Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Where to post the FRST logs?
Message
<blockquote data-quote="Jillayne" data-source="post: 303277" data-attributes="member: 31002"><p>Here is my report from AdwCleaner: </p><p>(I didn't remove anything)</p><p></p><p># AdwCleaner v4.101 - Report created 21/11/2014 at 17:19:19</p><p># Updated 09/11/2014 by Xplode</p><p># Database : 2014-11-07.1 [Local]</p><p># Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)</p><p># Username : Jill - SALIGA</p><p># Running from : C:\Users\Jill\Downloads\AdwCleaner.exe</p><p># Option : Scan</p><p></p><p>***** [ Services ] *****</p><p></p><p></p><p>***** [ Files / Folders ] *****</p><p></p><p>File Found : C:\Users\Jill\AppData\Roaming\Mozilla\Firefox\Profiles\xy5anuv5.default\user.js</p><p>Folder Found : C:\Program Files\Ask.com</p><p>Folder Found : C:\Program Files\Driver Performer</p><p>Folder Found : C:\Program Files\iWin.com Games</p><p>Folder Found : C:\Program Files\NCH Software</p><p>Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iWin.com Games</p><p>Folder Found : C:\ProgramData\NCH Software</p><p>Folder Found : C:\Users\Jill\AppData\Local\OpenCandy</p><p>Folder Found : C:\Users\Jill\AppData\Local\Temp\FoxTab</p><p>Folder Found : C:\Users\Jill\AppData\LocalLow\AskToolbar</p><p>Folder Found : C:\Users\Jill\AppData\LocalLow\HPAppData</p><p>Folder Found : C:\Users\Jill\AppData\Roaming\HPAppData</p><p>Folder Found : C:\Users\Jill\AppData\Roaming\iWin</p><p>Folder Found : C:\Users\Jill\AppData\Roaming\Mozilla\Firefox\Profiles\xy5anuv5.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}</p><p>Folder Found : C:\Users\Jill\AppData\Roaming\Mozilla\Firefox\Profiles\xy5anuv5.default\Extensions\<a href="mailto:toolbar@ask.com">toolbar@ask.com</a></p><p>Folder Found : C:\Users\Jill\AppData\Roaming\OpenCandy</p><p>Folder Found : C:\Users\Jill\AppData\Roaming\UpdaterEX</p><p>Folder Found : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}</p><p></p><p>***** [ Scheduled Tasks ] *****</p><p></p><p>Task Found : Scheduled Update for Ask Toolbar</p><p>Task Found : UpdaterEX</p><p></p><p>***** [ Shortcuts ] *****</p><p></p><p></p><p>***** [ Registry ] *****</p><p></p><p>Key Found : HKCU\Software\APN</p><p>Key Found : HKCU\Software\AppDataLow\AskToolbarInfo</p><p>Key Found : HKCU\Software\AppDataLow\Software\AskToolbar</p><p>Key Found : HKCU\Software\Ask.com</p><p>Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com</p><p>Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}</p><p>Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}</p><p>Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Coupon Printer for Windows5.0.0.0</p><p>Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\UpdaterEX</p><p>Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}</p><p>Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}</p><p>Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}</p><p>Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}</p><p>Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A}</p><p>Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}</p><p>Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX</p><p>Key Found : HKCU\Software\UpdaterEX</p><p>Key Found : HKCU\Software\YahooPartnerToolbar</p><p>Key Found : HKLM\SOFTWARE\APN</p><p>Key Found : HKLM\SOFTWARE\AskToolbar</p><p>Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}</p><p>Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL</p><p>Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}</p><p>Key Found : HKLM\SOFTWARE\Classes\CLSID\{28C02550-6572-401a-A2AE-5BC703C9BBA6}</p><p>Key Found : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}</p><p>Key Found : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}</p><p>Key Found : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}</p><p>Key Found : HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}</p><p>Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}</p><p>Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd</p><p>Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1</p><p>Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF</p><p>Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF</p><p>Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}</p><p>Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}</p><p>Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}</p><p>Key Found : HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}</p><p>Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho</p><p>Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1</p><p>Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}</p><p>Key Found : HKLM\SOFTWARE\dt soft\daemon tools toolbar</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}</p><p>Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.0</p><p>Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]</p><p>Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}]</p><p>Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]</p><p></p><p>***** [ Browsers ] *****</p><p></p><p>-\\ Internet Explorer v9.0.8112.16592</p><p></p><p></p><p>-\\ Mozilla Firefox v5.0 (en-US)</p><p></p><p>[xy5anuv5.default] - Line Found : user_pref("browser.search.defaultenginename", "Web Search (eToolKit)");</p><p>[xy5anuv5.default] - Line Found : user_pref("browser.search.selectedEngine", "Web Search (eToolKit)");</p><p>[xy5anuv5.default] - Line Found : user_pref("browser.search.selectedEngineInDialog", "Web Search (eToolKit)");</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.abar-war-timeout", "4000");</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.cbid", "O8");</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.clear-searches-on-exit", true);</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.config-updated", false);</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://<a href="http://www.ask.com/web?q={query}&o={o}&l={l}&qsrc={qsrc}" target="_blank">www.ask.com/web?q={query}&o={o}&l={l}&qsrc={qsrc}</a>");</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", true);</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.first-restart-after-config-update", true);</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.guid", "F54B51A0-08A4-4F17-9E10-24BCAE5811F0");</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"<a href="http://www.facebook.com\" target="_blank">www.facebook.com\</a>", \"<a href="http://www.playsushi.com\" target="_blank">www.playsushi.com\</a>", \"<a href="http://WWW.google.com\" target="_blank">WWW.google.com\</a>", \"hxxps://websearch.ask.com\", [...]