Do I have a virus? Help please!
Solved/Closed
Perrinicus
Posts
16
Registration date
Wednesday February 17, 2016
Status
Member
Last seen
February 23, 2016
-
Feb 17, 2016 at 10:30 AM
Perrinicus - Feb 23, 2016 at 10:17 AM
Perrinicus - Feb 23, 2016 at 10:17 AM
Related:
- Do I have a virus? Help please!
- Can a jpg have a virus - Guide
- Goose virus - Download - Other
- Ntuser.dat virus - Guide
- How to get rid of trojan virus ✓ - Viruses & Security Forum
- Attrib - r-h-s /s /d *.* virus - Viruses & Security Forum
15 responses
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,164
Feb 22, 2016 at 05:04 PM
Feb 22, 2016 at 05:04 PM
Hi
There are 46 malware items in your machine.
1. Please remove (delete) Spybot Search and Destroy. That software is obsolete and will come in conflict with your present antivirus.
2. Download, install and run adwcleaner:
https://ccm.net/downloads/security-and-maintenance/6911-adwcleaner/
A log will be produced which you can post here.
3. 1. Download Script ZHPFix here
https://nicolascoolman.eu
2. Select and copy all of the following bold lines.
Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash
O20 - AppInit_DLLs: . (...) - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll (.not file.)
O42 - Logiciel: AVG PC TuneUp 2014 - (.AVG.) [HKLM][64Bits] -- {01BD4FC9-2F86-4706-A62E-774BB7E9D308}
O42 - Logiciel: UpdaterEX - (.UpdaterEX.) [HKCU][64Bits] -- UpdaterEX
HKLM\SOFTWARE\Wow6432Node\5b538f8cb33def13
HKLM\SOFTWARE\Wow6432Node\SearchProtect
HKCU\SOFTWARE\5b538f8cb33def13
HKCU\SOFTWARE\UpdaterEX
3 - CFD: 08/02/2014 - [] D -- C:\Program Files (x86)\BonanzaDeals
3 - CFD: 18/02/2016 - [] D -- C:\Program Files (x86)\DNS Unlocker
3 - CFD: 18/02/2016 - [] D -- C:\Program Files (x86)\dply_en_015020240
3 - CFD: 17/02/2016 - [0] D -- C:\Program Files (x86)\Oasis Space
3 - CFD: 30/09/2013 - [0] D -- C:\ProgramData\Babylon
3 - CFD: 17/12/2013 - [] D -- C:\ProgramData\BitGuard
3 - CFD: 25/01/2014 - [0] SHD -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
3 - CFD: 30/09/2013 - [] D -- C:\Users\Briony\AppData\Roaming\Babylon
3 - CFD: 18/10/2013 - [] D -- C:\Users\Briony\AppData\Roaming\UpdaterEX
3 - CFD: 18/02/2016 - [] D -- C:\Users\Briony\AppData\Local\dply_en_015020240
O45 - LFCP:[MD5.13D4FD2014F8293AC6710FCDDCB22C5B] 17/02/2016 A -- C:\WINDOWS\Prefetch\DPLY_EN_015020240 - UNINSTALL-E76805C6.pf
O45 - LFCP:[MD5.89B4945108AC59958B13B26D47F1256D] 18/02/2016 A -- C:\WINDOWS\Prefetch\DPLY_EN_015020240.EXE-60BF14D3.pf
O45 - LFCP:[MD5.47ECCCF4876254D495E90FE6F40FC16B] 17/02/2016 A -- C:\WINDOWS\Prefetch\OASISDPLY_EN_015020240.EXE-329A506A.pf
O45 - LFCP:[MD5.FDE03CEDDADC908E99EFF69BC306538F] 17/02/2016 A -- C:\WINDOWS\Prefetch\OASISSPACE_SETUP.EXE-0C0813B4.pf
O45 - LFCP:[MD5.F82A46383B82DC799CEC7A049215CF0C] 18/02/2016 A -- C:\WINDOWS\Prefetch\UPDPLY_EN_015020240.EXE-D0E8E255.pf
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Doko Search) - http://www.doko-search.com/
O69 - SBI: SearchScopes [HKCU] {2C661B38-B039-4C66-BE36-928418913380} - (Mysearchdial) - http://start.mysearchdial.com/
O69 - SBI: SearchScopes [HKLM] {2C661B38-B039-4C66-BE36-928418913380} [DefaultScope] - (Mysearchdial) - http://start.mysearchdial.com/
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX
C:\Program Files (x86)\BonanzaDeals
C:\Program Files (x86)\DNS Unlocker
C:\Program Files (x86)\dply_en_015020240
C:\Program Files (x86)\Oasis Space
C:\ProgramData\Babylon
C:\ProgramData\BitGuard
C:\Users\Briony\AppData\Roaming\Babylon
C:\Users\Briony\AppData\Roaming\UpdaterEX
C:\Users\Briony\AppData\Local\dply_en_015020240
C:\WINDOWS\Prefetch\DPLY_EN_015020240 - UNINSTALL-E76805C6.pf
C:\WINDOWS\Prefetch\DPLY_EN_015020240.EXE-60BF14D3.pf
C:\WINDOWS\Prefetch\OASISDPLY_EN_015020240.EXE-329A506A.pf
C:\WINDOWS\Prefetch\OASISSPACE_SETUP.EXE-0C0813B4.pf
C:\WINDOWS\Prefetch\UPDPLY_EN_015020240.EXE-D0E8E255.pf
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2C661B38-B039-4C66-BE36-928418913380}
HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{2C661B38-B039-4C66-BE36-928418913380}
