http://redirect.trafficz.com

[shelf life]

ok. thanks for the info. Rerun Adwcleaner, click the Search button then when its done click the delete button. May be prompted to reboot your machine. After the restart a log file will open. Save it to your desktop.

May has well grab this also;

Download & SAVE RougeKiller
Double click to start
For Vista or Windows 7, right-click and select run as Admin
Once the Prescan has finished click the scan button
Once the scan is done a report.txt will be on your desktop.
Exit Rougekiller by going to File>Quit.
copy/paste the RKreport saved to your DeskTop

Also get the free version of Ccleaner. Double click the .exe to install then run the desktop icon. Under cleaner and the Windows tab select everything listed under your browsers, IE. Also under the applications tab select everything listed under the browsers, chrome and firefox. You can leave the passwords options unchecked if you want to.

So MBAM anti-rootkit didnt find anything? I figure this is something simply and not a rootkit.

 

[msobczak]

ESET scan currently in progress

It looks like one of the fixup tools I ran yesterday has made it possible for me to start an online ESET scan. Its currently in process. So far, it has found the following:

Win32/OpenCandy application
a variant of Win32/AdInstaller application
probably a variant of Win32Adware.Softomate.AD application

I'll post as soon as the scan finishes.

 

[msobczak]

ESET scan results

D:\Downloads\couponprinter.exe probably a variant of Win32/Adware.Softomate.AD application
D:\Downloads\zlsSetup_70_483_000_en.exe a variant of Win32/AdInstaller application
D:\Downloads\DaemonToolsLite\DTLite4454-0315.exe Win32/OpenCandy application
D:\Downloads\PCUtilities\ZoneLabs\zlsSetup_70_462_000_en.exe a variant of Win32/AdInstaller application
D:\Downloads\Podcasts\couponprinter.exe probably a variant of Win32/Adware.Softomate.AD application

 

[shelf life]

Looks like you have some bundled adware in those exe on your D drive. Most adware should be spelled out in the EULA and be a optional install or at least removable via the add/remove programs panel. Some may not be. Malware apps may also remove the adware component. If you reinstall using those exe, adware will be installed again.

This is similar to ccleaner in removing temps, just more automated:

Download TFC.exe to your desktop

Close any open windows including your browser
Double click the TFC icon
Click the Start button
Allow TFC to run uninterrupted.
Once its finished, if prompted reboot your machine.
If not prompted please reboot anyway to delete any "in use" temp. files

Hows it all looking now on your end?