BZabel Posted December 29, 2014 Share Posted December 29, 2014 I some how got this coupon Trojan and can not remove it. Any help will be greatly appreciated. Link to post Share on other sites
caintry_boy Posted December 29, 2014 Share Posted December 29, 2014 Give this a try... Download Adwarecleaner > http://www.bleepingcomputer.com/download/adwcleaner/ and save to your desktop. Click on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.Do not click on any links in the top Advertisment. Close all open programs and internet browsers. Double click on AdwCleaner.exe to run the tool. Click on Scan. After the scan is complete click on "Clean" Confirm each time with Ok. Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile with your next answer. You can find the logfile at C:\AdwCleaner[s1].txt as well.-AdwCleaner-by XplodeClick on this link to download : ADWCleanerClick on ONE of the Two Blue Download Now buttons That have a blue arrow beside them and save it to your desktop.Do not click on any links in the top Advertisment. Close all open programs and internet browsers. Double click on AdwCleaner.exe to run the tool. Click on Scan. After the scan is complete click on "Clean" Confirm each time with Ok. Your computer will be rebooted automatically. A text file will open after the restart. Please post the content of that logfile with your next answer. You can find the logfile at C:\AdwCleaner[s1].txt as well. Also run Junkware Removal Tool > http://www.bleepingcomputer.com/download/junkware-removal-tool/ and save to your desktop. Shut down your protection software now to avoid potential conflicts. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator". The tool will open and start scanning your system. Please be patient as this can take a while to complete depending on your system's specifications. On completion, a log (JRT.txt) is saved to your desktop and will automatically open. Post the contents of JRT.txt into your next message. Post the logs from both scans so we can have someone take a look. Also, how is your PC now? Link to post Share on other sites
BZabel Posted December 29, 2014 Author Share Posted December 29, 2014 Hi Caintry_boy, Thanks for the help this issue been bugging me for month. Here are both reports and my computer is running fine until coupon titan pops up:) Thanks again for your help. Junkware Removal Tool (JRT) by ThisisuVersion: 6.4.1 (12.28.2014:1)OS: Windows 7 Home Premium x64Ran by Brian Zabel on Mon 12/29/2014 at 7:21:33.54~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DF6D48E1-A46C-4205-AC16-72CEAD0AAD5D} ~~~ Files Successfully deleted: [File] C:\windows\Tasks\PC Optimizer Pro64 startups.job ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\best buy pc app"Successfully deleted: [Folder] "C:\ProgramData\strongvault online backup"Successfully deleted: [Folder] "C:\Users\Brian Zabel\appdata\local\best buy pc app"Successfully deleted: [Folder] "C:\Users\Brian Zabel\appdata\local\cre"Successfully deleted: [Folder] "C:\Users\Brian Zabel\appdata\local\tempdir"Successfully deleted: [Folder] "C:\Program Files (x86)\epicplay"Successfully deleted: [Folder] "C:\ai_recyclebin"Successfully deleted: [Folder] "C:\windows\syswow64\ai_recyclebin"Successfully deleted: [Empty Folder] C:\Users\Brian Zabel\appdata\local\{18C2711D-E6E9-414C-BC52-8166DDA50CA3}Successfully deleted: [Empty Folder] C:\Users\Brian Zabel\appdata\local\{1DD21E6D-1B35-4740-9BE2-223C886AEA7E}Successfully deleted: [Empty Folder] C:\Users\Brian Zabel\appdata\local\{2B6ED39E-7A5F-42DB-A8CA-F3325E98F1DF}Successfully deleted: [Empty Folder] C:\Users\Brian Zabel\appdata\local\{504A5057-83FC-4FB6-B578-F1842882347F}Successfully deleted: [Empty Folder] C:\Users\Brian Zabel\appdata\local\{6911C4E5-1DD0-4212-8983-FD4558DD3614}Successfully deleted: [Empty Folder] C:\Users\Brian Zabel\appdata\local\{844D9EE8-6CAD-4661-AD26-15B9EB2615F5}Successfully deleted: [Empty Folder] C:\Users\Brian Zabel\appdata\local\{8762DFA7-E1B7-4C2E-9296-C088DD11363E}Successfully deleted: [Empty Folder] C:\Users\Brian Zabel\appdata\local\{8DBCEDA6-2D2C-4770-B9E4-BACBD2B0A096}Successfully deleted: [Empty Folder] C:\Users\Brian Zabel\appdata\local\{90958C92-0ABD-493B-99CE-40EC41D02144}Successfully deleted: [Empty Folder] C:\Users\Brian Zabel\appdata\local\{992F25CF-2865-477F-AD9D-BBD96F6B2FEB}Successfully deleted: [Empty Folder] C:\Users\Brian