Unstoppable popups "2"

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

mgee

Thread Starter
Joined
Nov 5, 2010
Messages
76
This is my second PC .
# AdwCleaner v4.111 - Logfile created 26/02/2015 at 00:11:41
# Updated 18/02/2015 by Xplode
# Database : 2015-02-18.3 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Dylan18 - DYLAN18-HP
# Running from : C:\Downloads\adwcleaner_4.111.exe
# Option : Cleaning

***** [ Services ] *****

[#] Service Deleted : YouTubeAcceleratorService

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\EnergoTech
Folder Deleted : C:\ProgramData\MovieWizard
Folder Deleted : C:\ProgramData\CouponFactor
Folder Deleted : C:\ProgramData\14292097924930845942
Folder Deleted : C:\ProgramData\c657bb570699bcf6
Folder Deleted : C:\ProgramData\d3c4547600000dc4
Folder Deleted : C:\Program Files (x86)\Bench
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\PepperZip
Folder Deleted : C:\Program Files (x86)\predm
Folder Deleted : C:\Program Files (x86)\FlexibleShOpppoer
Folder Deleted : C:\Program Files (x86)\rEaldeal
Folder Deleted : C:\Program Files (x86)\SaoveerAaddon
Folder Deleted : C:\Program Files (x86)\ssavveittkeep
Folder Deleted : C:\Program Files (x86)\surfkEEepit
Folder Deleted : C:\Program Files (x86)\webSaover
Folder Deleted : C:\Users\Dylan18\AppData\Local\Temp\Iminent
Folder Deleted : C:\Program Files\BubbleSound
Folder Deleted : C:\Users\Dylan18\AppData\Local\apn
Folder Deleted : C:\Users\Dylan18\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Dylan18\AppData\Local\CrashRpt
Folder Deleted : C:\Users\Dylan18\AppData\Local\MovieWizard
Folder Deleted : C:\Users\Dylan18\AppData\Local\Taplika
Folder Deleted : C:\Users\Dylan18\AppData\Roaming\Optimizer Pro
Folder Deleted : C:\Users\Dylan18\AppData\Roaming\Taplika
Folder Deleted : C:\Users\Dylan18\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PepperZip
Folder Deleted : C:\Users\Dylan18\Documents\Optimizer Pro
Folder Deleted : C:\Users\Dylan18\Documents\ProPCCleaner
Folder Deleted : C:\Users\Dylan18\AppData\Roaming\Mozilla\Firefox\Profiles\cyuv5jam.default\Extensions\{4C59F3E5-BBD0-4344-8DD2-30866FA0B31E}
Folder Deleted : C:\Users\Dylan18\AppData\Roaming\Mozilla\Firefox\Profiles\cyuv5jam.default\Extensions\[email protected]
Folder Deleted : C:\ProgramData\bgflbemdomiibjehnepgjcpkapmgbple
File Deleted : C:\Users\Dylan18\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TornTvDownloader.lnk
File Deleted : C:\Users\Dylan18\AppData\Roaming\Mozilla\Firefox\Profiles\cyuv5jam.default\searchplugins\trovi-search.xml
File Deleted : C:\Users\Dylan18\AppData\Roaming\Mozilla\Firefox\Profiles\cyuv5jam.default\searchplugins\Web Search.xml
File Deleted : C:\Users\Dylan18\AppData\Roaming\Mozilla\Firefox\Profiles\cyuv5jam.default\user.js
File Deleted : C:\Users\Dylan18\AppData\Roaming\Mozilla\Firefox\Profiles\cyuv5jam.default\searchplugins\Taplika.xml
File Deleted : C:\Users\Dylan18\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
File Deleted : C:\Users\Dylan18\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage
File Deleted : C:\Users\Dylan18\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.azlyrics.com_0.localstorage-journal
File Deleted : C:\Users\Dylan18\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Dylan18\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Dylan18\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_start.iminent.com_0.localstorage
File Deleted : C:\Users\Dylan18\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage
File Deleted : C:\Users\Dylan18\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Dylan18\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.select-n-go00.select-n-go.com_0.localstorage
File Deleted : C:\Users\Dylan18\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.select-n-go00.select-n-go.com_0.localstorage-journal

