PDA

View Full Version : Delta.Toolbar in Google Chrome


orssi
2013-09-25, 22:16
Hi Trisha all 3 of my browsers I’ve previously checked tools, settings and control panel and removed any traces of delta toolbar. Delta toolbar only utilises chrome Version 29.0.1547.76 m.
Since Saturday last 5 days ago Delta.Toolbar has not sent up any pop-ups in chrome. As chrome had decided itself to delete itself and re-install another version. I think google had decided to do that as I had sent them a screen shot of all the pop-ups that delta.toolbar had put out.

I have Spybot S&D 2.1.

Can’t include Spybots scan results. My pc on right click to copy to clipboard spybots results doesn’t work in this situ. It normally works fine. As two items are not being cleaned these are delta.toolbar. Please instruct if you want this info?
Last night when I ran aswMBR.exe, a third of the way through the scan it shutdown and restarted my PC. Obviously, I re-started the scan and that’s the one I’ve posted.

Thank you again for your help

Orssi
ken545
2013-10-02, 11:30
:snwelcome:

I moved your post to the malware removal forum, we just use the waiting room for you to let us know you where overlooked


It looks like you just have some bogus toolbars installed, lets do this

Please download AdwCleaner (http://www.bleepingcomputer.com/download/adwcleaner/) by Xplode and save to your Desktop.

Double click on AdwCleaner.exe to run the tool.
Vista/Windows 7/8 users right-click and select Run As Administrator (http://windows.microsoft.com/en-US/windows7/How-do-I-run-an-application-once-with-a-full-administrator-access-token).
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
Copy and paste the contents of that logfile in your next reply.
A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
ken545
2013-10-03, 20:34
Hi, still with me , still need help ?
orssi
2013-10-03, 20:52
Hi Ken::alien: Thanks for your help. Had problem finding AdwCleaner to downloadfrom the link. spent 3hrs removing from my computer secure address bar gizmo. avg search that hijacked all 3 of my browsers and another going to rid me of all malware. none of this I had any choice or had choosen to download.
I stress you check out the link yourself. Take it down or re-new it. Or make it clearer to find. I am going away early tomorrow morn. back on monday and don't have any time to spend on this reply to you. I will be downloading the AdwCleaner remotely and running it. before I leave. Good luck.

Regards

http://forums.spybot.info/showthread.php?69279-Can-t-remove-malware-c-from-system-scan&p=445661#post445661
ken545
2013-10-03, 21:14
If you would have put your mouse over the link its hot and would have taken you to the download page

AdwCleaner (http://www.bleepingcomputer.com/download/adwcleaner/) by Xplode and save to your Desktop.

http://www.bleepingcomputer.com/download/adwcleaner/ <--Here is is

I will keep this thread open for you, see you when you return
orssi
2013-10-09, 22:22
I had cleaned some items from the scan including delta toolbar. here is my logfie.

# AdwCleaner v3.007 - Report created 09/10/2013 at 21:02:57
# Updated 09/10/2013 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Roy - RAYS-PC
# Running from : C:\Users\Roy\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

[x] Not Deleted : C:\ProgramData\~0
[x] Not Deleted : C:\ProgramData\Ask
[x] Not Deleted : C:\ProgramData\boost_interprocess
[x] Not Deleted : C:\ProgramData\ParetoLogic
[x] Not Deleted : C:\Program Files\WebConnect
Folder Deleted : C:\Program Files\My_Voucher_Codes
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Roy\AppData\Local\AVG Secure Search
[x] Not Deleted : C:\Users\Roy\AppData\Local\PackageAware
[x] Not Deleted : C:\Users\Roy\AppData\Local\torch
Folder Deleted : C:\Users\Roy\AppData\Local\My_Voucher_Codes
[x] Not Deleted : C:\Users\Roy\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Roy\AppData\LocalLow\Delta
[x] Not Deleted : C:\Users\Roy\AppData\LocalLow\searchquband
[x] Not Deleted : C:\Users\Roy\AppData\LocalLow\ShopperReports3
Folder Deleted : C:\Users\Roy\AppData\LocalLow\My_Voucher_Codes
[x] Not Deleted : C:\Users\Roy\AppData\Roaming\DriverCure
[x] Not Deleted : C:\Users\Roy\AppData\Roaming\DSite
[x] Not Deleted : C:\Users\Roy\AppData\Roaming\ParetoLogic
[x] Not Deleted : C:\Users\Roy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch
[x] Not Deleted : C:\Users\Roy\AppData\Local\Google\Chrome\User Data\Default\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
File Deleted : C:\Users\Roy\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Windows\Tasks\DSite.job
File Deleted : C:\Windows\System32\Tasks\DSite
File Deleted : C:\Windows\System32\Tasks\QtraxPlayer