3 Close all applications and open ZHP Fix
4. Click on the Import button and the lines will automatically paste themselves.
5. Click on the Go button to clean
6. Confirm by clicking OK
7. ZHP Fix will ask if you wish to empty the bin, click on your choice...it may take time
8. A report will appear on your desktop and on C:\ZHP\ZHPFix[R1].txt which you can copy and paste in your reply.
Good luck
There are 46 malware items in your machine.
1. Please remove (delete) Spybot Search and Destroy. That software is obsolete and will come in conflict with your present antivirus.
2. Download, install and run adwcleaner:
https://ccm.net/downloads/security-and-maintenance/6911-adwcleaner/
A log will be produced which you can post here.
3. 1. Download Script ZHPFix here
https://nicolascoolman.eu
2. Select and copy all of the following bold lines.
Script ZHPFix
FirewallRaz
EmptyPrefetch
EmptyTemp
EmptyFlash
O20 - AppInit_DLLs: . (...) - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll (.not file.)
O42 - Logiciel: AVG PC TuneUp 2014 - (.AVG.) [HKLM][64Bits] -- {01BD4FC9-2F86-4706-A62E-774BB7E9D308}
O42 - Logiciel: UpdaterEX - (.UpdaterEX.) [HKCU][64Bits] -- UpdaterEX
HKLM\SOFTWARE\Wow6432Node\5b538f8cb33def13
HKLM\SOFTWARE\Wow6432Node\SearchProtect
HKCU\SOFTWARE\5b538f8cb33def13
HKCU\SOFTWARE\UpdaterEX
3 - CFD: 08/02/2014 - [] D -- C:\Program Files (x86)\BonanzaDeals
3 - CFD: 18/02/2016 - [] D -- C:\Program Files (x86)\DNS Unlocker
3 - CFD: 18/02/2016 - [] D -- C:\Program Files (x86)\dply_en_015020240
3 - CFD: 17/02/2016 - [0] D -- C:\Program Files (x86)\Oasis Space
3 - CFD: 30/09/2013 - [0] D -- C:\ProgramData\Babylon
3 - CFD: 17/12/2013 - [] D -- C:\ProgramData\BitGuard
3 - CFD: 25/01/2014 - [0] SHD -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
3 - CFD: 30/09/2013 - [] D -- C:\Users\Briony\AppData\Roaming\Babylon
3 - CFD: 18/10/2013 - [] D -- C:\Users\Briony\AppData\Roaming\UpdaterEX
3 - CFD: 18/02/2016 - [] D -- C:\Users\Briony\AppData\Local\dply_en_015020240
O45 - LFCP:[MD5.13D4FD2014F8293AC6710FCDDCB22C5B] 17/02/2016 A -- C:\WINDOWS\Prefetch\DPLY_EN_015020240 - UNINSTALL-E76805C6.pf
O45 - LFCP:[MD5.89B4945108AC59958B13B26D47F1256D] 18/02/2016 A -- C:\WINDOWS\Prefetch\DPLY_EN_015020240.EXE-60BF14D3.pf
O45 - LFCP:[MD5.47ECCCF4876254D495E90FE6F40FC16B] 17/02/2016 A -- C:\WINDOWS\Prefetch\OASISDPLY_EN_015020240.EXE-329A506A.pf
O45 - LFCP:[MD5.FDE03CEDDADC908E99EFF69BC306538F] 17/02/2016 A -- C:\WINDOWS\Prefetch\OASISSPACE_SETUP.EXE-0C0813B4.pf
O45 - LFCP:[MD5.F82A46383B82DC799CEC7A049215CF0C] 18/02/2016 A -- C:\WINDOWS\Prefetch\UPDPLY_EN_015020240.EXE-D0E8E255.pf
O69 - SBI: SearchScopes [HKCU] {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} - (Doko Search) - http://www.doko-search.com/
O69 - SBI: SearchScopes [HKCU] {2C661B38-B039-4C66-BE36-928418913380} - (Mysearchdial) - http://start.mysearchdial.com/
O69 - SBI: SearchScopes [HKLM] {2C661B38-B039-4C66-BE36-928418913380} [DefaultScope] - (Mysearchdial) - http://start.mysearchdial.com/
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX
C:\Program Files (x86)\BonanzaDeals
C:\Program Files (x86)\DNS Unlocker
C:\Program Files (x86)\dply_en_015020240
