hp laptop. Windows 8
TDSSSKILLER negative
get ready when you read logs :-[
No tab for FIX SHORTCUTS in new version of Roguekiller…log attached
TDSSSKILLER negativewell this tool is not made for PUP detection....
yeah, I just run it to make sure there was nothing else I missed. Im still learning this stuff 
Let me know how it is after this
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Open notepad and copy/paste the text in the quotebox below into it:
AppInit_DLLs: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC64~1.DLL => C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC64~1.DLL File Not Found AppInit_DLLs-x32: C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC32~1.DLL => "C:\PROGRA~2\SEARCH~1\SEARCH~1\bin\SPVC32~1.DLL" File Not Found GroupPolicy: Group Policy on Chrome detected <======= ATTENTION Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File Toolbar: HKCU - No Name - {4F564F32-5637-4300-76A7-7A786E7484D7} - No File Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKCU - No Name - {57434C32-2D56-3700-76A7-7A786E7484D7} - No File CHR DefaultSearchKeyword: trovi.search CHR DefaultSearchProvider: Trovi search 2014-07-14 16:28 - 2014-07-14 16:28 - 00003664 _____ () C:\Windows\System32\Tasks\pricemeterwatcher 2014-07-14 16:28 - 2014-07-14 16:28 - 00003656 _____ () C:\Windows\System32\Tasks\pricemetertask 2014-07-14 16:28 - 2014-05-31 13:55 - 00000000 ____D () C:\Users\shawnia\AppData\Local\PriceMeter 2014-07-14 16:28 - 2014-05-23 08:43 - 00000000 ____D () C:\Program Files (x86)\SearchProtect 2014-07-14 16:28 - 2014-05-17 14:03 - 00000000 ____D () C:\Program Files (x86)\BlockAndSurf-soft 2014-07-14 16:28 - 2014-05-17 13:42 - 00000000 ____D () C:\Program Files (x86)\sizlsearch 2014-07-14 16:28 - 2014-01-05 20:20 - 00000000 ____D () C:\Users\shawnia\AppData\Local\Zwinky_5q 2014-07-07 16:19 - 2014-07-07 16:19 - 00000000 ____D () C:\Users\shawnia\AppData\Local\Pay-By-Ads HKU\S-1-5-21-2207051643-2199084494-2990318558-1002\...\Run: [Tango] => C:\Program Files (x86)\Tango\Tango.exe [13489992 2011-11-04] (Tango Inc.) FF HKCU\...\Firefox\Extensions: [{33D2D20D-3E86-977B-F5F8-67018FC6DC19}] - C:\Program Files (x86)\BlockAndSurf-soft\161.xpi CHR DefaultSearchURL: http://www.trovi.com/Results.aspx?gd=&ctid=CT3326230&octid=EB_ORIGINAL_CTID&ISID=M79B717C6-F15D-4713-B43B-AF231DDB3C66&SearchSource=58&CUI=&UM=5&UP=SP9FF9D4A3-5137-4C6F-A0E9-DD327939A7BA&q={searchTerms}&SSPV= Zwinky Internet Explorer Toolbar (HKLM-x32\...\Zwinky_5qbar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION Task: {0AE70DE1-2BF9-4B7A-8C43-C9F0972CC6F5} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: {4A33D932-A1C9-4144-8474-32C14DF7743C} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: {B7E39BF7-E8ED-43F5-A5A4-7D6205DA1FFB} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION ask: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION CMD: ipconfig /release CMD: netsh int ip reset CMD: ipconfig /renew CMD: DEL %TEMP%\*.* /F /S /Q CMD: RD /S /Q %TEMP% REBOOT:
Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
THEN
Please download AdwCleaner by Xplode onto your desktop.
[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.
see attached
How is the computer behaving now ?
so far so good. no popups or redirects etc…
Question:
One of the programs is still in the CONTROL PANEL>UNINSTALL PROGRAMS list.
When I try to remove it it gives an error saying part of the program is missing. How can I get this program completely off the computer. The program in question is: SavePass Smartbar
Let me do it
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Open notepad and copy/paste the text in the quotebox below into it:
SavePass Smartbar (HKLM-x32\...\{5823C449-6868-4154-B496-21E40C5F09DA}) (Version: 10.212.76.15578 - PinWid Ltd.) <==== ATTENTION SavePass Smartbar Engine (HKCU\...\{d34b8045-74c1-4695-bba2-e7f67cd927f6}) (Version: 10.212.76.15578 - PinWid Ltd.) <==== ATTENTION sizlsearch (HKLM\...\sizlsearch) (Version: 2014.05.17.010216 - sizlsearch) CMD: DEL %TEMP%\*.* /F /S /Q CMD: RD /S /Q %TEMP% REBOOT:
Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
still there…
looking for installer.msi in:
C:\Users\shawnia\AppData\Local\Temp\smartbar\
log attached
If you try to uninstall it from control panel does windows offer to remove the entry
No.
I try to uninstall it and it is looking for the installer.msi file but cant find it. I press cancel and
It says ‘installation source is not available…’
Do you have Revo uninstaller as that will do the job for you
ok Revo got rid of that.
While I was testing to make sure eveything was good, I saw that the TROVI search bar was still in Firefox. I reset firefox and IE and that is good now.
Should I check for anything else?
Chrome will need to be manually reset
Is all well now
I uninstalled chrome… 
But then I ran malwarebytes and there where 100 PUPS?!!?
See attached
Intriguing as I removed search protect with FRST and the AdwCleaner run never saw it. Silly question was something downloaded in the interim ?
A small tool that may help when you download programmes
Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup
http://i1059.photobucket.com/albums/t432/cinjo23/uncheckysetupicon.png
or folder and choose to Run as Administrator
Once open click the Install button.
http://i1059.photobucket.com/albums/t432/cinjo23/uncheckysetupwindow.png
Then click on Finish
http://i1059.photobucket.com/albums/t432/cinjo23/uncheckyfinishsetupwindow.png
Unchecky is now installed and will help you keep unwanted check boxes unchecked 
OK added unchecky.
The only thing I think may have happened, I “uninstalled” those from the control panel.
The only thing I installed was REVO, and after revo ran I saw TRIVOLI pop back into firefox, then I reset those…then I saw those PUPS again.
Should I re-run any of the programs ?
Just AdwCleaner please, where did you get revo from ?
Got REVO from CNET.
see attached
computer running fine so far.