Zabel\appdata\local\{A49B916D-7CD6-43FE-AD6F-6C8476A2789F}Successfully deleted: [Empty Folder] C:\Users\Brian Zabel\appdata\local\{A7E62372-1BBC-4948-995F-B4FFACB85744}Successfully deleted: [Empty Folder] C:\Users\Brian Zabel\appdata\local\{AA2E4526-A0FF-48CA-9BF8-2CFD8080DA5F}Successfully deleted: [Empty Folder] C:\Users\Brian Zabel\appdata\local\{B171586D-A23C-43C5-ADFA-40230F45ACC3}Successfully deleted: [Empty Folder] C:\Users\Brian Zabel\appdata\local\{B4F0AB5B-74EB-4F97-B554-C220EB16D647}Successfully deleted: [Empty Folder] C:\Users\Brian Zabel\appdata\local\{B5CB82C0-D4C4-4730-913C-1FCFA9461762}Successfully deleted: [Empty Folder] C:\Users\Brian Zabel\appdata\local\{D0B47472-93DD-4F3F-9975-9CD2EB15D7D7}Successfully deleted: [Empty Folder] C:\Users\Brian Zabel\appdata\local\{D52799E5-E3AE-4FA2-82DD-34306F0EC7EF}Successfully deleted: [Empty Folder] C:\Users\Brian Zabel\appdata\local\{D69793A6-00B7-45A0-B190-13BCF44DE5FB}Successfully deleted: [Empty Folder] C:\Users\Brian Zabel\appdata\local\{E0419C8D-5CBA-44B9-A279-2C1DD10DFA31}Successfully deleted: [Empty Folder] C:\Users\Brian Zabel\appdata\local\{E525C4E3-A22C-41D7-BEFF-915BAEFE4352}Successfully deleted: [Empty Folder] C:\Users\Brian Zabel\appdata\local\{EC9D4339-99D4-4565-9396-DF55D3A94C17}Successfully deleted: [Empty Folder] C:\Users\Brian Zabel\appdata\local\{F08C3965-33A5-4F4B-B61E-83FB2621DEDC}Successfully deleted: [Empty Folder] C:\Users\Brian Zabel\appdata\local\{F594F31E-B938-4213-BD99-6F6C20FB5004}Successfully deleted: [Empty Folder] C:\Users\Brian Zabel\appdata\local\{F965AE34-0870-40CC-A6A8-4766994A77AF} ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on Mon 12/29/2014 at 7:32:49.16End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v4.106 - Report created 29/12/2014 at 07:11:50# Updated 21/12/2014 by Xplode# Database : 2014-12-28.1 [Live]# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)# Username : Brian Zabel - BRIANZABEL-PC# Running from : C:\Users\Brian Zabel\Downloads\AdwCleaner.exe# Option : Clean ***** [ Services ] ***** [#] Service Deleted : 70e6ca8c ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\apnFolder Deleted : C:\ProgramData\BabylonFolder Deleted : C:\ProgramData\PC Optimizer ProFolder Deleted : C:\ProgramData\Tarma InstallerFolder Deleted : C:\ProgramData\TbccintFolder Deleted : C:\ProgramData\TrymediaFolder Deleted : C:\ProgramData\PC Drivers HeadQuartersFolder Deleted : C:\ProgramData\drivergeniusFolder Deleted : C:\ProgramData\CCliCkoForSaleFolder Deleted : C:\ProgramData\NewSaverrFolder Deleted : C:\ProgramData\SaollesuCheCkerrFolder Deleted : C:\ProgramData\websaveriFolder Deleted : C:\ProgramData\2aa47e7dfb94c445Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2Folder Deleted : C:\Program Files (x86)\AskPartnerNetworkFolder Deleted : C:\Program Files (x86)\ConduitFolder Deleted : C:\Program Files (x86)\globalUpdateFolder Deleted : C:\Program Files (x86)\Optimizer ProFolder Deleted : C:\Program Files (x86)\predmFolder Deleted : C:\Program Files (x86)\TbccintFolder Deleted : C:\Program Files (x86)\CCliCkoForSaleFolder Deleted : C:\Program Files (x86)\NewSaverrFolder Deleted : C:\Program Files (x86)\SaollesuCheCkerrFolder Deleted : C:\windows\SysWOW64\hotspot shieldFolder Deleted : C:\Program Files\003Folder Deleted : C:\Users\Brian Zabel\AppData\Local\apnFolder Deleted : C:\Users\Brian Zabel\AppData\Local\ConduitFolder Deleted : C:\Users\Brian Zabel\AppData\Local\globalUpdateFolder Deleted : C:\Users\Brian Zabel\AppData\Local\PackageAwareFolder Deleted : C:\Users\Brian Zabel\AppData\Local\webplayerFolder Deleted : C:\Users\Brian Zabel\AppData\LocalLow\ConduitFolder Deleted : C:\Users\Brian Zabel\AppData\LocalLow\IminentToolbarFolder Deleted : C:\Users\Brian Zabel\AppData\LocalLow\TbccintFolder Deleted : C:\Users\Brian Zabel\AppData\LocalLow\wincorebsbandFolder Deleted : C:\Users\Brian Zabel\AppData\Roaming\DSiteFolder Deleted : C:\Users\Brian Zabel\AppData\Roaming\goforfilesFolder Deleted : C:\Users\Brian Zabel\AppData\Roaming\Optimizer ProFolder Deleted : C:\Users\Brian Zabel\AppData\Roaming\UpdaterEXFolder Deleted : C:\Users\Brian Zabel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Weather AlertsFolder Deleted : C:\Users\Brian Zabel\Documents\Optimizer ProFolder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffhemleepamclahdgmiipflglcgbefdoFile Deleted : C:\ENDFile Deleted : C:\ProgramData\uninstaller.exeFile