New
#41
"Go to step #5 and use Hitman and delete anything it finds too."
Don't understand what to do with this statement.
"Go to step #5 and use Hitman and delete anything it finds too."
Don't understand what to do with this statement.
Ran Adwcleaner scan & cleaned.
Below is log file:
# AdwCleaner v4.208 - Logfile created 06/08/2015 at 15:21:48
# Updated 09/07/2015 by Xplode
# Database : 2015-08-01.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Steve - OWNER-PC
# Running from : C:\Users\Steve\Downloads\AdwCleaner.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\SearchProtect
Folder Deleted : C:\ProgramData\Conduit
Folder Deleted : C:\ProgramData\Free Ride Games
Folder Deleted : C:\ProgramData\speedypc software
Folder Deleted : C:\ProgramData\WeCareReminder
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\InternetHelper3.7
Folder Deleted : C:\Program Files (x86)\Common Files\Spigot
Folder Deleted : C:\Windows\SysWOW64\config\systemprofile\AppData\Local\SearchProtect
Folder Deleted : C:\Users\Karen\AppData\Local\slimware utilities inc
Folder Deleted : C:\Users\Karen\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\Karen\AppData\LocalLow\iac
Folder Deleted : C:\Users\Karen\AppData\LocalLow\Search Settings
Folder Deleted : C:\Users\Karen\AppData\Roaming\SearchProtect
Folder Deleted : C:\Users\owner\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\Steve\AppData\Local\Browser Extensions
Folder Deleted : C:\Users\Steve\AppData\Local\Conduit
Folder Deleted : C:\Users\Steve\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Steve\AppData\LocalLow\FunWebProducts
Folder Deleted : C:\Users\Steve\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\Steve\AppData\LocalLow\InternetHelper3.7
Folder Deleted : C:\Users\Steve\AppData\Roaming\Browser Extensions
Folder Deleted : C:\Users\Steve\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\Steve\AppData\Roaming\speedypc software
Folder Deleted : C:\Users\Steve\AppData\Roaming\RHEng
Folder Deleted : C:\Users\Steve\AppData\Roaming\download Manager
Folder Deleted : C:\Users\Steve\Documents\PC Speed Maximizer
Folder Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj
Folder Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof
Folder Deleted : C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Folder Deleted : C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Folder Deleted : C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Folder Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof
Folder Deleted : C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Folder Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Folder Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffjcmnpnoopgilmnfhloocdcbnimmmea
Folder Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\mppnoffgpafgpgbaigljliadgbnhljfl
Folder Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nafaimnnclfjfedmmabolbppcngeolgf
Folder Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp
[/!\] Not Deleted ( Junction ) : C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj
[/!\] Not Deleted ( Junction ) : C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
[/!\] Not Deleted ( Junction ) : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
Folder Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbecdmcnlcoebdcidcfdkoimbjkcegbc
Folder Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\cekonfccladjgbdhpgobceahgjdcdbod
[/!\] Not Deleted ( Junction ) : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcphjankhppgohedpkjonpadimhaoof
[/!\] Not Deleted ( Junction ) : C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
[/!\] Not Deleted ( Junction ) : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp
File Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cikkkfooompgefbcjlgdjejfdknkheaj
File Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gpiifgmgnfdiblgpaepbmfdkcheicgof_0.localstorage
File Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpiifgmgnfdiblgpaepbmfdkcheicgof
File Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj
File Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlcphjankhppgohedpkjonpadimhaoof
File Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp
File Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ffjcmnpnoopgilmnfhloocdcbnimmmea_0.localstorage
File Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mppnoffgpafgpgbaigljliadgbnhljfl_0.localstorage
File Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nafaimnnclfjfedmmabolbppcngeolgf_0.localstorage
File Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage
File Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lfmhcpmkbdkbgbmkjoiopeeegenkdikp_0.localstorage-journal
File Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lajondecmobodlejlcjllhojikagldgd_0.localstorage
File Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hbcennhacfaagdopikcegfcobcadeocj
File Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp
File Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\bbecdmcnlcoebdcidcfdkoimbjkcegbc
File Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cekonfccladjgbdhpgobceahgjdcdbod
File Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\nlcphjankhppgohedpkjonpadimhaoof
File Deleted : C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\pfndaklgolladniicklehhancnlgocpp
File Deleted : C:\END
File Deleted : C:\Users\Steve\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\YTD Video Downloader.lnk
***** [ Scheduled tasks ] *****
Task Deleted : BackgroundContainer Startup Task
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nlcphjankhppgohedpkjonpadimhaoof
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp
Key Deleted : HKCU\Software\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\oilkkkefbalmbfppgjmgjoefbclebkce
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bbecdmcnlcoebdcidcfdkoimbjkcegbc
