Hi: When I´m navigating (either with explorer or Chrome) there are coming up some advertisement pages. I´ve already passed Adwcleaner, avast and it´s still there. Any suggestion?

Thanks in advance.

Re: Disturbing advertisement pages poping up when navigating

Hello,

Can you share the AdwCleaner logfile ? (from C:\AdwCleaner)

Best regards,

Re: Disturbing advertisement pages poping up when navigating

I have the same problem, too.

Here's the log:

 

 

# AdwCleaner v5.112 - Logfile created 22/04/2016 at 21:39:10 # Updated 17/04/2016 by Xplode # Database : 2016-04-19.5 [Server] # Operating system : Windows 7 Ultimate Service Pack 1 (X64) # Username : Jay87 - JAY87-PC # Running from : C:\Users\Jay87\Downloads\adwcleaner_5.112.exe # Option : Clean # Support : http://toolslib.net/forum

***** [ Services ] *****

[-] Service Deleted : PrivoxyService [-] Service Deleted : TSSKX64

***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\IT Viewer [-] Folder Deleted : C:\ProgramData\IQIYI Video [-] Folder Deleted : C:\ProgramData\TXQMPC [#] Folder Deleted : C:\ProgramData\Application Data\IQIYI Video [#] Folder Deleted : C:\ProgramData\Application Data\TXQMPC [-] Folder Deleted : C:\Users\admin441\AppData\Roaming\tencent [-] Folder Deleted : C:\Users\admin441\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件 [-] Folder Deleted : C:\Users\Jay87\AppData\Local\SysassistByHotWheel [-] Folder Deleted : C:\Users\Jay87\AppData\Local\Temp\tencent [-] Folder Deleted : C:\Users\Jay87\AppData\Roaming\Interstat [-] Folder Deleted : C:\Users\Jay87\AppData\Roaming\IQIYI Video [-] Folder Deleted : C:\Users\Jay87\AppData\Roaming\ppslog [-] Folder Deleted : C:\Users\Jay87\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Interstat [-] Folder Deleted : C:\Users\Jay87\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件 [-] Folder Deleted : C:\Users\Jay87\AppData\Roaming\Opera Software\Opera Stable\Extensions\jfpgjlplpojnpkaificagcenfioefeif [-] Folder Deleted : C:\Users\Jay87\AppData\Roaming\Opera Software\Opera Stable\Extensions\nhmjpalfhipedhgfhdngmbmbnffkggag [-] Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\tencent

