[bhzendner]

# AdwCleaner v4.107 - Report created 14/01/2015 at 07:36:39

# Updated 07/01/2015 by Xplode

# Database : 2015-01-13.2 [Live]

# Operating System : Windows 8.1  (64 bits)

# Username : Sheila - ACCOUNTING

# Running from : C:\Users\Sheila\Desktop\adwcleaner_4.107.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\ProgramData\Uniblue

Folder Deleted : C:\Users\Sheila\AppData\Local\GeniusBox

Folder Deleted : C:\Users\Sheila\AppData\LocalLow\YahooCouponAddOn

Folder Deleted : C:\Users\Sheila\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggebenakhmhfdkmkemdmllecchcldgec

Folder Deleted : C:\Users\Sheila\AppData\Local\Google\Chrome\User Data\Default\Extensions\eefhnbpnnaaokmclnihgajdnlgljajjg

File Deleted : C:\Users\Sheila\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage

File Deleted : C:\Users\Sheila\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

File Deleted : C:\Users\Sheila\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage

File Deleted : C:\Users\Sheila\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_www.superfish.com_0.localstorage-journal

 

***** [ Scheduled Tasks ] *****

 

Task Deleted : Optimizer Pro Schedule

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bmiabdepfhhiieiipmeecdmeljggmfee

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\fmgckcapmffomaifonnhgkfdgljnkpgi

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ggebenakhmhfdkmkemdmllecchcldgec

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eefhnbpnnaaokmclnihgajdnlgljajjg

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com

Key Deleted : HKLM\SOFTWARE\Classes\driverscanner

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{26B19FA4-E8A1-4A1B-A163-1A1E46F830DD}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKCU\Software\Search Extensions

Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}

Key Deleted : HKLM\SOFTWARE\Uniblue

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ib.adnxs.com

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\lax1.ib.adnxs.com

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\quizzes.ask.com

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.ask.com

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.17416

 

 

-\\ Google Chrome v39.0.2171.95

 

[C:\Users\Sheila\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}

[C:\Users\Sheila\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

 

-\\ Opera v21.0.1432.67

 

[C:\Users\Sheila\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}

[C:\Users\Sheila\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}

 

*************************

 

AdwCleaner[R0].txt - [4278 octets] - [14/01/2015 07:30:58]

AdwCleaner[S0].txt - [4303 octets] - [14/01/2015 07:36:39]

 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4363 octets] ##########

[Advertisements]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.4.1 (12.28.2014:1)

OS: Windows 8.1 x64

Ran by Sheila on Wed 01/14/2015 at  7:47:39.03

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

Successfully deleted: [File] C:\Windows\prefetch\DRIVERSCANNER.TMP-10C06897.pf

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\ProgramData\pcdr"

Successfully deleted: [Folder] "C:\Users\Sheila\AppData\Roaming\pcdr"

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Wed 01/14/2015 at  7:50:05.89

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[bhzendner]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.4.1 (12.28.2014:1)

OS: Windows 8.1 x64

Ran by Sheila on Wed 01/14/2015 at  7:47:39.03

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

Successfully deleted: [File] C:\Windows\prefetch\DRIVERSCANNER.TMP-10C06897.pf

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\ProgramData\pcdr"

Successfully deleted: [Folder] "C:\Users\Sheila\AppData\Roaming\pcdr"

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Wed 01/14/2015 at  7:50:05.89

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[bhzendner]

Where are we?

[zep516]

Hello,

How is the computer doing right now ?

Joe

[bhzendner]

Seems ok, no switchbacks so far, what do the logs show?

[zep516]

Hello,

A few items to address in log,

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Open notepad (Start =>All Programs => Accessories => Notepad).
Copy/Paste the contents of the code box below into Notepad.

start
CloseProcesses:
CreateRestorePoint:
ProxyEnable: [S-1-5-21-2236943327-1624783660-3240051488-1001] => Internet Explorer proxy is enabled.
ProxyServer: [S-1-5-21-2236943327-1624783660-3240051488-1001] => http=127.0.0.1:62929;https=127.0.0.1:62929
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2236943327-1624783660-3240051488-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
CHR DefaultSuggestURL: Default -> http://vinstaller.co...nd={searchTerms}
CHR HKLM\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - No Path
CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - No Path
CHR HKLM-x32\...\Chrome\Extension: [eefhnbpnnaaokmclnihgajdnlgljajjg] - No Path
CHR HKLM-x32\...\Chrome\Extension: [fmgckcapmffomaifonnhgkfdgljnkpgi] - No Path
CHR HKLM-x32\...\Chrome\Extension: [ggebenakhmhfdkmkemdmllecchcldgec] - No Path
CHR HKLM-x32\...\Chrome\Extension: [idkknaphebegndgimgdpfnconcickdfn] - No Path
CHR HKLM-x32\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - No Path
C:\Users\Sheila\AppData\Local\Temp\install_temp.exe
C:\Users\Sheila\AppData\Local\Temp\SymCCIS.dll
C:\Users\Sheila\AppData\Local\Temp\SymInstallStub.exe
CustomCLSID: HKU\S-1-5-21-2236943327-1624783660-3240051488-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sheila\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
Task: {29CCCB71-F507-413C-A077-9F598E1544EE} - \PCDoctorBackgroundMonitorTask No Task File <==== ATTENTION
Task: {5B4099C8-73CE-479D-8F95-0668AEF3EDF7} - \PocketCloud No Task File <==== ATTENTION
Task: {660121E0-B19C-483A-BA14-74D81C9F567C} - \Optimizer Pro Schedule No Task File <==== ATTENTION
Task: {8108E642-F471-4E3D-B1CC-2AD7B5717F9B} - \SystemToolsDailyTest No Task File <==== ATTENTION
Task: {D9053E81-7BF5-4FB1-890E-9E110AFF233A} - \PocketCloudUpdater No Task File <==== ATTENTION
Task: {F610FF9A-DF56-4C75-AB3F-6C61F0D45888} - \PocketCloudVirtualChannel No Task File <==== ATTENTION
Task: {FB416C51-0EB9-4CB8-92A0-B0F4BC2FDDF8} - \PCDEventLauncherTask No Task File <==== ATTENTION
AlternateDataStreams: C:\Users\Sheila\OneDrive:ms-properties
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
CMD: ipconfig /flushdns
hosts:
Emptytemp:
reboot:
end

Click Format and ensure Wordwrap is unchecked.
Save as Fixlist.txt to your Desktop (Must be in this location)
Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

In your next reply post:

Fixlog.txt

Thanks
Joe