airytec - C:\Program Files\Airytec\Switch Off\swoff.exe
O23 - Service: TeamViewer 11 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: AVG PC TuneUp Service (TuneUp.UtilitiesSvc) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: vToolbarUpdater40.3.1 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\40.3.1\ToolbarUpdater.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: NETGEAR A6200 Service (WNDA6200) - Unknown owner - C:\Program Files (x86)\NETGEAR\A6200\WifiService.exe
O23 - Service: WtuSystemSupport - Unknown owner - C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe

--
End of file - 13918 bytes
 

Attachments

askey127

Malware Specialist
Joined
Dec 22, 2006
Messages
3,721
Hi Jjohn00,
We will need the logs from a more modern scanner to evaluate your system.
Let's get started.
-----------------------------------------------------------
Download and Run the Farbar Scan Tool
  • Download FRST64 and save to your Desktop.
  • Double click Frst64.exe to launch it.
  • FRST64 will start to run.
    • When the tool opens click Yes to disclaimer.
    • Press the Scan button.
    • When finished scanning, 2 logs will open on your Desktop, FRST.txt and Addition.txt
    • Please post them in your next reply.
If you lose track of them, they will be saved in the same location as FRST64.exe
Feel free to use separate replies if it's more convenient.

Also, please tell me about your need for Team Viewer.
askey127
 

askey127

Malware Specialist
Joined
Dec 22, 2006
Messages
3,721
If there is no reply within 48 hours, I will stop following this thread.
 

Jjohn00

Thread Starter
Joined
Jun 10, 2016
Messages
17
Sorry for the late reply askey127, I use Team viewer to establish connection between my smart phone and pc incase i need to do to work on my desktop when im outside. i will upload the results in 2 minutes..
 

askey127

Malware Specialist
Joined
Dec 22, 2006
Messages
3,721
Jjohn00,
From here on until we are done, please don't scan, install, or uninstall anything unless I ask. - Thanks.
This helps keep track of what's on there.
-----------------------------------------------
It's really important, if you value your PC at all, to stay away from P2P file sharing programs, like ?Torrent, Bearshare, Bittorrent, BitComet, Azureus, Frostwire, Vuze, Shareaza, Bitlord.
There are NO Safe ones.
Criminals have "planted" thousands upon thousands of infections in the shared torrent files.
Virtually all of these recent infections will compromise your Security, and some can turn your machine into a useless "doorstop".

------------------------------------------------
Remove Programs Using Control Panel
From Start, Control Panel, click on Programs and Features
Click each Entry, as follows, one by one, if it exists, choose Uninstall, and give permission to Continue:

Ad-Aware Antivirus
AdAwareUpdater
AVG Web TuneUp
AVG PC TuneUp
BitTorrent
Google Update Helper
Spybot - Search & Destroy
Web Companion

Take extra care in answering questions posed by any Uninstaller.
Let me know of any that do not Uninstall properly.
-----------------------------------------------------------
REBOOT (RESTART) Your Machine

--------------------------------------------------------
Run A Fix With FRST
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both the program FRST64.exe and Fixlist.txt be in the same location, or the fix will not work.
(Both on the Desktop is OK, or both in the same folder elsewhere)

Run FRST64 and press the FIX button just once, and wait. DO NOT PRESS THE SCAN BUTTON.
If for some reason the tool needs a restart, please make sure you let the system restart normally.
The tool may start automatically and complete its work after the system restart. Let the tool complete its run.
When finished, FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents in your reply.

askey127
 

Attachments

Jjohn00

Thread Starter
Joined
Jun 10, 2016
Messages
17
I was not able to locate adawareupdater nor google update helper.. I deleted everything else mentioned and just restarted the PC. Will be posting contents soon..
 