***** [ Files ] *****

[-] File Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk [-] File Deleted : C:\Users\admin441\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kbbiibiicmcbofhnegjmddbppaffnfml_0.localstorage [#] File Deleted : C:\Users\admin441\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kbbiibiicmcbofhnegjmddbppaffnfml_0.localstorage [-] File Deleted : C:\Users\admin441\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_innovatedirect-a.akamaihd.net_0.localstorage [-] File Deleted : C:\Users\admin441\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_innovatedirect-a.akamaihd.net_0.localstorage-journal [-] File Deleted : C:\Users\admin441\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_searchknow-a.akamaihd.net_0.localstorage [-] File Deleted : C:\Users\admin441\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_searchknow-a.akamaihd.net_0.localstorage-journal [#] File Deleted : C:\Users\admin441\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_innovatedirect-a.akamaihd.net_0.localstorage [#] File Deleted : C:\Users\admin441\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_innovatedirect-a.akamaihd.net_0.localstorage-journal [#] File Deleted : C:\Users\admin441\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_searchknow-a.akamaihd.net_0.localstorage [#] File Deleted : C:\Users\admin441\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_searchknow-a.akamaihd.net_0.localstorage-journal [-] File Deleted : C:\Users\admin441\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_news.qq.com_0.localstorage [-] File Deleted : C:\Users\admin441\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_news.qq.com_0.localstorage-journal [#] File Deleted : C:\Users\admin441\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件\电脑管家\电脑管家.lnk [-] File Deleted : C:\Users\admin441\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_goamfidhcknfpfhlcdemdpdckonopggo_0.localstorage [-] File Deleted : C:\Users\admin441\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_kbbiibiicmcbofhnegjmddbppaffnfml_0.localstorage [#] File Deleted : C:\Users\admin441\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_goamfidhcknfpfhlcdemdpdckonopggo_0.localstorage [#] File Deleted : C:\Users\admin441\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_kbbiibiicmcbofhnegjmddbppaffnfml_0.localstorage [-] File Deleted : C:\Users\Jay87\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_goamfidhcknfpfhlcdemdpdckonopggo_0.localstorage [-] File Deleted : C:\Users\Jay87\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_goamfidhcknfpfhlcdemdpdckonopggo_0.localstorage-journal [-] File Deleted : C:\Users\Jay87\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\goamfidhcknfpfhlcdemdpdckonopggo [-] File Deleted : C:\Users\Jay87\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kbbiibiicmcbofhnegjmddbppaffnfml_0.localstorage [-] File Deleted : C:\Users\Jay87\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kbbiibiicmcbofhnegjmddbppaffnfml_0.localstorage-journal [-] File Deleted : C:\Users\Jay87\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kbbiibiicmcbofhnegjmddbppaffnfml [#] File Deleted : C:\Users\Jay87\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_goamfidhcknfpfhlcdemdpdckonopggo_0.localstorage [#] File Deleted : C:\Users\Jay87\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_goamfidhcknfpfhlcdemdpdckonopggo_0.localstorage-journal [#] File Deleted : C:\Users\Jay87\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\goamfidhcknfpfhlcdemdpdckonopggo [#] File Deleted : C:\Users\Jay87\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kbbiibiicmcbofhnegjmddbppaffnfml_0.localstorage [#] File Deleted : C:\Users\Jay87\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kbbiibiicmcbofhnegjmddbppaffnfml_0.localstorage-journal [#] File Deleted : C:\Users\Jay87\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\kbbiibiicmcbofhnegjmddbppaffnfml [-] File Deleted : C:\Users\Jay87\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_innovatedirect-a.akamaihd.net_0.localstorage [-] File Deleted : C:\Users\Jay87\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_innovatedirect-a.akamaihd.net_0.localstorage-journal [-] File Deleted : C:\Users\Jay87\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_searchknow-a.akamaihd.net_0.localstorage [-] File Deleted : C:\Users\Jay87\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_searchknow-a.akamaihd.net_0.localstorage-journal [#] File Deleted : C:\Users\Jay87\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_innovatedirect-a.akamaihd.net_0.localstorage [#] File Deleted : C:\Users\Jay87\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_innovatedirect-a.akamaihd.net_0.localstorage-journal [#] File Deleted : C:\Users\Jay87\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_searchknow-a.akamaihd.net_0.localstorage [#] File Deleted : C:\Users\Jay87\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_searchknow-a.akamaihd.net_0.localstorage-journal [-] File Deleted : C:\Users\Jay87\AppData\Roaming\Mozilla\Firefox\Profiles\vd556oaq.default-1447250486375\invalidprefs.js [-] File Deleted : C:\Users\Jay87\AppData\Roaming\Mozilla\Firefox\Profiles\vd556oaq.default-1447250486375\searchplugins\eshield-safe-web.xml [-] File Deleted : C:\Users\Jay87\AppData\Roaming\Mozilla\Firefox\Profiles\vd556oaq.default-1447250486375\searchplugins\default.xml [-] File Deleted : C:\Users\Jay87\AppData\Roaming\Mozilla\Firefox\Profiles\vd556oaq.default-1447250486375\searchplugins\mysites123.xml [-] File Deleted : C:\Users\Jay87\AppData\Roaming\Mozilla\Firefox\Profiles\vd556oaq.default-1447250486375\searchplugins\Search Provided by Yahoo.xml [-] File Deleted : C:\Users\Jay87\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_goamfidhcknfpfhlcdemdpdckonopggo_0.localstorage [-] File Deleted : C:\Users\Jay87\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_jfpgjlplpojnpkaificagcenfioefeif_0.localstorage [-] File Deleted : C:\Users\Jay87\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\jfpgjlplpojnpkaificagcenfioefeif [-] File Deleted : C:\Users\Jay87\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_kbbiibiicmcbofhnegjmddbppaffnfml_0.localstorage [-] File Deleted : C:\Users\Jay87\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_nhmjpalfhipedhgfhdngmbmbnffkggag_0.localstorage [-] File Deleted : C:\Users\Jay87\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\nhmjpalfhipedhgfhdngmbmbnffkggag [#] File Deleted : C:\Users\Jay87\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_goamfidhcknfpfhlcdemdpdckonopggo_0.localstorage [#] File Deleted : C:\Users\Jay87\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_kbbiibiicmcbofhnegjmddbppaffnfml_0.localstorage [-] File Deleted : C:\Windows\SysNative\drivers\TSSKX64.sys [-] File Deleted : C:\Windows\SysNative\drivers\TFsFltX64.sys [-] File Deleted : C:\Windows\SysWOW64\drivers\TS888x64.sys