C:\Program Files (x86)\Oasis Space
C:\ProgramData\Babylon
C:\ProgramData\BitGuard
C:\Users\Briony\AppData\Roaming\Babylon
C:\Users\Briony\AppData\Roaming\UpdaterEX
C:\Users\Briony\AppData\Local\dply_en_015020240
C:\WINDOWS\Prefetch\DPLY_EN_015020240 - UNINSTALL-E76805C6.pf
C:\WINDOWS\Prefetch\DPLY_EN_015020240.EXE-60BF14D3.pf
C:\WINDOWS\Prefetch\OASISDPLY_EN_015020240.EXE-329A506A.pf
C:\WINDOWS\Prefetch\OASISSPACE_SETUP.EXE-0C0813B4.pf
C:\WINDOWS\Prefetch\UPDPLY_EN_015020240.EXE-D0E8E255.pf
HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2C661B38-B039-4C66-BE36-928418913380}
HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{2C661B38-B039-4C66-BE36-928418913380}
3 Close all applications and open ZHP Fix
4. Click on the Import button and the lines will automatically paste themselves.
5. Click on the Go button to clean
6. Confirm by clicking OK
7. ZHP Fix will ask if you wish to empty the bin, click on your choice...it may take time
8. A report will appear on your desktop and on C:\ZHP\ZHPFix[R1].txt which you can copy and paste in your reply.
Good luck
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,164
Feb 17, 2016 at 05:16 PM
Feb 17, 2016 at 05:16 PM
Greetings,
Yes! I am 99% sure that you not only have a virus but all kinds of malware.
For a start:
Run and type in the following commands
ipconfig /release
ipconfig /all
ipconfig /flushdns
ipconfig /renew
netsh int ip set dns
netsh winsock reset
Try to open your browser. If it does not work, see if you can boot in safe mode with networking and let me know
Ambucias
Virus/Security Contributor
Yes! I am 99% sure that you not only have a virus but all kinds of malware.
For a start:
Run and type in the following commands
ipconfig /release
ipconfig /all
ipconfig /flushdns
ipconfig /renew
netsh int ip set dns
netsh winsock reset
Try to open your browser. If it does not work, see if you can boot in safe mode with networking and let me know
Ambucias
Virus/Security Contributor
Perrinicus
Posts
16
Registration date
Wednesday February 17, 2016
Status
Member
Last seen
February 23, 2016
Feb 18, 2016 at 04:47 AM
Feb 18, 2016 at 04:47 AM
Ok, sorry... But how do I "run" on Windows 8? Also, really struggling with safe mode... Kept restarting it and tapping f8 but it never seems to enter safe mode?
Sorry about this... I'm not very confident with this kind of stuff. Thanks so much for your help!!
Sorry about this... I'm not very confident with this kind of stuff. Thanks so much for your help!!
Perrinicus
Posts
16
Registration date
Wednesday February 17, 2016
Status
Member
Last seen
February 23, 2016
Feb 18, 2016 at 05:34 AM
Feb 18, 2016 at 05:34 AM
Yep, found run and went through those commands and the browser still does the exact same thing:
"You are seeing this page because you are using a BT service which requires the use of BT DNS Servers and it appears that you are attempting to connect using a DNS server outside of our network. Our BT protect and BT Parental Controls services both require use of our BT DNS to keep you safe online. You may have selected a different server in your network settings or installed an application that uses an alternative service.
