Hello!
I went through the new users' guide and followed all instructions - I ran the AdwCleaner, Malwarebytes, and Security Check. But I am still getting strange ads and pop-up tabs whenever I click on ANYTHING! It's scary... please help!
Here are my various logs...
AdwCleaner:
# AdwCleaner v4.000 - Report created 18/10/2014 at 14:35:55
# DB v2014-10-17.9
# Updated 12/10/2014 by Xplode
# Operating System : Windows 7 Home Premium (64 bits)
# Username : Avery - DIMITRI
# Running from : C:\Users\Avery\Desktop\adwcleaner_4.000.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : d0e87c27
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Avery\AppData\Local\blekkotb_031
Folder Deleted : C:\ProgramData\BlockIt Ad remover
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Avery\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Users\Avery\AppData\Local\Conduit
Folder Deleted : C:\Users\Avery\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Avery\AppData\Local\Coupon Companion Plugin
Folder Deleted : C:\Users\Avery\AppData\LocalLow\Download and Sa
Folder Deleted : C:\ProgramData\NextCoup
Folder Deleted : C:\Program Files (x86)\NextCoup
Folder Deleted : C:\Users\Avery\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Avery\AppData\Roaming\SendSpace
Folder Deleted : C:\Users\Avery\AppData\Roaming\Strongvault
Folder Deleted : C:\Program Files (x86)\sw-booster
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Avery\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\ProgramData\Trusted Publisher
Folder Deleted : C:\ProgramData\GoSaVe
Folder Deleted : C:\Program Files (x86)\GoSaVe
Folder Deleted : C:\ProgramData\JOniCOupoN
Folder Deleted : C:\Program Files (x86)\JOniCOupoN
Folder Deleted : C:\ProgramData\JonioCoupon
Folder Deleted : C:\ProgramData\RegularDeeals
Folder Deleted : C:\Program Files (x86)\RegularDeeals
Folder Deleted : C:\Users\Avery\AppData\Roaming\Mozilla\Firefox\Profiles\r7bskuue.default-1366047309412\Extensions\qe2uc@p.net
Folder Deleted : C:\Users\Avery\AppData\Roaming\Mozilla\Firefox\Profiles\r7bskuue.default-1366047309412\Extensions\YRuGy@zsx.org
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdkggchpnimbckiodcealjepgoapcelf
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdkggchpnimbckiodcealjepgoapcelf
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdkggchpnimbckiodcealjepgoapcelf
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcehffaobddeodcoieengkgknkpelkig
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcehffaobddeodcoieengkgknkpelkig
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcehffaobddeodcoieengkgknkpelkig
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdkggchpnimbckiodcealjepgoapcelf
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdkggchpnimbckiodcealjepgoapcelf
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdkggchpnimbckiodcealjepgoapcelf
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcehffaobddeodcoieengkgknkpelkig
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcehffaobddeodcoieengkgknkpelkig
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcehffaobddeodcoieengkgknkpelkig
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdkggchpnimbckiodcealjepgoapcelf
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdkggchpnimbckiodcealjepgoapcelf
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdkggchpnimbckiodcealjepgoapcelf
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcehffaobddeodcoieengkgknkpelkig
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcehffaobddeodcoieengkgknkpelkig
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcehffaobddeodcoieengkgknkpelkig
File Deleted : C:\END
File Deleted : C:\Users\Avery\AppData\Roaming\Mozilla\Firefox\Profiles\r7bskuue.default-1366047309412\searchplugins\Conduit.xml
File Deleted : C:\Users\Avery\AppData\Roaming\Mozilla\Firefox\Profiles\r7bskuue.default-1366047309412\searchplugins\WebSearch.xml
File Deleted : C:\Users\Avery\AppData\Roaming\Mozilla\Firefox\Profiles\r7bskuue.default-1366047309412\user.js
File Deleted : C:\Users\Avery\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.betterdeals00.betterdeals.co_0.localstorage
File Deleted : C:\Users\Avery\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.betterdeals00.betterdeals.co_0.localstorage-journal
File Deleted : C:\Users\Avery\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Avery\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Scheduled Tasks ] *****
Task Deleted : SW-Booster-S-792098896
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\mconduitinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\mconduitinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\strongvaultapp_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\strongvaultapp_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\vopackage_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\vopackage_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\.