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

[-] Task Deleted : simplitec Power Suite (Tray) [-] Task Deleted : simplitec Power Suite [-] Task Deleted : IT Viewer Viewer

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE [-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [QyBrowser.exe] [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\GeePlayer.exe [-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP [-] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP [-] Key Deleted : HKLM\SOFTWARE\Classes\s [-] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [deskCutv2@gmail.com] [-] Key Deleted : HKLM\SOFTWARE\Classes\metnsd [-] Key Deleted : HKLM\SOFTWARE\Classes\MTview.bmp [-] Key Deleted : HKLM\SOFTWARE\Classes\MTview.dib [-] Key Deleted : HKLM\SOFTWARE\Classes\MTview.emf [-] Key Deleted : HKLM\SOFTWARE\Classes\MTview.exif [-] Key Deleted : HKLM\SOFTWARE\Classes\MTview.gif [-] Key Deleted : HKLM\SOFTWARE\Classes\MTview.ico [-] Key Deleted : HKLM\SOFTWARE\Classes\MTview.jfif [-] Key Deleted : HKLM\SOFTWARE\Classes\MTview.jpe [-] Key Deleted : HKLM\SOFTWARE\Classes\MTview.jpeg [-] Key Deleted : HKLM\SOFTWARE\Classes\MTview.jpg [-] Key Deleted : HKLM\SOFTWARE\Classes\MTview.png [-] Key Deleted : HKLM\SOFTWARE\Classes\MTview.tif [-] Key Deleted : HKLM\SOFTWARE\Classes\MTview.tiff [-] Key Deleted : HKLM\SOFTWARE\Classes\MTview.wmf [-] Key Deleted : HKLM\SOFTWARE\Classes\qmgcfiles [-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EC0FA563-E0F2-406F-8659-1E728458A91E} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{88260EA6-BC91-42DF-ABEF-4A683E8A3C23} [-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C097DF1-0716-4FA1-84A9-025BC1E7B03F} [-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E} [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC} [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{004B0726-A010-4ABF-8556-FCDB7F1FCA1E} [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{29B6CFD5-0064-411A-8C42-9890C83F9921} [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FB4F6285-4C32-49F2-950F-A5998F9CEC6C} [-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{004B0726-A010-4ABF-8556-FCDB7F1FCA1E} [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5E6A8DA1-5731-465B-B036-B9E16EF26CAC} [-] Key Deleted : HKCU\Software\Interstat [-] Key Deleted : HKCU\Software\Mozilla\Extends [-] Key Deleted : HKCU\Software\PRODUCTSETUP [-] Key Deleted : HKCU\Software\QiYi [-] Key Deleted : HKCU\Software\yahooprovidedsearch [-] Key Deleted : HKCU\Software\STA [-] Key Deleted : HKCU\Software\DC3_FEXEC [-] Key Deleted : HKCU\Software\AppDataLow\Software\QiYi [-] Key Deleted : HKCU\Software\AppDataLow\Software\Settings Manager [-] Key Deleted : HKLM\SOFTWARE\mysites123Software [-] Key Deleted : HKLM\SOFTWARE\QiYi [-] Key Deleted : HKLM\SOFTWARE\SecureWeb [-] Key Deleted : HKLM\SOFTWARE\SecureWebChannel [-] Key Deleted : HKLM\SOFTWARE\TData [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{96F04C1B-E352-4A90-BED4-11A0FA968BC2}_is1 [-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM [-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] [-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] [-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] [-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tab] [-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] [-] Data Restored : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main [Start Page] [-] Data Restored : HKU\S-1-5-21-3524946725-137966571-75516569-1000\Software\Microsoft\Internet Explorer\Main [Start Page] [-] Data Restored : HKU\S-1-5-21-3524946725-137966571-75516569-1000\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] [-] Data Restored : HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Main [Start