To turn off BT Protect or to delete Parental controls, log in to www.bt.com/mysecurityhub"
Still haven't figured safe mode out though
"You are seeing this page because you are using a BT service which requires the use of BT DNS Servers and it appears that you are attempting to connect using a DNS server outside of our network. Our BT protect and BT Parental Controls services both require use of our BT DNS to keep you safe online. You may have selected a different server in your network settings or installed an application that uses an alternative service.
To turn off BT Protect or to delete Parental controls, log in to www.bt.com/mysecurityhub"
Still haven't figured safe mode out though
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,164
Feb 18, 2016 at 05:57 AM
Feb 18, 2016 at 05:57 AM
See this for safe mode with networking
https://www.digitalcitizen.life/5-ways-boot-safe-mode-windows-8-windows-81/
https://www.digitalcitizen.life/5-ways-boot-safe-mode-windows-8-windows-81/
Perrinicus
Posts
16
Registration date
Wednesday February 17, 2016
Status
Member
Last seen
February 23, 2016
Feb 18, 2016 at 06:13 AM
Feb 18, 2016 at 06:13 AM
Right... In safe mode with networking now. Thanks for that, it was very helpful!
Unfortunately that exact same message is coming up when I try to access my browsers (it only shows up on chrome, ie simply won't load anything)
Unfortunately that exact same message is coming up when I try to access my browsers (it only shows up on chrome, ie simply won't load anything)
Didn't find the answer you are looking for?
Ask a question
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,164
Feb 18, 2016 at 06:19 AM
Feb 18, 2016 at 06:19 AM
I am guessing that someone in your entourage has set parental controls and restrictions on the machine for which I cannot help.
Perrinicus
Posts
16
Registration date
Wednesday February 17, 2016
Status
Member
Last seen
February 23, 2016
Feb 18, 2016 at 06:22 AM
Feb 18, 2016 at 06:22 AM
But we haven't set any parental controls on the machine... Would it be worth calling my provider to see if they have put parental controls on?
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,164
Feb 18, 2016 at 06:23 AM
Feb 18, 2016 at 06:23 AM
I was going to suggest that for it seems to come from BT.
Good luck
Good luck
Perrinicus
Posts
16
Registration date
Wednesday February 17, 2016
Status
Member
Last seen
February 23, 2016
Feb 18, 2016 at 06:24 AM
Feb 18, 2016 at 06:24 AM
Ok thank you! Will post here if I manage to access internet.
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,164
Feb 18, 2016 at 06:26 AM
Feb 18, 2016 at 06:26 AM
I am looking forward to your reply.
Perrinicus
Posts
16
Registration date
Wednesday February 17, 2016
Status
Member
Last seen
February 23, 2016
Feb 18, 2016 at 08:36 AM
Feb 18, 2016 at 08:36 AM
Ok. I performed a system restore (back to the 11th Feb) and can now access the Internet. I feel that this will not have gotten rid of the virus/malware so can you please recommend what I should do next?
Thanks a lot for all your help so far. You've been great!
Thanks a lot for all your help so far. You've been great!
Perrinicus
Posts
16
Registration date
Wednesday February 17, 2016
Status
Member
Last seen
February 23, 2016
Feb 18, 2016 at 06:54 AM
Feb 18, 2016 at 06:54 AM
Right... I have no parental controls on my BT account... The plot is truly thickening! Is there anything else you could suggest? Thanks so much for all your help!
Perrinicus
Posts
16
Registration date
Wednesday February 17, 2016
Status
Member
Last seen
February 23, 2016
Feb 18, 2016 at 07:20 AM
Feb 18, 2016 at 07:20 AM
Just tried re-running all those commands whilst in safe mode with networking but it was to no avail... Feeling pretty helpless right now
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,164
Feb 18, 2016 at 04:15 PM
Feb 18, 2016 at 04:15 PM
To help you and prescribe the remedy, I must make a diagnostic and to do so, I require a report.