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
[x] Not Deleted : HKCU\Software\Mozilla\Firefox\Extensions [lfind@nijadsoft.net]
[x] Not Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kiplfnciaokpcennlkldkdaeaaomamof
[x] Not Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DSite
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DA37771C-5761-408A-B000-74AC3BE04FFD}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DA37771C-5761-408A-B000-74AC3BE04FFD}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\QtraxPlayer
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{572332F3-F126-43C1-8A06-A4308B15537D}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{572332F3-F126-43C1-8A06-A4308B15537D}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\grusskartencenter.com
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains\grusskartencenter.com
[x] Not Deleted : HKCU\Toolbar
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[x] Not Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[x] Not Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
[x] Not Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
[x] Not Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
[x] Not Deleted : HKLM\SOFTWARE\Classes\S
[x] Not Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[x] Not Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[x] Not Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[x] Not Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[x] Not Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[x] Not Deleted : HKCU\Software\a2d8dae76ab810
[x] Not Deleted : HKLM\SOFTWARE\a2d8dae76ab810
[x] Not Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1971030
[x] Not Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2336436
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[x] Not Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{865D7100-82C7-42F4-9C06-860DEC0871B2}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{15B9700D-F5B7-4D0A-AE43-9B5099836A58}
[x] Not Deleted : HKLM\SOFTWARE\Classes\CLSID\{C680ABC0-F407-40EC-B0AC-9D9A23B7F5E5}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{37425600-CB21-49A0-8659-476FBAB0F8E8}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{453DB0C5-F41C-4D97-8DD6-CC72ECD5F699}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{4AFC07D0-59BB-46B8-B097-1A46E88EEF71}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{6511CE4C-4722-40D0-AD3D-4AFA2F50978A}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{83B2FE06-BA20-4F7D-96C6-6FC3A4E877D3}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{9BEC9B38-BF39-4899-806E-A1C5DFEB60A2}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{B32966A2-F7C2-4362-A6CF-399EC8B44110}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{B86D82BF-D39F-439A-A07C-43EDDC6F6EA6}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{DA6305B9-0869-4235-8C1D-533A65E639E5}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{E6961C59-CFCE-4CCD-B794-BC78DB98413A}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
[x] Not Deleted : HKLM\SOFTWARE\Classes\Interface\{F8B4EC8A-2407-4BE0-AEE2-0F430D65A90D}
[x] Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[x] Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[x] Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[x] Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[x] Not Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F74E6442-E998-4144-AAF2-4D653061239A}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15B9700D-F5B7-4D0A-AE43-9B5099836A58}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{15B9700D-F5B7-4D0A-AE43-9B5099836A58}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{15B9700D-F5B7-4D0A-AE43-9B5099836A58}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CCB69577-088B-4004-9ED8-FF5BCC83A039}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C680ABC0-F407-40EC-B0AC-9D9A23B7F5E5}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11BF46C6-B3DE-48BD-BF70-3AD85CAB80B6}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{25336ECB-63D2-4585-B7B3-9965D560EBB7}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FDA8B18B-A318-4122-AAF0-6EE76D676A22}
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8B63A8D6-BBED-4341-8867-790E5F524C96}
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{C04B7D22-5AEC-4561-8F49-27F6269208F6}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{99079A25-328F-4BD4-BE04-00955ACAA0A7}]
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{15B9700D-F5B7-4D0A-AE43-9B5099836A58}]
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{30F9B915-B755-4826-820B-08FBA6BD249D}]
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D7E97865-918F-41E4-9CD0-25AB1C574CE8}]
[x] Not Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{15B9700D-F5B7-4D0A-AE43-9B5099836A58}]
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{15B9700D-F5B7-4D0A-AE43-9B5099836A58}]
[x] Not Deleted : HKCU\Software\DataMngr
[x] Not Deleted : HKCU\Software\dsiteproducts
[x] Not Deleted : HKCU\Software\ilivid
[x] Not Deleted : HKCU\Software\ImInstaller
[x] Not Deleted : HKCU\Software\InstallCore
[x] Not Deleted : HKCU\Software\jZip
[x] Not Deleted : HKCU\Software\ParetoLogic
[x] Not Deleted : HKCU\Software\torch
[x] Not Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\My_Voucher_Codes
[x] Not Deleted : HKCU\Software\AppDataLow\Toolbar
[x] Not Deleted : HKCU\Software\AppDataLow\Software\Conduit
[x] Not Deleted : HKCU\Software\AppDataLow\Software\LyricsFinder
[x] Not Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar
[x] Not Deleted : HKCU\Software\AppDataLow\Software\ShopperReports3
Key Deleted : HKCU\Software\AppDataLow\Software\My_Voucher_Codes
Key Deleted : HKLM\Software\AVG Security Toolbar
[x] Not Deleted : HKLM\Software\DataMngr
[x] Not Deleted : HKLM\Software\ImInstaller
[x] Not Deleted : HKLM\Software\ParetoLogic
[x] Not Deleted : HKLM\Software\torch
[x] Not Deleted : HKLM\Software\Vittalia
Key Deleted : HKLM\Software\My_Voucher_Codes
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
[x] Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\My_Voucher_Codes Toolbar
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ShopperReportsSA
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\torch
[x] Not Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WebConnect
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\My_Voucher_Codes Toolbar
[x] Not Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
[x] Not Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16506