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [BackgroundContainer]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Jing]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Deleted : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\speedupmypc
Key Deleted : HKLM\SOFTWARE\Classes\CouponXplorer_5z.ToolbarProtector
Key Deleted : HKLM\SOFTWARE\Classes\CouponXplorer_5z.ToolbarProtector.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [CouponXplorer AppIntegrator 64-bit]
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [CouponXplorer AppIntegrator 32-bit]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IECT3315828
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3315828
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D824F0DE-3D60-4F57-9EB1-66033ECD8ABB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{BB925FE4-7161-454F-88EE-7F58C40F549C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{34A0D84B-CDDC-4EC4-AFDD-4F1DDE1D14E5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B052E68E-A114-4480-B416-C8E617D346A9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6030E41C-BDBC-4B6B-B32F-B911BF52C466}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F3FEE66E-E034-436A-86E4-9690573BEE8A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{11F447E7-AC00-4EAD-A064-CFB6EC3409E1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{5a1d0d31-749c-4186-a295-4106e6e7b26a}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{11F447E7-AC00-4EAD-A064-CFB6EC3409E1}
Key Deleted : HKCU\Software\APN PIP
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\SecuredDownload
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\speedypc software
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
Key Deleted : HKCU\Software\AppDataLow\Software\Search Settings
Key Deleted : HKCU\Software\AppDataLow\Software\InternetHelper3.7
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\Freeze.com
Key Deleted : HKLM\SOFTWARE\InstallIQ
Key Deleted : HKLM\SOFTWARE\PIP
Key Deleted : HKLM\SOFTWARE\speedypc software
Key Deleted : HKLM\SOFTWARE\Uniblue
Key Deleted : HKLM\SOFTWARE\W3I
Key Deleted : HKLM\SOFTWARE\SlimWare Utilities Inc
Key Deleted : HKLM\SOFTWARE\InternetHelper3.7
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
***** [ Web browsers ] *****
-\\ Internet Explorer v11.0.9600.17909
-\\ Google Chrome v44.0.2403.130
[C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://de.ask.com/web?q={searchTerms}
[C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Deleted [Extension] : hbcennhacfaagdopikcegfcobcadeocj
[C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Deleted [Extension] : icdlfehblmklkikfigmjhbmmpmkmpooj
[C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Deleted [Extension] : mhkaekfpcppmmioggniknbnbdbcigpkk
[C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Deleted [Extension] : pfndaklgolladniicklehhancnlgocpp
[C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Deleted [Extension] : hbcennhacfaagdopikcegfcobcadeocj
[C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Deleted [Extension] : pfndaklgolladniicklehhancnlgocpp
[C:\Users\Karen\AppData\Local\Google\Chrome\User Data\Default\Preferences] - Deleted [Extension] : pfndaklgolladniicklehhancnlgocpp
[C:\Users\Steve\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] : searchProvider","startupPages","storage","unlimitedStorage","webRequest","webRequestBlocking"],"explicit_host":["*://*.splayersv.net/*","chrome://favicon/*","hxxp://*/*","hxxps://*/*"],"manifest_permissions":[],"scriptable_host":["*://*/*LAY=*","*://*/*Lay=*","*://*/*lay=*","hxxp://www.splayersv.net/sp"]},"commands":{},"content_settings":[],"creation_flags":9,"disable_reasons":1,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permission s":{"api":["cookies","homepage","searchProvider","startupPages","storage","unlimitedStorage","webRequest","webR equestBlocking"],"explicit_host":["*://*.splayersv.net/*","chrome://favicon/*","hxxp://*/*","hxxps://*/*"],"manifest_permissions":[],"scriptable_host":["*://*/*LAY=*","*://*/*Lay=*","*://*/*lay=*","hxxp://www.splayersv.net/sp"]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13069802698413561","lastp ingday":"13083318000379321","location":1,"manifest":{"background":{"scripts":["js/searchUtilSweetPlayer.js"]},"chrome_settings_overrides":{"homepage":"hxxp://www.splayersv.net/hp","search_provider":{"encoding":"UTF-8","favicon_url":"hxxp://www.splayersv.net/media/1497/favicon-trovi.ico","is_default":true,"keyword":"trovi.com
*************************
AdwCleaner[R0].txt - [16513 bytes] - [05/08/2015 23:33:02]
AdwCleaner[R1].txt - [16573 bytes] - [06/08/2015 15:19:20]
AdwCleaner[S0].txt - [16162 bytes] - [06/08/2015 15:21:48]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [16222 bytes] ##########
Ran malb, Q over 700 detected items.
Trying to d/l Hitman now, will run and delete what it finds next.
Ran Hitman scan, found 102 items, all cleaned.
Gunna try and d/l MS safety scanner again.
Just out of curiosity where do you normally download these third party programs from that you show on your programs list ?
Where ever it is (most likely CNet..) you need to stop
All of these scanner findings came from that site/ 's you get them from.
If you don't change the way you operate you'll continue to get corruptions and one day your machine will not boot anymore and you'll need to re-install windows and possibly loose all personal files....
Cheers.
@ skostro, please download TFC by Old Timer TFC - Temp File Cleaner by OldTimer Download - Geeks to Go Forum and save it to your desktop.
Save any unsaved work. TFC will close ALL open programs including your browser! This will also eliminate all desktop shortcuts, so just be aware!
Using Vista/Windows 7, right-click on the file and choose Run As Administrator.
Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
Important! Manually reboot the machine to ensure a complete clean.