1. Open this link and download ZHPDiag3 :
https://nicolascoolman.eu
(Don't be alarmed is the site is in French, it sometimes happens, the tool will take your system language and allow the download if you get a warning message, ignore it.) Click on the download button
2. Save the file on your Desktop.
3. Double click on ZHPDiag.exe and follow the installation instructions.
(For Vista, Win 7 and 8 users, click right to ensure you execute with admin right)
4. Double click on the short cut ZHPDiag on your Destktop.
5. Click on Full.
Wait for the tool to finished (maybe a long time)
6. Close ZHPDiag.
7. To transmit the report, click on this link :
https://authentification.site
8. Search the directory where you installed ZHPDiag (usually C:\desktop\zhpdiag.txt).
9. Copy the url link obtained from Speedyshare and paste it here in your reply.
Ambucias
Moderator and Virus/Security Contributor
1. Open this link and download ZHPDiag3 :
https://nicolascoolman.eu
(Don't be alarmed is the site is in French, it sometimes happens, the tool will take your system language and allow the download if you get a warning message, ignore it.) Click on the download button
2. Save the file on your Desktop.
3. Double click on ZHPDiag.exe and follow the installation instructions.
(For Vista, Win 7 and 8 users, click right to ensure you execute with admin right)
4. Double click on the short cut ZHPDiag on your Destktop.
5. Click on Full.
Wait for the tool to finished (maybe a long time)
6. Close ZHPDiag.
7. To transmit the report, click on this link :
https://authentification.site
8. Search the directory where you installed ZHPDiag (usually C:\desktop\zhpdiag.txt).
9. Copy the url link obtained from Speedyshare and paste it here in your reply.
Ambucias
Moderator and Virus/Security Contributor
Perrinicus
Posts
16
Registration date
Wednesday February 17, 2016
Status
Member
Last seen
February 23, 2016
Feb 22, 2016 at 04:39 AM
Feb 22, 2016 at 04:39 AM
Thanks so much mate. Got this diagnostic info for you here...
http://speedy.sh/fBU8N/ZHPDiag.txt
Sorry it's been a while! Been ridiculously busy with work. Thanks again for all your help :)
http://speedy.sh/fBU8N/ZHPDiag.txt
Sorry it's been a while! Been ridiculously busy with work. Thanks again for all your help :)
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,164
>
Perrinicus
Posts
16
Registration date
Wednesday February 17, 2016
Status
Member
Last seen
February 23, 2016
Feb 22, 2016 at 06:52 AM
Feb 22, 2016 at 06:52 AM
Okay, thanks for the report.
There are lots of malware on your machine.
Will give you solution later on today.
There are lots of malware on your machine.
Will give you solution later on today.
Perrinicus
Posts
16
Registration date
Wednesday February 17, 2016
Status
Member
Last seen
February 23, 2016
Feb 22, 2016 at 07:59 PM
Feb 22, 2016 at 07:59 PM
Hey! OK, so the adwcleaner download isn't working for my pc... it downloads the file but i'm unable to open it. Any ideas?
I ran the ZHP Fix:
Rapport de ZHPFix 2015.10.19.9 par Nicolas Coolman, Update du 19/10/2015
Fichier d'export Registre :
Run by Briony at 23/02/2016 00:25:18
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600)
Recycle Bin emptied (00mn 03s)
Prefetcher emptied
========== Software ==========
ABSENT Uninstall Process: c:\users\briony\appdata\roaming\updaterex\updateproc\updatetask.exe
========== Registry keys ==========
REMOVES Software Key: {01BD4FC9-2F86-4706-A62E-774BB7E9D308} [AVG PC TuneUp 2014]
REMOVES Logiciel Key: [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX]
REMOVES: HKLM\SOFTWARE\Wow6432Node\5b538f8cb33def13
REMOVES: HKLM\SOFTWARE\Wow6432Node\SearchProtect
REMOVES: HKCU\SOFTWARE\5b538f8cb33def13
REMOVES: HKCU\SOFTWARE\UpdaterEX
REMOVES: SearchScopes :{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
REMOVES: SearchScopes :{2C661B38-B039-4C66-BE36-928418913380}