Key Deleted : HKLM\SOFTWARE\Classes\..9
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-792098896
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{d0e87c27}
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021804.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021804.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021804.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3292584
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0dcfb42c-d07f-4f59-9c9f-f94ae7404399}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110211181104}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220222182204}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7ca56836-a714-4d80-a5e7-fa23592cf8b2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{b1cde001-2abe-4a1e-b61b-c0948fd8788b}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{df88bd48-5eeb-41d9-919c-35f5401b8fc5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{f4c0f545-0ce6-40c2-ab71-7b5565dc7f4b}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550255185504}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186604}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211181104}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b1cde001-2abe-4a1e-b61b-c0948fd8788b}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110211181104}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{b1cde001-2abe-4a1e-b61b-c0948fd8788b}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{f4c0f545-0ce6-40c2-ab71-7b5565dc7f4b}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211181104}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{b1cde001-2abe-4a1e-b61b-c0948fd8788b}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{f4c0f545-0ce6-40c2-ab71-7b5565dc7f4b}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0dcfb42c-d07f-4f59-9c9f-f94ae7404399}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181104}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7ca56836-a714-4d80-a5e7-fa23592cf8b2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{b1cde001-2abe-4a1e-b61b-c0948fd8788b}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{df88bd48-5eeb-41d9-919c-35f5401b8fc5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{f4c0f545-0ce6-40c2-ab71-7b5565dc7f4b}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181104}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{0dcfb42c-d07f-4f59-9c9f-f94ae7404399}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{7ca56836-a714-4d80-a5e7-fa23592cf8b2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{b1cde001-2abe-4a1e-b61b-c0948fd8788b}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{df88bd48-5eeb-41d9-919c-35f5401b8fc5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{f4c0f545-0ce6-40c2-ab71-7b5565dc7f4b}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550255185504}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186604}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b1cde001-2abe-4a1e-b61b-c0948fd8788b}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\ViewPassword
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\SW-Booster
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\sw-boo~1\assist~1.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SW-BOO~1\ASSIST~2.DLL
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16476
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v27.0.1 (en-US)