***** [ Scheduled tasks ] *****

Task Deleted : EnergoTech Update

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [GoobzoYouTubeAccelerator]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Torntv Downloader]
Key Deleted : HKLM\SOFTWARE\Classes\Iminent
Key Deleted : HKLM\SOFTWARE\Classes\P14dfc6e0_99dd_4e31_9d15_6b2aea7eee6a_.P14dfc6e0_99dd_4e31_9d15_6b2aea7eee6a_
Key Deleted : HKLM\SOFTWARE\Classes\P14dfc6e0_99dd_4e31_9d15_6b2aea7eee6a_.P14dfc6e0_99dd_4e31_9d15_6b2aea7eee6a_.9
Key Deleted : HKLM\SOFTWARE\Classes\P15ac78b7_b4e0_4537_9aaa_ce2cac47bdb1_.P15ac78b7_b4e0_4537_9aaa_ce2cac47bdb1_
Key Deleted : HKLM\SOFTWARE\Classes\P15ac78b7_b4e0_4537_9aaa_ce2cac47bdb1_.P15ac78b7_b4e0_4537_9aaa_ce2cac47bdb1_.9
Key Deleted : HKLM\SOFTWARE\Classes\Pe84f917c_f2bc_44fc_854d_4da6d18f3a2b_.Pe84f917c_f2bc_44fc_854d_4da6d18f3a2b_
Key Deleted : HKLM\SOFTWARE\Classes\Pe84f917c_f2bc_44fc_854d_4da6d18f3a2b_.Pe84f917c_f2bc_44fc_854d_4da6d18f3a2b_.9
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{14dfc6e0-99dd-4e31-9d15-6b2aea7eee6a}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{15ac78b7-b4e0-4537-9aaa-ce2cac47bdb1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{e84f917c-f2bc-44fc-854d-4da6d18f3a2b}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FB1A663-2820-468B-95C4-5060A4C5F413}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{079E2F0F-FCA0-4163-BC82-5355B879E86E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C7405EEB-2E16-40FE-9E27-1F48CAAB15E1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14dfc6e0-99dd-4e31-9d15-6b2aea7eee6a}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15ac78b7-b4e0-4537-9aaa-ce2cac47bdb1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e84f917c-f2bc-44fc-854d-4da6d18f3a2b}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{15ac78b7-b4e0-4537-9aaa-ce2cac47bdb1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{e84f917c-f2bc-44fc-854d-4da6d18f3a2b}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{15ac78b7-b4e0-4537-9aaa-ce2cac47bdb1}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{e84f917c-f2bc-44fc-854d-4da6d18f3a2b}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{14dfc6e0-99dd-4e31-9d15-6b2aea7eee6a}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{15ac78b7-b4e0-4537-9aaa-ce2cac47bdb1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e84f917c-f2bc-44fc-854d-4da6d18f3a2b}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{14dfc6e0-99dd-4e31-9d15-6b2aea7eee6a}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{15ac78b7-b4e0-4537-9aaa-ce2cac47bdb1}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{e84f917c-f2bc-44fc-854d-4da6d18f3a2b}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{15527BF5-9729-49DC-889C-9F956983154C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14dfc6e0-99dd-4e31-9d15-6b2aea7eee6a}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15ac78b7-b4e0-4537-9aaa-ce2cac47bdb1}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e84f917c-f2bc-44fc-854d-4da6d18f3a2b}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{215FF469-8C3E-4039-A464-0403EB42E34E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{ACA2121B-1392-483F-93EA-4621A65A9166}
Key Deleted : HKCU\Software\1ClickDownload
Key Deleted : HKCU\Software\Compete
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\powerpack
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\AdvertisingSupport
Key Deleted : HKLM\SOFTWARE\CompeteInc
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\Goobzo
Key Deleted : HKLM\SOFTWARE\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\YouTube Accelerator
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search module
Key Deleted : [x64] HKLM\SOFTWARE\AllDaySavings
Key Deleted : [x64] HKLM\SOFTWARE\TornTv Downloader
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17631

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v20.0.1 (en-US)

[cyuv5jam.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Ask.com");
[cyuv5jam.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._49Members_.BUTTON_STRUCTURE", "[{\"b\":221352991,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":221352992,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
[cyuv5jam.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._49Members_.browser.version.last", "20.0");
[cyuv5jam.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._49Members_.firstKnownVersion", "6.58.4.19978");
[cyuv5jam.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._49Members_.homepage", "hxxp://home.tb.ask.com/index.jhtml?n=780c982c&p2=^ZO^xpi000^YYA^");
[cyuv5jam.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._49Members_.hp.user.defined", true);
[cyuv5jam.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._49Members_.initialized", true);
[cyuv5jam.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._49Members_.installation.contextKey", "");
[cyuv5jam.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._49Members_.installation.installDate", "2014091308");
[cyuv5jam.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._49Members_.installation.partnerId", "^ZO^xpi000^YYA^");
[cyuv5jam.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._49Members_.installation.partnerSubId", "");
[cyuv5jam.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._49Members_.installation.success", false);
[cyuv5jam.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._49Members_.isCompliantUninstallImplementation", true);
[cyuv5jam.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._49Members_.lastKnownVersion", "6.85.5.65368");
[cyuv5jam.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._49Members_.options.defaultSearch", false);
[cyuv5jam.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._49Members_.options.homePageEnabled", false);
[cyuv5jam.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._49Members_.options.keywordEnabled", false);
[cyuv5jam.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._49Members_.options.tabEnabled", false);
[cyuv5jam.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._49Members_.partnerPixelFired", false);
[cyuv5jam.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._49Members_.successUrl", "hxxp://utilitychest.dl.tb.ask.com/installComplete.jhtml");
[cyuv5jam.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._49Members_.toolbarCollapsed", true);
[cyuv5jam.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark._49Members_.weather.location", "16001");
[cyuv5jam.default\prefs.js] - Line Deleted : user_pref("extensions.toolbar.mindspark.lastInstalled", "[email protected]");
[cyuv5jam.default\prefs.js] - Line Deleted : user_pref("iminent.BirthDate", "1423685917");

-\\ Google Chrome v40.0.2214.111


-\\ Comodo Dragon v


-\\ Chrome Canary v


*************************

AdwCleaner[R0].txt - [47740 bytes] - [08/09/2014 11:16:36]
AdwCleaner[R1].txt - [15286 bytes] - [26/02/2015 00:05:47]
AdwCleaner[S0].txt - [43685 bytes] - [08/09/2014 11:21:33]
AdwCleaner[S1].txt - [14687 bytes] - [26/02/2015 00:11:41]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [14747 bytes] ##########
 

kevinf80

Kevin
Malware Specialist
Joined
Mar 21, 2006
Messages
11,470
Hello and welcome to TSG,

Use the instructions in the following link to show hidden files:

http://www.bleepingcomputer.com/tutorials/how-to-see-hidden-files-in-windows/

Next,

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it's always wise to create a backup before doing so.

  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
  • Note: the default location is C:\Windows\ERDNT which is acceptable.
  • Make sure that at least the first two check boxes are selected.


  • Click on OK
  • Then click on YES to create the folder.
  • Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe

Next,

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts. (re-enable when done)
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Let me see those logs in your next reply...

Thanks,

Kevin.....
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Staff online

Top