</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.hxxp-header-whitelist-uri", "hxxp://apnstatic.ask.com/static/toolbar/config/main/asktb-url-list.json");</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.if", "su");</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.l", "dis");</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.last-config-req", "1416361292922");</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.last-search-timestamp", "1309731573659");</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.last-v", "3.12.2.100006");</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.locale", "en_US");</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.new-tab-opt-out", true);</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.o", "16066");</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.options-lang", "en");</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.options-locale", "UK");</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.qsrc", "2871");</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.sa", "NO");</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.search-suggestions-enabled", true);</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.silent-upgrade", true);</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", true);</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.socialmini-first", true);</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.socialmini-interval", "1200000");</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.socialmini-max-items", "30");</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.socialmini-native-on", true);</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.socialmini-speed", "5000");</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.socialmini-transition-first-open", false);</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.asktb.themeid", "");</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.enabledAddons", "<a href="mailto:piclens@cooliris.com">piclens@cooliris.com</a>:1.12.3.47088,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21,{CAFEEFAC-0016-0000-0023-ABCDEFFEDC[...]</p><p>[xy5anuv5.default] - Line Found : user_pref("extensions.enabledItems", "<a href="mailto:anycolor.pavlos256@gmail.com">anycolor.pavlos256@gmail.com</a>:0.3.3,{0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5,<a href="mailto:piclens@cooliris.com">piclens@cooliris.com</a>:1.12.0.36605,{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1,{20[...]</p><p></p><p>-\\ Google Chrome v</p><p></p><p>[C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}</p><p>[C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://<a href="http://www.ask.com/web?q={searchTerms}" target="_blank">www.ask.com/web?q={searchTerms}</a></p><p></p><p>*************************</p><p></p><p>AdwCleaner[R0].txt - [13639 octets] - [21/11/2014 17:19:19]</p><p></p><p>########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [13700 octets] ##########</p></blockquote><p></p>
[QUOTE="Jillayne, post: 303277, member: 31002"] Here is my report from AdwCleaner: (I didn't remove anything) # AdwCleaner v4.101 - Report created 21/11/2014 at 17:19:19 # Updated 09/11/2014 by Xplode # Database : 2014-11-07.1 [Local] # Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits) # Username : Jill - SALIGA # Running from : C:\Users\Jill\Downloads\AdwCleaner.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** File Found : C:\Users\Jill\AppData\Roaming\Mozilla\Firefox\Profiles\xy5anuv5.default\user.js Folder Found : C:\Program Files\Ask.com Folder Found : C:\Program Files\Driver Performer Folder Found : C:\Program Files\iWin.com Games Folder Found : C:\Program Files\NCH Software Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iWin.com Games Folder Found : C:\ProgramData\NCH Software Folder Found : C:\Users\Jill\AppData\Local\OpenCandy Folder Found : C:\Users\Jill\AppData\Local\Temp\FoxTab Folder Found : C:\Users\Jill\AppData\LocalLow\AskToolbar Folder Found : C:\Users\Jill\AppData\LocalLow\HPAppData Folder Found : C:\Users\Jill\AppData\Roaming\HPAppData Folder Found : C:\Users\Jill\AppData\Roaming\iWin Folder Found : C:\Users\Jill\AppData\Roaming\Mozilla\Firefox\Profiles\xy5anuv5.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} Folder Found : C:\Users\Jill\AppData\Roaming\Mozilla\Firefox\Profiles\xy5anuv5.default\Extensions\[email]toolbar@ask.com[/email] Folder Found : C:\Users\Jill\AppData\Roaming\OpenCandy Folder Found : C:\Users\Jill\AppData\Roaming\UpdaterEX Folder Found : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe} ***** [ Scheduled Tasks ] ***** Task Found : Scheduled Update for Ask Toolbar Task Found : UpdaterEX ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Found : HKCU\Software\APN Key Found : HKCU\Software\AppDataLow\AskToolbarInfo Key Found : HKCU\Software\AppDataLow\Software\AskToolbar Key Found : HKCU\Software\Ask.com Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Coupon Printer for Windows5.0.0.0 Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\UpdaterEX Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF780F87-FF2B-4DF8-92D0-73DB16A1543A} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX Key Found : HKCU\Software\UpdaterEX Key Found : HKCU\Software\YahooPartnerToolbar Key Found : HKLM\SOFTWARE\APN Key Found : HKLM\SOFTWARE\AskToolbar Key Found : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Key Found : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL Key Found : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} Key Found : HKLM\SOFTWARE\Classes\CLSID\{28C02550-6572-401a-A2AE-5BC703C9BBA6} Key Found : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C} Key Found : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179} Key Found : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995} Key Found : HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC} Key Found : HKLM\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd Key Found : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1 Key Found : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF Key Found : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF Key Found : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456} Key Found : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key Found : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Key Found : HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB} Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1 Key Found : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Key Found : HKLM\SOFTWARE\dt soft\daemon tools toolbar Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9 Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2 Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094 Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6 Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7 Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852 Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536 Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0 Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96 Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8 Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01 Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59 Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472 Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296 Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888 Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.0 Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}] Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater] ***** [ Browsers ] ***** -\\ Internet Explorer v9.0.8112.16592 -\\ Mozilla Firefox v5.0 (en-US) [xy5anuv5.default] - Line Found : user_pref("browser.search.defaultenginename", "Web Search (eToolKit)"); [xy5anuv5.default] - Line Found : user_pref("browser.search.selectedEngine", "Web Search (eToolKit)"); [xy5anuv5.default] - Line Found : user_pref("browser.search.selectedEngineInDialog", "Web Search (eToolKit)"); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\"); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.abar-war-timeout", "4000"); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.cbid", "O8"); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.clear-searches-on-exit", true); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.config-updated", false); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://[url="http://www.ask.com/web?q={query}&o={o}&l={l}&qsrc={qsrc}"]www.ask.com/web?q={query}&o={o}&l={l}&qsrc={qsrc}[/url]"); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.dyn-weather-do-locid-lookup-weatherWidget", true); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.first-restart-after-config-update", true); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.guid", "F54B51A0-08A4-4F17-9E10-24BCAE5811F0"); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com\", \"[url="http://www.facebook.com\"]www.facebook.com\[/url]", \"[url="http://www.playsushi.com\"]www.playsushi.com\[/url]", \"[url="http://WWW.google.com\"]WWW.google.com\[/url]", \"hxxps://websearch.ask.com\", [...] [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.hxxp-header-whitelist-uri", "hxxp://apnstatic.ask.com/static/toolbar/config/main/asktb-url-list.json"); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.if", "su"); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.l", "dis"); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.last-config-req", "1416361292922"); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.last-search-timestamp", "1309731573659"); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.last-v", "3.12.2.100006"); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.locale", "en_US"); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.new-tab-opt-out", true); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.o", "16066"); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.options-lang", "en"); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.options-locale", "UK"); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.qsrc", "2871"); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.sa", "NO"); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.search-suggestions-enabled", true); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.silent-upgrade", true); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", true); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.socialmini-first", true); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.socialmini-interval", "1200000"); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.socialmini-max-char-ticker", "33"); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.socialmini-max-items", "30"); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.socialmini-native-on", true); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.socialmini-speed", "5000"); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.socialmini-transition-first-open", false); [xy5anuv5.default] - Line Found : user_pref("extensions.asktb.themeid", ""); [xy5anuv5.default] - Line Found : user_pref("extensions.enabledAddons", "[email]piclens@cooliris.com[/email]:1.12.3.47088,{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20,{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21,{CAFEEFAC-0016-0000-0023-ABCDEFFEDC[...] [xy5anuv5.default] - Line Found : user_pref("extensions.enabledItems", "[email]anycolor.pavlos256@gmail.com[/email]:0.3.3,{0545b830-f0aa-4d7e-8820-50a4629a56fe}:4.6.5,[email]piclens@cooliris.com[/email]:1.12.0.36605,{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}:1.4.1,{20[...] -\\ Google Chrome v [C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms} [C:\Users\Jill\AppData\Local\Google\Chrome\User Data\Default\Web data] - Found [Search Provider] : hxxp://[url="http://www.ask.com/web?q={searchTerms}"]www.ask.com/web?q={searchTerms}[/url] ************************* AdwCleaner[R0].txt - [13639 octets] - [21/11/2014 17:19:19] ########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [13700 octets] ########## [/QUOTE]
Insert quotes…
Verification
Post reply
Top