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("CT3292584_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1366084809518,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3292584&octid=CT3292584&SearchSource=61&CUI=UN21470212234550904&UM=2&UP=SP9452DDA5-5801-4593-B7D0-3D145BDA5C57");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "MixiDJ V1 Customized Web Search");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3292584&SearchSource=2&CUI=UN21470212234550904&UM=2&q=");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3292584");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("browser.search.defaultenginename", "WebSearch");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("browser.search.defaultthis.engineName", "MixiDJ V1 Customized Web Search");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.searchandfly.info/?pid=3925&r=2014/09/23&hid=6039844556688528524&lg=EN&cc=US&unqvl=62&l=1&q=");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("browser.search.order.1", "WebSearch");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("browser.search.selectedEngine", "WebSearch");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://websearch.searchandfly.info/?pid=3925&r=2014/09/23&hid=6039844556688528524&lg=EN&cc=US&unqvl=62");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("keyword.URL", "hxxp://websearch.searchandfly.info/?pid=3925&r=2014/09/23&hid=6039844556688528524&lg=EN&cc=US&unqvl=62&l=1&q=");
-\\ Google Chrome v37.0.2062.120
*************************
AdwCleaner[R0].txt - [16632 octets] - [18/10/2014 14:34:04]
AdwCleaner[S0].txt - [15136 octets] - [18/10/2014 14:35:55]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15197 octets] ##########
Malwarebytes:
- - 2014/10/18 15:05:04 -0700 mbam-log-2014-10-18 (15-05-01).xml yes - 2.00.2.1012 v2014.10.18.06 v2014.10.17.01 free disabled disabled disabled - Windows 7 x64 Avery NTFS - threat completed 364366 0 0 2 0 0 5 47 0 - enabled enabled enabled enabled disabled disabled enabled enabled enabled - -HKLM\SOFTWARE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040} PUP.Optional.Multiplug success 2806d145e597290d32496d3146bc1ae6 -HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{157B1AA6-3E5C-404A-9118-C1D91F537040} PUP.Optional.Multiplug success 2806d145e597290d32496d3146bc1ae6 -C:\Users\Avery\AppData\Local\Temp\ct3285873 PUP.Optional.Conduit.A success ef3f49cdfa82181ed91f8d5f2fd3956b -C:\Users\Avery\AppData\Local\Temp\CT3292584 PUP.Optional.Conduit.A success fa34ca4cc4b80f27ad4b39b37e8440c0 -C:\Users\Avery\AppData\Local\Temp\CT3292584\xpi PUP.Optional.Conduit.A success fa34ca4cc4b80f27ad4b39b37e8440c0 -C:\Users\Avery\AppData\Local\Temp\CT3292584\xpi\defaults PUP.Optional.Conduit.A success fa34ca4cc4b80f27ad4b39b37e8440c0 -C:\Users\Avery\AppData\Local\Temp\CT3292584\xpi\defaults\preferences PUP.Optional.Conduit.A success fa34ca4cc4b80f27ad4b39b37e8440c0 -C:\$RECYCLE.BIN\S-1-5-21-1476328317-1806480840-1377834331-1000\$RENR842.exe PUP.Optional.OneClickDownloader.A success 7eb00214bac2f0466478b4727a879e62 -C:\Windows\SysWOW64\setup.exe PUP.Optional.MultiPlug success 89a5fc1a95e70a2cded7d6f7758c03fd -C:\Users\Avery\AppData\Local\Temp\0kycV45F.exe.part PUP.Optional.InstalleRex success aa846da9413b3df90dbfca8388798d73 -C:\Users\Avery\AppData\Local\Temp\dlLogic.exe PUP.Optional.Conduit.A success fa34ab6bbac2e94dcf10b191768a3fc1 -C:\Users\Avery\AppData\Local\Temp\nsnA6B.exe PUP.Optional.Conduit.A success b27c1600cab20f276acdcdca1ee30af6 -C:\Users\Avery\AppData\Local\Temp\nso102F.exe PUP.Optional.Conduit.A success b07ee0360d6fac8adc4977bc5ca55ea2 -C:\Users\Avery\AppData\Local\Temp\nso19F5.exe PUP.Optional.Conduit.A success 161870a605775bdbe2434de615ece11f -C:\Users\Avery\AppData\Local\Temp\nso4A29.exe PUP.Optional.Conduit.A success 6ec0f12594e839fd64c167ccca37738d -C:\Users\Avery\AppData\Local\Temp\w2HOERgd.exe.part