Deleted : C:\windows\System32\roboot64.exeFile Deleted : C:\Users\Brian Zabel\AppData\LocalLow\SkwConfig.binFile Deleted : C:\Users\Brian Zabel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_toolbar.utorrent.com_0.localstorage-journalFile Deleted : C:\Users\Brian Zabel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_static.olark.com_0.localstorage-journal ***** [ Scheduled Tasks ] ***** Task Deleted : DSiteTask Deleted : GoforFilesUpdateTask Deleted : Optimizer Pro ScheduleTask Deleted : PC Optimizer Pro UpdatesTask Deleted : UpdaterEX ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldflKey Deleted : HKCU\Software\Google\Chrome\Extensions\cflheckfmhopnialghigdlggahiomebpValue Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]Key Deleted : HKLM\SOFTWARE\Classes\Prod.capValue Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform [FunWebProducts]Key Deleted : HKCU\Software\5b08fd9b535ea43Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2504091Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3072253Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3277370Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3289075Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9CB2CD61-FFA0-406C-9D2D-8FDE6F4A4D8A}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6427058B-217C-4C7F-A6CE-C7934C0BDCEB}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B3B723CD-7242-4775-B10E-74DB7F4CB5A1}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DB507187-9746-458C-97DA-C458131EEDE7}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{60BE6B2E-F2F5-4404-AA1E-4381D4A6EEA2}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{62970E2F-A895-4848-B46C-FBD071192995}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41829420-151B-4920-B8A5-16BE4601B42A}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6427058B-217C-4C7F-A6CE-C7934C0BDCEB}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DB507187-9746-458C-97DA-C458131EEDE7}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{443789B7-F39C-4b5c-9287-DA72D38F4FE6}Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}Key Deleted : HKCU\Software\anchorfreeKey Deleted : HKCU\Software\BRSKey Deleted : HKCU\Software\ConduitKey Deleted : HKCU\Software\GlobalUpdateKey Deleted : HKCU\Software\GoforFilesKey Deleted : HKCU\Software\IMKey Deleted : HKCU\Software\ImInstallerKey Deleted : HKCU\Software\Optimizer ProKey Deleted : HKCU\Software\pc optimizer proKey Deleted : HKCU\Software\powerpackKey Deleted : HKCU\Software\SmartBarKey Deleted : HKCU\Software\SocialBitKey Deleted : HKCU\Software\UpdaterEXKey Deleted : HKCU\Software\WebplayerKey Deleted : HKCU\Software\ZugoKey Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}Key Deleted : HKCU\Software\AppDataLow\Software\ConduitKey Deleted : HKCU\Software\AppDataLow\Software\FreecauseKey Deleted : HKCU\Software\AppDataLow\Software\LyricsFinderKey Deleted : HKCU\Software\AppDataLow\Software\SmartBarKey Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}Key Deleted : HKLM\SOFTWARE\BabylonKey Deleted : HKLM\SOFTWARE\ConduitKey Deleted : HKLM\SOFTWARE\GoforFilesKey Deleted : HKLM\SOFTWARE\InstallCoreKey Deleted : HKLM\SOFTWARE\Trymedia SystemsKey Deleted : HKLM\SOFTWARE\TermTutorKey Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DD85D6BF-4787-4A93-99A5-3F0CF0AE8834}Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARPKey Deleted : [x64] HKLM\SOFTWARE\DivX\Install\Setup\WizardLayout\ConduitToolbarKey Deleted : [x64] HKLM\SOFTWARE\Tarma InstallerKey Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37DKey Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239EKey Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EAKey Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33EDKey Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351CKey Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10DKey Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0 ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17496 -\\ Google Chrome v39.0.2171.65 [C:\Users\Brian Zabel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}[C:\Users\Brian Zabel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms} ************************* AdwCleaner[R0].txt - [22198 octets] - [29/12/2014 07:01:51]AdwCleaner[s0].txt - [21318 octets] - [29/12/2014 07:11:50] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [21379 octets] ########## Link to post Share on other sites