Jjohn00

Thread Starter
Joined
Jun 10, 2016
Messages
17
Fix result of Farbar Recovery Scan Tool (x64) Version:12-06-2016 01
Ran by Skyborn (2016-06-12 16:13:12) Run:1
Running from C:\Users\Skyborn\Downloads
Loaded Profiles: Skyborn (Available Profiles: Skyborn)
Boot Mode: Normal
==============================================

fixlist content:
*****************
EmptyTemp:
Cmd: ipconfig /flushdns
Task: {240B66EC-A76F-4B03-A122-0934F0F37F0A} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {4D92CE5E-C436-4266-AB5E-BB16BDC33853} - System32\Tasks\VirusRemover => C:\Users\Skyborn\AppData\Local\Temp\VirusRemover.exe [2016-06-11] ( ) <==== ATTENTION
Task: {5B3236EF-2311-46DB-BDD9-F4307AE4B532} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2015-06-16] (Safer-Networking Ltd.)
Task: {7485D5A0-077F-4982-9C78-854D5D2B1162} - System32\Tasks\e02c4bd5-54d5-4470-9ea0-a68d88112c00 => C:\Users\Skyborn\AppData\Roaming\QuickCleaner\QuickCleaner.exe <==== ATTENTION
Task: {81711A71-F647-4B93-8E54-4B44AEB55A68} - System32\Tasks\AdBlock => C:\Windows\AdBlock.exe [2016-06-11] ( ) <==== ATTENTION
Task: {6F678DBC-F104-4E60-813F-331C1BA8050F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2016-06-01] (AVG Technologies CZ, s.r.o.)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {C8C6B6C7-77C1-4504-BC4F-7B909BE41666} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {D3D9DDF0-F104-426D-B61E-77562562D07E} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {DCBA09A6-EE94-4FC5-A81F-E87A079C0C08} - System32\Tasks\AVG-SSU_0616tb_RML => C:\ProgramData\Avg_Update_0616tb\AVG-Secure-Search-Update_0616tb.exe [2016-06-11] ()
Task: {E5AF1AC5-4BE8-4443-B8B0-F1560B9290BA} - System32\Tasks\AVG-SSU_0616tb => C:\ProgramData\Avg_Update_0616tb\AVG-Secure-Search-Update_0616tb.exe [2016-06-11] ()
Task: {F0076F23-0754-4E6E-B5DB-C79896C2D848} - System32\Tasks\AVG-SSU_0616tb_DELETE => C:\ProgramData\Avg_Update_0616tb\AVG-Secure-Search-Update_0616tb.exe [2016-06-11] ()
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: C:\Windows\Tasks\AVG-SSU_0616tb.job => C:\ProgramData\Avg_Update_0616tb\AVG-Secure-Search-Update_0616tb.exe
Task: C:\Windows\Tasks\AVG-SSU_0616tb_DELETE.job => C:\ProgramData\Avg_Update_0616tb\AVG-Secure-Search-Update_0616tb.exe
Task: C:\Windows\Tasks\AVG-SSU_0616tb_RML.job => C:\ProgramData\Avg_Update_0616tb\AVG-Secure-Search-Update_0616tb.exe
C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus
C:\Program Files (x86)\Spybot - Search & Destroy 2
FirewallRules: [{20D81DAB-7629-4C5B-B13C-E1F2C8469B85}] => (Allow) C:\Users\Skyborn\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{33CF1554-8899-4DAF-817C-E9EF28CD1B89}] => (Allow) C:\Users\Skyborn\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{DD3D342D-5601-40E2-B957-4BED6078C727}] => (Allow) C:\Users\Skyborn\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{2DEEC810-083D-4DE3-B0C7-36BC0F6627F0}] => (Allow) C:\Users\Skyborn\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{3B7E214B-AE0D-4576-9F00-7DA678ABF398}] => (Allow) C:\Users\Skyborn\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{35B4E56C-49E5-43ED-BD3A-612954FE83CA}] => (Allow) C:\Users\Skyborn\AppData\Roaming\BitTorrent\BitTorrent.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
CreateRestorePoint:
CloseProcesses:


*****************


========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{240B66EC-A76F-4B03-A122-0934F0F37F0A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{240B66EC-A76F-4B03-A122-0934F0F37F0A}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTask" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\ConfigNotification" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D92CE5E-C436-4266-AB5E-BB16BDC33853}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D92CE5E-C436-4266-AB5E-BB16BDC33853}" => key removed successfully
C:\Windows\System32\Tasks\VirusRemover => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\VirusRemover" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B3236EF-2311-46DB-BDD9-F4307AE4B532} => key not found.
C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Check for updates => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7485D5A0-077F-4982-9C78-854D5D2B1162}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7485D5A0-077F-4982-9C78-854D5D2B1162}" => key removed successfully
C:\Windows\System32\Tasks\e02c4bd5-54d5-4470-9ea0-a68d88112c00 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\e02c4bd5-54d5-4470-9ea0-a68d88112c00" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{81711A71-F647-4B93-8E54-4B44AEB55A68}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81711A71-F647-4B93-8E54-4B44AEB55A68}" => key removed successfully
C:\Windows\System32\Tasks\AdBlock => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdBlock" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F678DBC-F104-4E60-813F-331C1BA8050F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F678DBC-F104-4E60-813F-331C1BA8050F}" => key removed successfully
C:\Windows\System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVGPCTuneUp_Task_BkGndMaintenance" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8C6B6C7-77C1-4504-BC4F-7B909BE41666} => key not found.
C:\Windows\System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Scan the system => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D3D9DDF0-F104-426D-B61E-77562562D07E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3D9DDF0-F104-426D-B61E-77562562D07E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DCBA09A6-EE94-4FC5-A81F-E87A079C0C08} => key not found.
C:\Windows\System32\Tasks\AVG-SSU_0616tb_RML => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG-SSU_0616tb_RML => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E5AF1AC5-4BE8-4443-B8B0-F1560B9290BA} => key not found.
C:\Windows\System32\Tasks\AVG-SSU_0616tb => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG-SSU_0616tb => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F0076F23-0754-4E6E-B5DB-C79896C2D848} => key not found.
C:\Windows\System32\Tasks\AVG-SSU_0616tb_DELETE => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVG-SSU_0616tb_DELETE => key not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector" => key removed successfully
C:\Windows\Tasks\AVG-SSU_0616tb.job => not found.
C:\Windows\Tasks\AVG-SSU_0616tb_DELETE.job => not found.
C:\Windows\Tasks\AVG-SSU_0616tb_RML.job => not found.
C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus => moved successfully
C:\Program Files (x86)\Spybot - Search & Destroy 2 => moved successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{20D81DAB-7629-4C5B-B13C-E1F2C8469B85} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{33CF1554-8899-4DAF-817C-E9EF28CD1B89} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DD3D342D-5601-40E2-B957-4BED6078C727} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2DEEC810-083D-4DE3-B0C7-36BC0F6627F0} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3B7E214B-AE0D-4576-9F00-7DA678ABF398} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{35B4E56C-49E5-43ED-BD3A-612954FE83CA} => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe => value not found.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe => value not found.
Restore point was successfully created.
Processes closed successfully.
EmptyTemp: => 1.6 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 16:15:09 ====
 

askey127

Malware Specialist
Joined
Dec 22, 2006
Messages
3,721
Jjohn00,
We WILL get this garbage out of here.

We have to disaable AVG before running AdwCleaner, because AdwCleaner removes the AVG's Adware Toolbar, and AVG wants to retaliate and protect its adware income .
AVG calls it a "security" toolbar!!
-------------------------------------------------------------
DISABLE AVG
Please open the AVG Control Center program by double-clicking on the "AVG Resident Shield" component. (looks like this:
) in the system tray.
  • Deselect the "Turn on AVG Resident Shield" checkmark and save the setting.
AVG Resident shield should be disabled.
When you need to enable the AVG Resident Shield again, just open the AVG Control Center program, double-click on the "AVG Resident Shield" component and select the "Turn on AVG Resident Shield" checkmark and save the setting.