-\\ Mozilla Firefox v24.0 (en-GB)

[ File : C:\Users\Roy\AppData\Roaming\Mozilla\Firefox\Profiles\oh77v4ob.default-1380658783501\prefs.js ]


-\\ Google Chrome v30.0.1599.69

[ File : C:\Users\Roy\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url

*************************

AdwCleaner[R0].txt - [17098 octets] - [09/10/2013 20:09:09]
AdwCleaner[S0].txt - [17891 octets] - [09/10/2013 21:02:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17952 octets] ##########
ken545
2013-10-09, 23:09
Hi,

Why did you not remove these ?


This is not malware but a very inferior search engine
C:\ProgramData\Ask

These will serve up adds and other stuff and are garbage and need to be removed, they fall somewhere in the grey zone
C:\Program Files\WebConnect
C:\Users\Roy\AppData\LocalLow\searchquband
C:\Users\Roy\AppData\LocalLow\Conduit
C:\Users\Roy\AppData\LocalLow\ShopperReports3
[x] Not Deleted : HKCU\Software\DataMngr
[x] Not Deleted : HKCU\Software\dsiteproducts
[x] Not Deleted : HKCU\Software\ilivid
[x] Not Deleted : HKCU\Software\ImInstaller
[x] Not Deleted : HKCU\Software\InstallCore



Double click on AdwCleaner.exe to run the tool again.

Click on the Scan button.
AdwCleaner will begin to scan your computer like it did before.
After the scan has finished...
This time, click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
Copy and paste the contents of that logfile in your next reply.
A copy of that logfile will also be saved in the C:\AdwCleaner folder.





http://imageshack.us/a/img841/7292/thisisujrt.gif Please download Junkware Removal Tool (http://thisisudax.org/downloads/JRT.exe) to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.
ken545
2013-10-13, 22:23
Due to inactivity, this thread will now be closed.

If it has been three days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a new DDS log with a link to your previous thread. Please do not add any logs that might have been requested in the closed topic, you would be starting fresh.