-
AdwCleaner report and Spybot question
Thanks again for all of your help Ken. I really do appreciate it.
I looked in the control panel at the uninstall options and cannot find the ask toolbar anywhere. I looked through the hierarchy tree you presented and could not find it after allowing the whole list to update. Went out and went back in using the Control Panel > Programs > Uninstall Programs hierarchy and allowed it to fully populate and could not find it there either. I also searched for the term "Ask" in control panel and it returned no results. I see where it has been listed on some of those reports and I know it was accidentally accepted on some of the Java updates over the last couple of years. I usually tried to uninstall it right then.
I determined i was running something called "aswMBR" and not the AdwCleaner. So I have deleted the asw and downloaded the AdwCleaner from your link and that report is attached.
Spybot teatimer. I can't figure this out. I am presently running the free home version of spybot. I would be willing to upgrade that if it will help our cause here. I have read through the article you linked too and cant match that up to my version so I think this might be a version issue. Overall the computer is running fantastically faster. The way I am reading the directions are to right click the spybot icon in the system tray then select settings. I can only find settings under the Advanced Tools.
Spybot Settings 003_ver001 002.jpg
I am stepping out for a few hours but will be back. Thanks again.
Here is the result of the adw report.
# AdwCleaner v4.105 - Report created 09/12/2014 at 07:42:40
# Updated 08/12/2014 by Xplode
# Database : 2014-12-08.2 [Live]
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : XPS8300 - XPS8300-PC
# Running from : C:\Users\XPS8300\Desktop\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
[#] Folder Deleted : C:\ProgramData\Browser Manager
Folder Deleted : C:\ProgramData\wincert
Folder Deleted : C:\Users\Administrator\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Caysie\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\Kids Account\AppData\LocalLow\AskToolbar
Folder Deleted : C:\Users\XPS8300\AppData\Local\~0
Folder Deleted : C:\Users\XPS8300\AppData\Local\BoBrowser
***** [ Scheduled Tasks ] *****
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{065C1A21-97F8-45FB-A9F0-861B60FACEC8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3204358F-5904-46A6-841F-D6B5BE3EF4E3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3AE67737-0E3E-44AA-AA5E-46A68BF017FF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3EE5B726-044A-48D2-AA7B-049BD9A0F62A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60FBBE03-57FF-49D8-B38E-053D3F489825}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6A5182F1-C0B8-42B8-96CC-7F329CD46913}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6C153418-8E4D-4FAF-AF27-5201E38463A7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A26A2F05-AC4D-4A1E-9531-9125F7309B78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5D6240-7DF0-435D-9B9B-F8586A99DE86}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F343045E-E20A-46E1-82D8-9962C43EFC9E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FBB360DC-CB6C-4D6A-808A-2C773151BFFF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFD7DDAC-EC28-42A5-8D39-917B9078604B}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{49606DC7-976D-4030-A74E-9FB5C842FA68}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\BoBrowser
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKLM\SOFTWARE\Clara
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.7
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17420
-\\ Mozilla Firefox v33.1 (x86 en-US)
[4efyq2cv.default\prefs.js] - Line Deleted : user_pref("browser.search.order.1", "Search Results");
[4efyq2cv.default\prefs.js] - Line Deleted : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=394&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=4750383054134711&o=APN10645&q=");
*************************
AdwCleaner[R0].txt - [3029 octets] - [09/12/2014 07:39:00]
AdwCleaner[S0].txt - [2880 octets] - [09/12/2014 07:42:40]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2940 octets] ##########
-
You most likely have the Hosts file locked with Spybot, no need to upgrade , since its the free version go ahead and uninstall it then run my fix, we can reinstall it when where done
-
New Fixlog Report
Attached please find the first report after spybot was removed.
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-12-2014
Ran by XPS8300 at 2014-12-09 11:15:20 Run:2
Running from C:\Users\XPS8300\Downloads
Loaded Profile: XPS8300 (Available profiles: XPS8300 & Kids Account & Caysie & Administrator)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.
EmptyTemp: => Removed 110.6 MB temporary data.
The system needed a reboot.
==== End of Fixlog ====
-
I am attaching the fixlist , lets try running the fix in Safemode
To Enter Safemode
- Go to Start> Shut off your Computer> Restart
- As the computer starts to boot-up, Tap the F8 KEY somewhat rapidly,
this will bring up a menu. - Use the Up and Down Arrow Keys to scroll up to Safemode with Networking
- Then press the Enter Key on your Keyboard
Tutorial if you need it How to boot into Safemode
Last edited by ken545; 2014-12-09 at 20:56.
Reason: Safemode
-
-
Attachment?
Kenn,
I dont see any attachments on that last post.
Thanks again,
Will
-
Fixlist report from safemode
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 08-12-2014
Ran by XPS8300 at 2014-12-09 12:03:33 Run:3
Running from C:\Users\XPS8300\Downloads
Loaded Profile: XPS8300 (Available profiles: XPS8300 & Kids Account & Caysie & Administrator)
Boot Mode: Safe Mode (with Networking)
==============================================
Content of fixlist:
*****************
Start
CloseProcesses:
Hosts:
EmptyTemp:
End
*****************
Processes closed successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.7 GB temporary data.
The system needed a reboot.
==== End of Fixlog ====
-
Wonderful, good job my friend 
How is your system behaving now, any signs of Poweliks, any unwanted pop up windows or bogus toolbars, any browser redirects ???
-
Update
None of those things. I can't remember when it was this fast and quiet. I haven't seen a single popup since after the first round of fixes.
-
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