Juliet Posted December 29, 2014 Share Posted December 29, 2014 I think IE and Google Chrome need to be reset, I can see a malicious extension was found and deleted but feel certain there are more. It's possible Google Chrome should be uninstalled then reinstalled. Instructions on how to backup your Favourites/Bookmarks and other data can be found below. Backup Internet Explorer Favourites Backup Firefox Bookmarks Backup Chrome Bookmarks Backup Opera Bookmarks (scroll down) Proceed with the reset once done. Internet Explorer: How to reset Internet Explorer settings Firefox: Reset Firefox Chrome: Chrome - Reset browser settings Opera: How to perform a clean reinstall of Opera ~~~~~~~~~~~~~~~~~~~ Link to post Share on other sites
BZabel Posted December 30, 2014 Author Share Posted December 30, 2014 Resetting Chrome worked wow that was to easy. Thanks to the both of you for helping me I appreciate it Link to post Share on other sites
caintry_boy Posted December 30, 2014 Share Posted December 30, 2014 Link to post Share on other sites
Scheepers Posted January 23, 2015 Share Posted January 23, 2015 I am new to this forum, not very tech savy in this subject and would like to know if this thread is the way to remove those annoying advertisements that pop up on the side of my facebook pages and when browsing? Is there a way to stop my search history from being collected? Thanks in advance. Link to post Share on other sites
Juliet Posted January 23, 2015 Share Posted January 23, 2015 Hi Scheepers If you use Google Chrome, and your having pop up advertisements issues while using Google Chrome, then it wont hurt anything. Thats not a guarantee it will fix what's happening. If you should need a further diagnosis, let us know. Link to post Share on other sites
rishiforum Posted January 28, 2015 Share Posted January 28, 2015 I also have the same issue, can anyone help me? Link to post Share on other sites
Juliet Posted January 28, 2015 Share Posted January 28, 2015 Have you followed any of the directions in this topic? Link to post Share on other sites
Scheepers Posted January 28, 2015 Share Posted January 28, 2015 Does that mean additional software must be purchased in order to do so? Link to post Share on other sites
Juliet Posted January 28, 2015 Share Posted January 28, 2015 The removal tools mentioned in this topic are free. Whoever may download and use as needed. Link to post Share on other sites
Scheepers Posted January 28, 2015 Share Posted January 28, 2015 Here is the content of my report: ***** [ Services ] ***** [#] Service Deleted : 70e6ca8c ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\FlexibleShopper [#] Folder Deleted : C:\ProgramData\QUeenCoupon Folder Deleted : C:\ProgramData\unicoupons Folder Deleted : C:\ProgramData\d634095f94c82b6b Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2 Folder Deleted : C:\Program Files (x86)\Driver Pro Folder Deleted : C:\Program Files (x86)\Optimizer Pro Folder Deleted : C:\Users\Ken\AppData\Local\TidyNetwork Folder Deleted : C:\Users\Ken\AppData\Local\WordLayers Folder Deleted : C:\Users\Ken\AppData\Roaming\Optimizer Pro Folder Deleted : C:\Users\Ken\Documents\Optimizer Pro File Deleted : C:\Users\Ken\Desktop\Optimizer Pro.lnk ***** [ Scheduled Tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F} Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC} Key Deleted : HKCU\Software\Optimizer Pro Key Deleted : HKCU\Software\WEDLMNGR Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1 Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\optimi~1\optpro~1.dll Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local;<local> ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17278 -\\ Mozilla Firefox v35.0.1 (x86 en-US) [un5sjd72.default-1415225734123\prefs.js] - Line Deleted : user_pref("browser.startup.homepage", "hxxps://ixquick.com/eng/"); ************************* AdwCleaner[R0].txt - [3584 octets] - [28/01/2015 11:14:53] AdwCleaner[s0].txt - [3491 octets] - [28/01/2015 11:16:06] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3551 octets] ########## Link to post Share on other sites
Juliet Posted January 28, 2015 Share Posted January 28, 2015 That removed quite a bit, are you still having problems? Link to post Share on other sites
.png.9d4b89b15b2cd5e65edd93a0e6823dce.png)
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now