REMOVES:* HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{2C661B38-B039-4C66-BE36-928418913380}
========== Registry values ==========
ABSENT value Standard Profile: FirewallRaz :
ABSENT value Domain Profile: FirewallRaz :
REMOVES: FirewallRaz (Domain) : {9E3D57FC-7C37-4424-9352-4831E97D029D}
REMOVES: FirewallRaz (Domain) : {548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}
REMOVES: FirewallRaz (Domain) : {E7985E1D-C36F-4787-80A8-6350D07E9266}
REMOVES: FirewallRaz (None) : {808F1451-4108-46FD-ADBB-F17324B5F0BD}
========== Elements of the registry data ==========
REMOVES AppInit: \PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll
========== Folders ==========
Deletes temporary Windows (0)
REMOVES Flash Cookies (0)
REMOVES: c:\program files (x86)\bonanzadeals
REMOVES: c:\program files (x86)\dns unlocker
REMOVES: c:\program files (x86)\dply_en_015020240
REMOVES: c:\program files (x86)\oasis space
REMOVES: c:\programdata\babylon
REMOVES: c:\programdata\bitguard
REMOVES: c:\users\briony\appdata\roaming\babylon
REMOVES: c:\users\briony\appdata\roaming\updaterex
REMOVES: c:\users\briony\appdata\local\dply_en_015020240
========== Files ==========
Deletes temporary Windows (0) (0 octets)
REMOVES Flash Cookies (0) (0 octets)
REMOVES: c:\windows\prefetch\dply_en_015020240 - uninstall-e76805c6.pf
REMOVES: c:\windows\prefetch\dply_en_015020240.exe-60bf14d3.pf
REMOVES: c:\windows\prefetch\oasisdply_en_015020240.exe-329a506a.pf
REMOVES: c:\windows\prefetch\oasisspace_setup.exe-0c0813b4.pf
REMOVES: c:\windows\prefetch\updply_en_015020240.exe-d0e8e255.pf
========== Other ==========
NON-TREATY 3 - CFD: 08/02/2014 - [] D -- C:\Program Files (x86)\BonanzaDeals
NON-TREATY 3 - CFD: 18/02/2016 - [] D -- C:\Program Files (x86)\DNS Unlocker
NON-TREATY 3 - CFD: 18/02/2016 - [] D -- C:\Program Files (x86)\dply_en_015020240
NON-TREATY 3 - CFD: 17/02/2016 - [0] D -- C:\Program Files (x86)\Oasis Space
NON-TREATY 3 - CFD: 30/09/2013 - [0] D -- C:\ProgramData\Babylon
NON-TREATY 3 - CFD: 17/12/2013 - [] D -- C:\ProgramData\BitGuard
NON-TREATY 3 - CFD: 25/01/2014 - [0] SHD -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
NON-TREATY 3 - CFD: 30/09/2013 - [] D -- C:\Users\Briony\AppData\Roaming\Babylon
NON-TREATY 3 - CFD: 18/10/2013 - [] D -- C:\Users\Briony\AppData\Roaming\UpdaterEX
NON-TREATY 3 - CFD: 18/02/2016 - [] D -- C:\Users\Briony\AppData\Local\dply_en_015020240
========== Summary ==========
9 : Registry keys
6 : Registry values
1 : Elements of the registry data
11 : Folders
7 : Files
1 : Software
10 : Other
End of clean in 00mn 13s
========== Path to file report ==========
C:\Users\Briony\AppData\Roaming\ZHP\ZHPFix[R1].txt - 23/02/2016 00:25:22 [3667]
My replies don't seem to be posting :/
I ran the ZHP Fix:
Rapport de ZHPFix 2015.10.19.9 par Nicolas Coolman, Update du 19/10/2015
Fichier d'export Registre :
Run by Briony at 23/02/2016 00:25:18
High Elevated Privileges : OK
Windows 8 Home Premium Edition, 64-bit Service Pack 1 (9600)
Recycle Bin emptied (00mn 03s)
Prefetcher emptied
========== Software ==========
ABSENT Uninstall Process: c:\users\briony\appdata\roaming\updaterex\updateproc\updatetask.exe
========== Registry keys ==========
REMOVES Software Key: {01BD4FC9-2F86-4706-A62E-774BB7E9D308} [AVG PC TuneUp 2014]
REMOVES Logiciel Key: [HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX]
REMOVES: HKLM\SOFTWARE\Wow6432Node\5b538f8cb33def13
REMOVES: HKLM\SOFTWARE\Wow6432Node\SearchProtect
REMOVES: HKCU\SOFTWARE\5b538f8cb33def13
REMOVES: HKCU\SOFTWARE\UpdaterEX
REMOVES: SearchScopes :{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
REMOVES: SearchScopes :{2C661B38-B039-4C66-BE36-928418913380}
REMOVES:* HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{2C661B38-B039-4C66-BE36-928418913380}
========== Registry values ==========
ABSENT value Standard Profile: FirewallRaz :
ABSENT value Domain Profile: FirewallRaz :