Page] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{B2A8EED3-4179-472B-8034-AC7C7CC381D3}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{B2B692BC-0621-49D4-9303-29C071CA8AAB}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{A1D21876-5CD5-4E8B-8D58-F99894AEDDB9}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{43B3FB27-DFA6-498C-A534-B22F5591006B}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{0E7057B2-E5F8-4634-A592-E68DA4DFA8F0}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{500D92A2-233C-47E4-8386-0872C7B6F05A}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{A0F6A83E-C6E1-4DF1-95C4-99BBF138CA89}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{B1855776-83A7-4A04-B071-7BA6B57FB6EA}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{B369462D-6521-4EE6-B637-9D13E99B33F5}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{4FF170CD-FA7D-49B0-AF4A-C5599A9D0557}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{ACDFC399-3BB3-406A-A362-37EF79B27260}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{A353BC4A-693A-4372-B517-25FFC333B082}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{FC3DC14D-A75E-4D35-92D1-1D108305058F}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{839826DA-DC18-4006-B879-AE0829E3597D}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{3ECFE864-4E50-4D90-9319-8F63130B03FD}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{D179C7AC-A502-4E00-8A33-A1157676B5B0}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{9A2EFDE1-E40A-410B-868B-E174E7DF91B0}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{F987A11A-7499-4CBB-BAD9-A8EE9F880761}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{9701D4FF-68CD-4134-9B33-1FF3089DE22D}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{1E426372-98CD-4B48-B781-4751257CA71A}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{9013CF46-1095-4E1A-B269-6DA8F0F211CF}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{86CCECD2-8FB8-4F08-A3BC-04F1B8167D6E}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{70637431-C639-4496-85E6-8C1D92719B03}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{C1FBD075-BBF7-47A3-A190-83C30F63B60E}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{95F451E4-293F-45F2-8A66-0F4E2EED911D}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{88176F00-8265-4AFF-8ECF-4FD239B7BD0A}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{AA4DC0D4-FD1D-4AE4-BDFB-A6103FAC6F91}] [-] Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules [{002B251E-ACB3-40BA-AD3A-936360105507}] [-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain] [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{73cd434e-8e1e-46b6-bb8d-7dd935140717} [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8F1540DD-CBAB-4A67-859F-BD44BE8F8EA3} [-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9D3B4E31-7A75-4AD5-81C0-60E03BAEA283} [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{D8F44320-A0E2-48FE-8080-FB2C9303A64B} [-] Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain] [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{73cd434e-8e1e-46b6-bb8d-7dd935140717} [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8F1540DD-CBAB-4A67-859F-BD44BE8F8EA3} [-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D8F44320-A0E2-48FE-8080-FB2C9303A64B} [-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope] [#] Value Deleted : HKU\S-1-5-21-3524946725-137966571-75516569-1000\Software\Microsoft\Internet Explorer\SearchScopes [DoNotAskAgain] [-] Data Restored : HKU\S-1-5-21-3524946725-137966571-75516569-1000\Software\Microsoft\Internet Explorer\SearchScopes [DefaultScope] [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\akamaihd.net [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\hao.360.cn [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\hao123.com [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\qq.com [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\searchknow-a.akamaihd.net [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.hao123.com [-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\hao.360.cn [-] Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Interstat] [#] Value Deleted : HKU\S-1-5-21-3524946725-137966571-75516569-1000\Software\Microsoft\Windows\CurrentVersion\Run [Interstat]