-------------------------------------------------------------
AdwCleaner Download and Run
Download AdwCleaner and save it to your desktop or somewhere you can find it.
Take care NOT to click on any ad, like from PC Optimizer Pro. The correct link is the button labeled "Download from Bleeping Computer".
NOTE:
If using Internet Explorer and you get an alert that stops the program downloading, click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

Close your browser and double click the AdwCleaner icon on your desktop.
  • Click on the Scan button, accept any prompts that appear, and allow it to run.
    It may take several minutes to complete.
  • When it is done, the Scan button will be dimmed down, and it will wait for you to make any exceptions to its suggested removals. Don't make any exceptions or uncheck anything
  • Click on the Clean button, accept any prompts that appear, and allow the system to Reboot.
  • You will then be presented with the report. Copy & Paste it into a reply here.
  • If you lose track of the log, it is saved in this folder C:\AdwCleaner\
    The filename will be adwcleaner[xx].txt, where [xx] will be S1, or S2, etc. whichever filename is newest.

-----------------------------------------------------------
Run a New Scan With the Farbar Scan Tool
  • Double click FRST64.exe on your desktop to launch it.
  • When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • When finished scanning, a new version of the log FRST.txt will be saved on your Desktop and opened in Notepad.
  • Please post the contents in your next reply.

You can re-enable AVG after posting the AdwCleaner log and the new FRST log
askey127
 

Jjohn00

Thread Starter
Joined
Jun 10, 2016
Messages
17
Thank you so much for your continued support in this issue!


# AdwCleaner v5.112 - Logfile created 18/04/2016 at 17:15:44
# Updated 17/04/2016 by Xplode
# Database : 2016-04-17.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Skyborn - BOOMBOX
# Running from : C:\Users\Skyborn\Downloads\adwcleaner_5.112.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : bsdriver
[-] Service Deleted : cherimoya
[-] Service Deleted : MPCProtectService
[-] Service Deleted : MPCKpt
[-] Service Deleted : CloudPrinter
[-] Service Deleted : LavasoftTcpService
[-] Service Deleted : ProntSpooler
[-] Service Deleted : 000B468D-5A8E-48E9-9F8F-906DA23518D5
[-] Service Deleted : cylidesezbt
[-] Service Deleted : rijufoze
[-] Service Deleted : rocufyky

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files\Windows Screen Manager
[-] Folder Deleted : C:\Program Files\ktip
[-] Folder Deleted : C:\Program Files (x86)\DNS Unlocker
[-] Folder Deleted : C:\Program Files (x86)\Itibiti Soft Phone
[#] Folder Deleted : C:\Program Files (x86)\MPC Cleaner
[-] Folder Deleted : C:\Program Files (x86)\Note-up
[-] Folder Deleted : C:\Program Files (x86)\SystemHealer
[-] Folder Deleted : C:\Program Files (x86)\WindoWeather
[-] Folder Deleted : C:\Program Files (x86)\Hostify
[-] Folder Deleted : C:\Program Files (x86)\lavasoft\web companion
[-] Folder Deleted : C:\Program Files (x86)\WizzWifiHotspot
[-] Folder Deleted : C:\Program Files (x86)\03000200-1461011284-0500-0006-000700080009
[-] Folder Deleted : C:\Program Files (x86)\sunnyday
[-] Folder Deleted : C:\ProgramData\WindoWeatherConfig
[-] Folder Deleted : C:\ProgramData\CloudPrinter
[-] Folder Deleted : C:\ProgramData\Konksolex
[-] Folder Deleted : C:\ProgramData\lavasoft\web companion
[-] Folder Deleted : C:\ProgramData\5f77ebf7-0207-1
[-] Folder Deleted : C:\ProgramData\5f77ebf7-09c3-0
[-] Folder Deleted : C:\ProgramData\f5d60e95-4f11-1
[-] Folder Deleted : C:\ProgramData\f5d60e95-7c61-0
[#] Folder Deleted : C:\ProgramData\Application Data\WindoWeatherConfig
[#] Folder Deleted : C:\ProgramData\Application Data\CloudPrinter
[#] Folder Deleted : C:\ProgramData\Application Data\Konksolex
[#] Folder Deleted : C:\ProgramData\Application Data\lavasoft\web companion
[#] Folder Deleted : C:\ProgramData\Application Data\5f77ebf7-0207-1
[#] Folder Deleted : C:\ProgramData\Application Data\5f77ebf7-09c3-0
[#] Folder Deleted : C:\ProgramData\Application Data\f5d60e95-4f11-1
[#] Folder Deleted : C:\ProgramData\Application Data\f5d60e95-7c61-0
[#] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Healer
[-] Folder Deleted : C:\Users\Skyborn\AppData\Local\BrowserAir
[-] Folder Deleted : C:\Users\Skyborn\AppData\Local\csdi_monetize_220160418
[-] Folder Deleted : C:\Users\Skyborn\AppData\Local\csdi_monetize_320160418
[-] Folder Deleted : C:\Users\Skyborn\AppData\Local\Temp\MPC
[-] Folder Deleted : C:\Users\Skyborn\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}
[-] Folder Deleted : C:\Users\Skyborn\AppData\Roaming\Nosibay
[-] Folder Deleted : C:\Users\Skyborn\AppData\Roaming\Note-up
[-] Folder Deleted : C:\Users\Skyborn\AppData\Roaming\NUIns
[-] Folder Deleted : C:\Users\Skyborn\AppData\Roaming\System Healer
[-] Folder Deleted : C:\Users\Skyborn\AppData\Roaming\lavasoft\web companion
[-] Folder Deleted : C:\Users\Skyborn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bubble Dock
[-] Folder Deleted : C:\Users\Skyborn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WindoWeather

