Jump to content
Sign in to follow this  
kristina

PC running slow and lagging

Recommended Posts

Ran a scan on ESET and this showed up

 

C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-ORJ-V7[1].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\ApnIC[1].0 a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\ApnIC[1].0 a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
C:\Users\Jane\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\2a5f5411-45fe8d8c a variant of Java/Obfus.CL trojan cleaned by deleting - quarantined
C:\Users\Jane\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\36\f9c4264-534c7c7e a variant of Java/Obfus.CL trojan cleaned by deleting - quarantined
C:\Users\Jane\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\47\29afa52f-226266e1 a variant of Java/Obfus.CF trojan cleaned by deleting - quarantined
C:\Users\Jane\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\511e2909-4dfccd6d a variant of Java/Obfus.CF trojan cleaned by deleting - quarantined
C:\Users\Jane\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\9\511e2909-69dfb6e5 a variant of Java/Obfus.CF trojan cleaned by deleting - quarantined
C:\Users\Jane\Downloads\Shockwave_Installer_Slim.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Windows\Installer\MSIDF3D.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\Windows\System32\Adobe\Shockwave 12\gt.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-ORJ-V7[1].7z a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FZG8CKJ5\ApnIC[1].0 a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LIXMVQOA\ApnIC[1].0 a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application deleted - quarantined

Share this post


Link to post
Share on other sites

Download AdwCleaner AdwCleaner by Xplode and save to your Desktop

.

Step 1.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.

 

Step 2.
Using AdwCleaner v3: Scan & Clean:

This time click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a logfile report (AdwCleaner[s#].txt) will open automatically (where the largest value of # represents the most recent report).
Copy and paste the contents of that logfile in your next reply.
A copy of that logfile will also be saved in the C:\AdwCleaner folder

 

******Post both .txt logs

Share this post


Link to post
Share on other sites
# AdwCleaner v3.310 - Report created 18/09/2014 at 02:44:50

# Updated 12/09/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Jane - JANE-HP

# Running from : C:\Users\Jane\Desktop\AdwCleaner.exe

# Option : Scan


***** [ Services ] *****


Service Found : vToolbarUpdater17.3.0


***** [ Files / Folders ] *****


File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

File Found : C:\Users\Jane\AppData\Roaming\Mozilla\Firefox\Profiles\3v1xxow7.default\searchplugins\Askcom.xml

Folder Found : C:\Program Files (x86)\AVG SafeGuard toolbar

Folder Found : C:\Program Files (x86)\Common Files\AVG Secure Search

Folder Found : C:\ProgramData\Ask

Folder Found : C:\ProgramData\AVG SafeGuard toolbar

Folder Found : C:\ProgramData\AVG Security Toolbar

Folder Found : C:\Users\Jane\AppData\Local\AVG SafeGuard toolbar

Folder Found : C:\Users\Jane\AppData\Local\AVG Secure Search


***** [ Scheduled Tasks ] *****



***** [ Shortcuts ] *****



***** [ Registry ] *****


Key Found : HKCU\Software\AVG SafeGuard toolbar

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}

Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Found : HKCU\Software\YahooPartnerToolbar

Key Found : [x64] HKCU\Software\AVG SafeGuard toolbar

Key Found : [x64] HKCU\Software\YahooPartnerToolbar

Key Found : HKLM\SOFTWARE\AVG Secure Search

Key Found : HKLM\SOFTWARE\AVG Security Toolbar

Key Found : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Found : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Found : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Found : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Key Found : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Key Found : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Key Found : HKLM\SOFTWARE\DeviceVM

Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32

Key Found : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS

Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.1

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Found : [x64] HKLM\SOFTWARE\DeviceVM

Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4F524A2D-5637-006A-76A7-7A786E7484D7}]

Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D8278076-BC68-4484-9233-6E7F1628B56C}]

Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]


***** [ Browsers ] *****


-\\ Internet Explorer v11.0.9600.17280



-\\ Mozilla Firefox v32.0.1 (x86 en-US)


[ File : C:\Users\Jane\AppData\Roaming\Mozilla\Firefox\Profiles\3v1xxow7.default\prefs.js ]


Line Found : user_pref("browser.search.defaultenginename", "Ask.com");

Line Found : user_pref("browser.search.order.1", "Ask.com");

Line Found : user_pref("browser.search.selectedEngine", "Ask.com");


-\\ Google Chrome v


[ File : C:\Users\Jane\AppData\Local\Google\Chrome\User Data\Default\preferences ]



*************************


AdwCleaner[R0].txt - [5177 octets] - [18/09/2014 02:44:50]


########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [5237 octets] ##########

Share this post


Link to post
Share on other sites
# AdwCleaner v3.310 - Report created 18/09/2014 at 02:56:37

# Updated 12/09/2014 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Jane - JANE-HP

# Running from : C:\Users\Jane\Desktop\AdwCleaner.exe

# Option : Clean


***** [ Services ] *****


Service Deleted : vToolbarUpdater17.3.0


***** [ Files / Folders ] *****


Folder Deleted : C:\ProgramData\Ask

Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar

Folder Deleted : C:\ProgramData\AVG Security Toolbar

Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar

Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search

Folder Deleted : C:\Users\Jane\AppData\Local\AVG SafeGuard toolbar

Folder Deleted : C:\Users\Jane\AppData\Local\AVG Secure Search

File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk

File Deleted : C:\Users\Jane\AppData\Roaming\Mozilla\Firefox\Profiles\3v1xxow7.default\searchplugins\Askcom.xml


***** [ Scheduled Tasks ] *****



***** [ Shortcuts ] *****



***** [ Registry ] *****


Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskSLib_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{4F524A2D-5637-006A-76A7-7A786E7484D7}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{D8278076-BC68-4484-9233-6E7F1628B56C}]

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKCU\Software\AVG SafeGuard toolbar

Key Deleted : HKCU\Software\YahooPartnerToolbar

Key Deleted : HKLM\SOFTWARE\AVG Secure Search

Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar

Key Deleted : HKLM\SOFTWARE\DeviceVM

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Coupon Printer for Windows5.0.0.1

Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM


***** [ Browsers ] *****


-\\ Internet Explorer v11.0.9600.17280



-\\ Mozilla Firefox v32.0.1 (x86 en-US)


[ File : C:\Users\Jane\AppData\Roaming\Mozilla\Firefox\Profiles\3v1xxow7.default\prefs.js ]


Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");

Line Deleted : user_pref("browser.search.order.1", "Ask.com");

Line Deleted : user_pref("browser.search.selectedEngine", "Ask.com");


-\\ Google Chrome v


[ File : C:\Users\Jane\AppData\Local\Google\Chrome\User Data\Default\preferences ]


Deleted [search Provider] : hxxp://websearch.ask.com/redirect?client=cr&src=kw&tb=PSI&o=15116&locale=en_US&apn_uid=f9fad76d-c98a-405e-9332-8e5bb60d04d8&apn_ptnrs=L6&apn_sauid=E6193686-A8C0-4C9B-89B3-770FA53AFFE0&apn_dtid=YYYYYYYYUS&q={searchTerms}

Deleted [search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}

Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms}

Deleted [search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3323893&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP6B365B1A-A51E-4BEC-97C7-794C77013EEF&q={searchTerms}&SSPV=


*************************


AdwCleaner[R0].txt - [5341 octets] - [18/09/2014 02:44:50]

AdwCleaner[s0].txt - [5847 octets] - [18/09/2014 02:56:37]


########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [5907 octets] ##########

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×