***** [ Web browsers ] *****

[-] [C:\Users\Jay87\AppData\Roaming\Mozilla\Firefox\Profiles\vd556oaq.default-1447250486375\prefs.js] Deleted : user_pref("browser.search.defaultenginename", "Search Provided by Yahoo"); [-] [C:\Users\Jay87\AppData\Roaming\Mozilla\Firefox\Profiles\vd556oaq.default-1447250486375\prefs.js] Deleted : user_pref("browser.search.selectedEngine", "Search Provided by Yahoo"); [-] [C:\Users\Jay87\AppData\Roaming\Mozilla\Firefox\Profiles\vd556oaq.default-1447250486375\prefs.js] Deleted : user_pref("browser.startup.homepage", "hxxps://tw.search.yahoo.com/yhs/web?hspart=itm&hsimp=yhs-001&type=jmb_ir_16_10&param1=1&param2=f%3D1%26b%3DFirefox%26cc%3Dtw%26pa%3DJoomborio%26cd%3D2XzuyEtN2Y1L[...] [-] [C:\Users\Jay87\AppData\Roaming\Mozilla\Firefox\Profiles\vd556oaq.default-1447250486375\prefs.js] Deleted : user_pref("extensions.tnt.engine.name", "eShield Safe Web"); [-] [C:\Users\Jay87\AppData\Roaming\Mozilla\Firefox\Profiles\vd556oaq.default-1447250486375\prefs.js] Deleted : user_pref("extensions.tnt.engine.url", "hxxp://search.eshield.com/serp?guid={0CDB95E9-2CC8-4C68-A2B3-F5B3C080D813}&action=default_search&k={searchTerms}"); [-] [C:\Users\Jay87\AppData\Roaming\Mozilla\Firefox\Profiles\vd556oaq.default-1447250486375\prefs.js] Deleted : user_pref("extensions.tnt.newtaburl", "hxxp://services.eshield.com/general/newhometab.php?hometab=tab&partner=11467&guid={0CDB95E9-2CC8-4C68-A2B3-F5B3C080D813}&i="); [-] [C:\Users\Jay87\AppData\Roaming\Mozilla\Firefox\Profiles\vd556oaq.default-1447250486375\prefs.js] Deleted : user_pref("extensions.toolbar11467@eshield.com.install-event-fired", true); [-] [C:\Users\Jay87\AppData\Roaming\Mozilla\Firefox\Profiles\vd556oaq.default-1447250486375\prefs.js] Deleted : user_pref("keyword.URL", "hxxp://search.eshield.com/serp?guid={0CDB95E9-2CC8-4C68-A2B3-F5B3C080D813}&action=default_search&k="); [-] [C:\Users\Jay87\AppData\Roaming\Mozilla\Firefox\Profiles\vd556oaq.default-1447250486375\prefs.js] Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 0); [-] [C:\Users\Jay87\AppData\Roaming\Mozilla\Firefox\Profiles\vd556oaq.default-1447250486375\user.js] Deleted : user_pref("plugin.state.npconduitfirefoxplugin", 0);

*************************

:: "Tracing" keys deleted :: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [23181 bytes] - [22/04/2016 21:39:10] C:\AdwCleaner\AdwCleaner[S1].txt - [24624 bytes] - [22/04/2016 21:34:22]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [23329 bytes] ##########

 

Re: Disturbing advertisement pages poping up when navigating

@Jac98 : please open your own thread : https://toolslib.net/forum/new-thread/ - We'll answer your there.