***** [ Files ] *****

[-] File Deleted : C:\END
[-] File Deleted : C:\Users\Public\Desktop\Knctr.lnk
[-] File Deleted : C:\Users\Public\Desktop\Launch System Healer.lnk
[#] File Deleted : C:\Users\Public\Desktop\MPC Cleaner.lnk
[-] File Deleted : C:\Users\Skyborn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_xoncisfktn-a.akamaihd.net_0.localstorage
[-] File Deleted : C:\Users\Skyborn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_xoncisfktn-a.akamaihd.net_0.localstorage-journal
[-] File Deleted : C:\Users\Skyborn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_d2m2wsoho8qq12.cloudfront.net_0.localstorage
[-] File Deleted : C:\Users\Skyborn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_d2m2wsoho8qq12.cloudfront.net_0.localstorage-journal
[-] File Deleted : C:\Users\Skyborn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_en.softonic.com_0.localstorage
[-] File Deleted : C:\Users\Skyborn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_en.softonic.com_0.localstorage-journal
[-] File Deleted : C:\Users\Skyborn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_nps.pastaleads.com_0.localstorage
[-] File Deleted : C:\Users\Skyborn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_nps.pastaleads.com_0.localstorage-journal
[-] File Deleted : C:\Users\Skyborn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
[-] File Deleted : C:\Users\Skyborn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
[-] File Deleted : C:\Users\Skyborn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] File Deleted : C:\Users\Skyborn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] File Deleted : C:\Users\Skyborn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
[-] File Deleted : C:\Users\Skyborn\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
[-] File Deleted : C:\Users\Skyborn\AppData\Roaming\Bubble Dock.boostrap.log
[-] File Deleted : C:\Users\Skyborn\AppData\Roaming\Bubble Dock.installation.log
[-] File Deleted : C:\Users\Skyborn\AppData\Roaming\WindApp.boostrap.log
[-] File Deleted : C:\Users\Skyborn\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Knctr.lnk
[-] File Deleted : C:\Users\Skyborn\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Note-Up.lnk
[-] File Deleted : C:\Users\Skyborn\Desktop\Note-Up.lnk
[-] File Deleted : C:\Users\Skyborn\Desktop\Hostify.lnk
[-] File Deleted : C:\Users\Skyborn\Desktop\WizzWifiHotspot.lnk
[-] File Deleted : C:\Windows\SysNative\LavasoftTcpService64.dll
[-] File Deleted : C:\Windows\SysNative\LavasoftTcpServiceOff.ini
[#] File Deleted : C:\Windows\SysNative\drivers\bsdriver.sys
[#] File Deleted : C:\Windows\SysNative\drivers\cherimoya.sys
[#] File Deleted : C:\Windows\SysNative\drivers\MPCKpt.sys
[-] File Deleted : C:\Windows\SysWOW64\lavasofttcpservice.dll
[-] File Deleted : C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : SystemHealer Monitor
[-] Task Deleted : SystemHealer Run Delay
[-] Task Deleted : System HealerPeriod