REMOVES: FirewallRaz (Domain) : {9E3D57FC-7C37-4424-9352-4831E97D029D}
REMOVES: FirewallRaz (Domain) : {548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}
REMOVES: FirewallRaz (Domain) : {E7985E1D-C36F-4787-80A8-6350D07E9266}
REMOVES: FirewallRaz (None) : {808F1451-4108-46FD-ADBB-F17324B5F0BD}
========== Elements of the registry data ==========
REMOVES AppInit: \PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll
========== Folders ==========
Deletes temporary Windows (0)
REMOVES Flash Cookies (0)
REMOVES: c:\program files (x86)\bonanzadeals
REMOVES: c:\program files (x86)\dns unlocker
REMOVES: c:\program files (x86)\dply_en_015020240
REMOVES: c:\program files (x86)\oasis space
REMOVES: c:\programdata\babylon
REMOVES: c:\programdata\bitguard
REMOVES: c:\users\briony\appdata\roaming\babylon
REMOVES: c:\users\briony\appdata\roaming\updaterex
REMOVES: c:\users\briony\appdata\local\dply_en_015020240
========== Files ==========
Deletes temporary Windows (0) (0 octets)
REMOVES Flash Cookies (0) (0 octets)
REMOVES: c:\windows\prefetch\dply_en_015020240 - uninstall-e76805c6.pf
REMOVES: c:\windows\prefetch\dply_en_015020240.exe-60bf14d3.pf
REMOVES: c:\windows\prefetch\oasisdply_en_015020240.exe-329a506a.pf
REMOVES: c:\windows\prefetch\oasisspace_setup.exe-0c0813b4.pf
REMOVES: c:\windows\prefetch\updply_en_015020240.exe-d0e8e255.pf
========== Other ==========
NON-TREATY 3 - CFD: 08/02/2014 - [] D -- C:\Program Files (x86)\BonanzaDeals
NON-TREATY 3 - CFD: 18/02/2016 - [] D -- C:\Program Files (x86)\DNS Unlocker
NON-TREATY 3 - CFD: 18/02/2016 - [] D -- C:\Program Files (x86)\dply_en_015020240
NON-TREATY 3 - CFD: 17/02/2016 - [0] D -- C:\Program Files (x86)\Oasis Space
NON-TREATY 3 - CFD: 30/09/2013 - [0] D -- C:\ProgramData\Babylon
NON-TREATY 3 - CFD: 17/12/2013 - [] D -- C:\ProgramData\BitGuard
NON-TREATY 3 - CFD: 25/01/2014 - [0] SHD -- C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
NON-TREATY 3 - CFD: 30/09/2013 - [] D -- C:\Users\Briony\AppData\Roaming\Babylon
NON-TREATY 3 - CFD: 18/10/2013 - [] D -- C:\Users\Briony\AppData\Roaming\UpdaterEX
NON-TREATY 3 - CFD: 18/02/2016 - [] D -- C:\Users\Briony\AppData\Local\dply_en_015020240
========== Summary ==========
9 : Registry keys
6 : Registry values
1 : Elements of the registry data
11 : Folders
7 : Files
1 : Software
10 : Other
End of clean in 00mn 13s
========== Path to file report ==========
C:\Users\Briony\AppData\Roaming\ZHP\ZHPFix[R1].txt - 23/02/2016 00:25:22 [3667]
My replies don't seem to be posting :/
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,164
Feb 23, 2016 at 05:40 AM
Feb 23, 2016 at 05:40 AM
For adwcleaner, run it as admin.
Perrinicus
Posts
16
Registration date
Wednesday February 17, 2016
Status
Member
Last seen
February 23, 2016
Feb 23, 2016 at 06:03 AM
Feb 23, 2016 at 06:03 AM
Yeah, I have tried running it as admin. It just tells me this program is not compatible with my pc and to check for a compatible version with the software maker... Not a clue why it'd be saying that haha
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,164
>
Perrinicus
Posts
16
Registration date
Wednesday February 17, 2016
Status
Member
Last seen
February 23, 2016
Feb 23, 2016 at 06:22 AM
Feb 23, 2016 at 06:22 AM
I just updated to the latest version, see if it works:
https://ccm.net/downloads/security-and-maintenance/6911-adwcleaner/
https://ccm.net/downloads/security-and-maintenance/6911-adwcleaner/
Perrinicus
Posts
16
Registration date
Wednesday February 17, 2016
Status
Member
Last seen
February 23, 2016
Feb 23, 2016 at 06:24 AM
Feb 23, 2016 at 06:24 AM
yeah, it's running now. thanks :)
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,164
>
Perrinicus
Posts
16
Registration date
Wednesday February 17, 2016
Status
Member
Last seen
February 23, 2016
Feb 23, 2016 at 06:26 AM
Feb 23, 2016 at 06:26 AM
Finally!
God save the Queen!
God save the Queen!
Perrinicus
Posts
16
Registration date
Wednesday February 17, 2016
Status
Member
Last seen
February 23, 2016
Feb 23, 2016 at 06:37 AM
Feb 23, 2016 at 06:37 AM
# AdwCleaner v5.036 - Logfile created 23/02/2016 at 11:32:15
# Updated 22/02/2016 by Xplode
# Database : 2016-02-22.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Briony - LAPTOP
# Running from : C:\Users\Briony\Downloads\adwcleaner_5.036.exe
# Option : Cleaning
# Support : https://toolslib.net/forum
[-] Folder Deleted : C:\ProgramData\DSearchLink
[-] Folder Deleted : C:\Users\Briony\AppData\LocalLow\Doko-Toolbar
[-] Folder Deleted : C:\Users\Briony\AppData\LocalLow\Mysearchdial
[-] Folder Deleted : C:\WINDOWS\SysWOW64\SearchProtect
[-] File Deleted : C:\END
[-] File Deleted : C:\Users\Briony\AppData\Local\nwhb-v9.4.15.crx
[-] File Deleted : C:\Users\Briony\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jhjjdgbhohaallcimgcmakfiobacimkm
[-] File Deleted : C:\Users\Briony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage
[-] File Deleted : C:\Users\Public\Desktop\eBay.lnk
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\aoejbmmillcdifgagjpdlaamnalbielp
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aoejbmmillcdifgagjpdlaamnalbielp
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jhjjdgbhohaallcimgcmakfiobacimkm
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82E74373-58AB-47EB-B0F0-A1D82BB8EB5C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\chatango.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\movshare.net
[-] [C:\Users\Briony\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : aoejbmmillcdifgagjpdlaamnalbielp
:: "Tracing" keys removed
:: Winsock settings cleared
C:\AdwCleaner\AdwCleaner[C1].txt - [5603 bytes] - [23/02/2016 11:32:15]
C:\AdwCleaner\AdwCleaner[S1].txt - [5425 bytes] - [23/02/2016 11:24:07]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5749 bytes] ##########
# Updated 22/02/2016 by Xplode
# Database : 2016-02-22.2 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Briony - LAPTOP
# Running from : C:\Users\Briony\Downloads\adwcleaner_5.036.exe
# Option : Cleaning
# Support : https://toolslib.net/forum
- [ Services ] *****
- [ Folders ] *****
[-] Folder Deleted : C:\ProgramData\DSearchLink
[-] Folder Deleted : C:\Users\Briony\AppData\LocalLow\Doko-Toolbar
[-] Folder Deleted : C:\Users\Briony\AppData\LocalLow\Mysearchdial
[-] Folder Deleted : C:\WINDOWS\SysWOW64\SearchProtect
- [ Files ] *****
[-] File Deleted : C:\END
[-] File Deleted : C:\Users\Briony\AppData\Local\nwhb-v9.4.15.crx
[-] File Deleted : C:\Users\Briony\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jhjjdgbhohaallcimgcmakfiobacimkm
[-] File Deleted : C:\Users\Briony\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage
[-] File Deleted : C:\Users\Public\Desktop\eBay.lnk
- [ DLLs ] *****
- [ Shortcuts ] *****
- [ Scheduled tasks ] *****
- [ Registry ] *****
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
[-] Key Deleted : HKCU\Software\Google\Chrome\Extensions\aoejbmmillcdifgagjpdlaamnalbielp
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aoejbmmillcdifgagjpdlaamnalbielp
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jhjjdgbhohaallcimgcmakfiobacimkm
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82E74373-58AB-47EB-B0F0-A1D82BB8EB5C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{29494049-211F-4F5C-8545-7DA8BF7A6CF8}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C4BEF720-313C-420A-ACF6-77DD95D8F553}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\chatango.com
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\movshare.net
- [ Web browsers ] *****
[-] [C:\Users\Briony\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : aoejbmmillcdifgagjpdlaamnalbielp
:: "Tracing" keys removed
:: Winsock settings cleared
C:\AdwCleaner\AdwCleaner[C1].txt - [5603 bytes] - [23/02/2016 11:32:15]
C:\AdwCleaner\AdwCleaner[S1].txt - [5425 bytes] - [23/02/2016 11:24:07]
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5749 bytes] ##########
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,164
Feb 23, 2016 at 06:45 AM
Feb 23, 2016 at 06:45 AM
That did it! Your machine is now as clean as the inside of an angel's underwear!
Yes, you may uninstall.
Yes, you may uninstall.