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\DesktopBackground\Shell\Add event reminder
[-] Key Deleted : HKLM\SOFTWARE\Classes\Directory\Background\shell\Add event reminder
[-] Key Deleted : HKLM\SOFTWARE\Classes\Directory\shell\Add event reminder
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [ExploreTech.exe]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [WindoWeather.exe]
[-] Key Deleted : HKCU\Software\3caeb26764675258d8d8c075e5b9b6a9
[-] Key Deleted : HKLM\SOFTWARE\5da059a482fd494db3f252126fbc3d5b
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{425F4ABF-B8E4-402D-9E49-06E494EB8DBF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7D8DAE88-BC05-4578-8C29-E541FFBA5757}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9582D7B-F24A-441D-9D26-450D58F3CD17}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE0D8859-2ED4-4B0D-9812-16865B9AFD65}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{14EF423E-3EE8-44AE-9337-07AC3F27B744}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\BrowserAir
[-] Key Deleted : HKCU\Software\Myfree Codec
[-] Key Deleted : HKCU\Software\Nosibay
[-] Key Deleted : HKCU\Software\System Healer
[-] Key Deleted : HKCU\Software\MICROSOFT\IDSC
[-] Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\WindoWeather
[-] Key Deleted : HKLM\SOFTWARE\MPC
[-] Key Deleted : HKLM\SOFTWARE\Myfree Codec
[-] Key Deleted : HKLM\SOFTWARE\WindoWeather
[-] Key Deleted : HKLM\SOFTWARE\Lavasoft\Web Companion
[-] Key Deleted : HKLM\SOFTWARE\Wizzlabs
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E1527582-8509-4011-B922-29E3FB548882}_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ASPackage
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Note-up
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NUIns
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SystemHealer
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindoWeather
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Hostify_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wizzwifihotspot_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\sunnyday_is1
[-] Key Deleted : [x64] HKLM\SOFTWARE\BrowserAir
[-] Key Deleted : [x64] HKLM\SOFTWARE\SearchModule
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Features\4E30E037E0535E84D9E3349209D354D4
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\Products\4E30E037E0535E84D9E3349209D354D4
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4E30E037E0535E84D9E3349209D354D4
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKU\S-1-5-21-4201465586-9520405-1503053096-1000\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{8008953F-6715-45D7-89A9-5A269EF6420C}]
[-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{590779C6-1F4F-45E7-8CA2-CC295EC8F735}]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{13352326-6CEC-4F87-BF03-D5EC18F62433}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\pastaleads.com
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Note-up]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [WindoWeather]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\Web Companion
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [WizzWifiHotspot]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce [WizzWifiHotspot]

***** [ Web browsers ] *****


*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [12616 bytes] - [18/04/2016 17:15:44]
C:\AdwCleaner\AdwCleaner[S1].txt - [9977 bytes] - [18/04/2016 16:43:08]
C:\AdwCleaner\AdwCleaner[S2].txt - [14587 bytes] - [18/04/2016 16:53:09]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [12837 bytes] ##########
# AdwCleaner v5.119 - Logfile created 12/06/2016 at 17:49:43
# Updated 30/05/2016 by Xplode
# Database : 2016-06-12.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Skyborn - BOOMBOX
# Running from : C:\Users\Skyborn\Downloads\AdwCleaner.exe
# Option : Clean
# Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : LavasoftTcpService
[-] Service Deleted : SearchProtectionService

***** [ Folders ] *****

[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Folder Deleted : C:\Program Files (x86)\lavasoft\web companion
[-] Folder Deleted : C:\Users\Skyborn\AppData\Local\WikiZ
[-] Folder Deleted : C:\Users\Skyborn\AppData\Local\QuickCleaner
[-] Folder Deleted : C:\Users\Skyborn\AppData\Local\WINTUNEPRO
[-] Folder Deleted : C:\Users\Skyborn\AppData\Roaming\QuickCleaner
[-] Folder Deleted : C:\Users\Skyborn\AppData\Local\app
[-] Folder Deleted : C:\uninst

***** [ Files ] *****

[-] File Deleted : C:\Windows\AdBlock.exe
[-] File Deleted : C:\Windows\systwin.exe
[-] File Deleted : C:\Windows\SysWOW64\lavasofttcpservice.dll
[-] File Deleted : C:\Windows\SysWOW64\LavasoftTcpServiceOff.ini
[-] File Deleted : C:\Windows\SysNative\LavasoftTcpService64.dll
[-] File Deleted : C:\Windows\SysNative\LavasoftTcpServiceOff.ini

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\3caeb26764675258d8d8c075e5b9b6a9
[-] Key Deleted : HKLM\SOFTWARE\Classes\OCComSDK.ComSDK
[-] Key Deleted : HKLM\SOFTWARE\Classes\OCComSDK.ComSDK.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0015CAC9-FC30-4CD0-BFAA-7412CC2C4DD9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26C7AFDB-3690-449E-B979-B0AF5CC56DD4}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A5A5381-DAAF-4C0D-B032-2C66B3EE4A8D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{472EF1D2-4AAE-470D-AE85-6AF8177916FD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8F010D54-C023-457F-AF03-497EACB6D519}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9A754403-27B1-4ED7-96D7-588F07888EBF}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CB31FF8F-BF80-4D2B-ADBE-12C6F5347890}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCAA532B-E807-4027-940C-BA16B9D50105}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B9D64D3B-BE75-4FA2-B94A-C4AE772A0146}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{ED62BC6E-64F1-46BE-866F-4C8DC0DF7057}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\IM
[-] Key Deleted : HKCU\Software\Myfree Codec
[-] Key Deleted : HKCU\Software\INSTALLPATH\STATUS
[-] Key Deleted : HKCU\Software\Rtp
[-] Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
[-] Key Deleted : HKLM\SOFTWARE\Myfree Codec
[-] Key Deleted : HKLM\SOFTWARE\SearchModule
[-] Key Deleted : HKLM\SOFTWARE\Lavasoft\Web Companion
[-] Key Deleted : HKLM\SOFTWARE\MIITS LLC
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[-] Key Deleted : [x64] HKLM\SOFTWARE\SearchModule
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\{94ebd7b5-82ae-449t-b679-3d04078ed154}
[-] Key Deleted : [x64] HKLM\SOFTWARE\DataHelper
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MsConfig\StartupReg\Web Companion
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce [systwin]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce [AdBlock2]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\services\SearchProtectionService

***** [ Web browsers ] *****

[-] [C:\Users\Skyborn\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : spider-man-3-trailer.en.softonic.com
[-] [C:\Users\Skyborn\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : jfkmed.jobscience.com

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [18022 bytes] - [18/04/2016 17:15:44]
C:\AdwCleaner\AdwCleaner[C2].txt - [6964 bytes] - [18/04/2016 22:30:09]
C:\AdwCleaner\AdwCleaner[C3].txt - [1913 bytes] - [18/04/2016 22:55:16]
C:\AdwCleaner\AdwCleaner[C4].txt - [2028 bytes] - [19/04/2016 00:38:03]
C:\AdwCleaner\AdwCleaner[S10].txt - [338 bytes] - [19/04/2016 00:49:18]
C:\AdwCleaner\AdwCleaner[S11].txt - [1972 bytes] - [19/04/2016 01:04:42]
C:\AdwCleaner\AdwCleaner[S1].txt - [13853 bytes] - [18/04/2016 16:43:08]
C:\AdwCleaner\AdwCleaner[S2].txt - [21207 bytes] - [18/04/2016 16:53:09]
C:\AdwCleaner\AdwCleaner[S3].txt - [14626 bytes] - [18/04/2016 17:24:29]
C:\AdwCleaner\AdwCleaner[S4].txt - [14626 bytes] - [18/04/2016 17:25:10]
C:\AdwCleaner\AdwCleaner[S5].txt - [14033 bytes] - [18/04/2016 22:24:51]
C:\AdwCleaner\AdwCleaner[S6].txt - [1880 bytes] - [18/04/2016 22:49:41]
C:\AdwCleaner\AdwCleaner[S7].txt - [1903 bytes] - [18/04/2016 23:16:47]
C:\AdwCleaner\AdwCleaner[S8].txt - [2117 bytes] - [18/04/2016 23:49:26]
C:\AdwCleaner\AdwCleaner[S9].txt - [1936 bytes] - [19/04/2016 00:34:53]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [19124 bytes] ##########
 

Jjohn00

Thread Starter
Joined
Jun 10, 2016
Messages
17
It worked! no more ads are popping up! Thank you so much for your help! definitely gonna stay away from all that garbage from here on.
 

askey127

Malware Specialist
Joined
Dec 22, 2006
Messages
3,721
Do you want to prevent Windows 10 installation?
Are you sure you want to stop here? It's your call.
 

Jjohn00

Thread Starter
Joined
Jun 10, 2016
Messages
17
Oh yes please, that was one of the other annoying things that won't stop popping up. I was just unsure whether or not if i should share the issue since it's not malware related. But if you are willing, please and thank you!
 

Jjohn00

Thread Starter
Joined
Jun 10, 2016
Messages
17
Thank you so much, you've been such a great help to me. Btw, if you don't mind me asking, is there any other anti virus real time software you would recommend besides AVG anti virus?
 

askey127

Malware Specialist
Joined
Dec 22, 2006
Messages
3,721
Jjohn,
These two together should take care of Windows 10 Nag and install risk.
-----------------------------------------------------------
Run GWX Control Panel
If Microsoft's attempts to force Windows 10 onto the machine are unwanted, you can download and Run GWX Control Panel
http://ultimateoutsider.com/downloads/
Click on Download the Installer on the right.
Save it where you can find it and right click > "run as administrator" to install the program.
You can see the user guide here: http://blog.ultimateoutsider.com/2015/08/using-gwx-stopper-to-permanently-remove.html
Then open GWX Control Panel.
If you don't disable things with GWX Control Panel, and you are allowing Updates, Windows 10 will likely get installed automatically, without your active permission.

Utilizing GWX Control Panel will prevent most of the Windows 10 activities slowing down the machine.
I would suggest you click on any of these that are not grayed out:
  • Click to disable Get Windows 10 app (delete icon)
  • Click to delete Windows 10 download folder
  • Click to prevent Windows 10 upgrades
  • Click to delete Windows 10 programs
  • Click to disable non-critical Windows 10 settings
  • Click to enable Monitor mode
You may also wish to change your Windows Update settings so only Security Updates are allowed.
Attempts by Microsoft to circumvent your wishes can be monitored by enabling the Monitor mode button.
It's possible that you may need to download a newer version of GWX Control Panel later, if Microsoft doesn't get civilized about this.
Barring sabotage by Microsoft, you should be able to use Windows 7 until 2020, or Windows 8 until 2023.

-----------------------------------------------------------
This one is recommended as well. It sets the corporate recommended Registry entries to prevent W10 from installing.
You only need to run it once.
.
Download and Run Gibson's NEVER10
Download the file from here:
https://www.grc.com/never10.htm
Just save it somewhere you can find it and run it.
The directions are easy to follow.
It will prevent the unwanted conversion of Win7 and Win8 machines to Windows 10.
====================================================================
Now about the antivirus issue:

ALL Free antivirus programs have some adware connection, exceppt Microsoft Security Essentials.
MSSE is here: http://www.microsoft.com/security_essentials/
I use mostly Microsoft Security Essentials myself.
In some cases the adware from Free AV's is very sleazy; In others it's only an occasional nag screen to get a paid version.
Avast is probably the least obnoxious of the non-Microsoft Free ones.
If you install another Free AV, be very careful about every checkbox and question during the install.

The best paid Antivirus is likely ESET NOD32. It is Very thorough, dependable, and easy to use.
We use the ESET online scanner quite a bit on these forums to look for hard-to-find infections.

On the antivirus subject, you really cannot depend on detection rankings, or anecdotal comments by users either.
Neither tells the whole story.
=====================================================================
Let me know how this stuff goes, and I will have one final post for you.
askey127
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Members online

Top