PUP.Optional.Somoto success dd519b7b9ae257df859e4801818460a0 -C:\Users\Avery\AppData\Local\Temp\nsc3F8E.exe PUP.Optional.Conduit.A success e8468591ceae4aec73c483147e833dc3 -C:\Users\Avery\AppData\Local\Temp\checktbexist.exe PUP.Optional.Conduit.A success fb33878f1b613ef83adbd54afd039769 -C:\Users\Avery\AppData\Local\Temp\setup.exe PUP.Optional.Amonetize success ce6072a40e6e55e1753b3604ff02c040 -C:\Users\Avery\AppData\Local\Temp\SKeGCul9.exe.part PUP.Optional.Somoto success 4fdfec2afd7f45f1e63d81c8df267888 -C:\Users\Avery\AppData\Local\Temp\SPStub.exe PUP.Optional.SearchProtect.A success 1b13bd59c8b45fd739e85b3b0ff2d62a -C:\Users\Avery\AppData\Local\Temp\mconduitinstaller.exe PUP.Optional.Conduit.A success a38b82943844ec4ac9e27ac40bf55da3 -C:\Users\Avery\AppData\Local\Temp\nstEB19.exe PUP.Optional.Conduit.A success b07ebb5bfa82ff3769ce4e4931d0e818 -C:\Users\Avery\AppData\Local\Temp\nsv851C.exe PUP.Optional.Conduit.A success 0e20a472c2ba90a64ed7979c936e44bc -C:\Users\Avery\AppData\Local\Temp\nsx3D3.exe PUP.Optional.Conduit.A success 200e34e285f79c9a48ef4255b64bba46 -C:\Users\Avery\AppData\Local\Temp\nsyFD99.exe PUP.Optional.Conduit.A success a6886fa7b5c7f343ce57c66d956c6e92 -C:\Users\Avery\AppData\Local\Temp\o1PZKtMg.exe.part PUP.Optional.InstallRex success ab83997d2a5220165eaef1cbfc0534cc -C:\Users\Avery\AppData\Local\Temp\nsdAA6F.exe PUP.Optional.Conduit.A success 15190115b0cc78be1e199cfbde23837d -C:\Users\Avery\AppData\Local\Temp\nsdC85B.exe PUP.Optional.Conduit.A success c16d68aee59768ce45f2aceb32cf4ab6 -C:\Users\Avery\AppData\Local\Temp\nsiFF14.exe PUP.Optional.Conduit.A success c7670c0ac1bbd066ae891186d13058a8 -C:\Users\Avery\AppData\Local\Temp\083B3F\temp\extIE_setup.exe PUP.Optional.MultiPlug success 2e00b95d0d6f2d09d765cbff09f81fe1 -C:\Users\Avery\AppData\Local\Temp\083B3F\temp\hpds_setup.exe PUP.Optional.MultiPlug.A success 31fd19fddca0ea4c43ed20bd847dd12f -C:\Users\Avery\AppData\Local\Temp\083B3F\temp\setupespl.exe PUP.Optional.MultiPlug success 3df1a5714d2fac8a3efe7d4da35e8b75 -C:\Users\Avery\AppData\Local\Temp\083B3F\temp\usetup.exe Trojan.Downloader success 5bd3ec2aec9049ed7fc86c31ee144db3 -C:\Users\Avery\AppData\Local\Temp\nsn49C8\SpSetup.exe PUP.Optional.SearchProtect.A success d45ad93d5b2182b490c79a074fb2f60a -C:\Users\Avery\AppData\Local\Temp\nsn7F2A\SpSetup.exe PUP.Optional.SearchProtect.A success 6ac4c5513a421620d582435ec63b1be5 -C:\Users\Avery\AppData\Local\Temp\n7486\CEInstaller-b07e5de2.exe PUP.Optional.ContentExplorer.A success a688090db7c5290d2cc5621fbb4634cc -C:\Users\Avery\AppData\Local\Temp\n7486\s7486.exe PUP.Optional.BundleInstaller.A success ae808f87f587c175ec28d86f5da37888 -C:\Users\Avery\AppData\Local\Temp\n7486\searchprotect_2805-feafc00c.exe PUP.Optional.SearchProtect.A success ec42799de498b18545dc21756998ae52 -C:\Users\Avery\AppData\Local\Temp\n7486\ViewPassword_1030-8002.exe PUP.Optional.ViewPassWord.A success 4ce24dc914685ed87e713b52ba48fa06 -C:\Users\Avery\AppData\Local\Temp\ct3285873\ctbe.exe PUP.Optional.Conduit.A success 29051df97b01e35331a1011dbb45e21e -C:\Users\Avery\AppData\Local\Temp\ct3285873\ffLogic.exe PUP.Optional.Conduit.A success c06e8d896a125dd9065bdd54a8590bf5 -C:\Users\Avery\AppData\Local\Temp\ct3285873\ieLogic.exe PUP.Optional.Conduit.A success 9b9343d3e39972c4421f46eb6f92926e -C:\Users\Avery\AppData\Local\Temp\ct3285873\statisticsStub.exe PUP.Optional.Conduit.A success 72bc00167c00270ff4f1e536bd44fe02 -C:\Users\Avery\AppData\Local\Temp\CT3292584\spff.exe PUP.Optional.Conduit.A success 2608d6401a623204de835ad705fcd42c -C:\Users\Avery\AppData\Local\Temp\nsh7902\SpSetup.exe PUP.Optional.SearchProtect.A success b27cf2245d1fbc7ad483a9f838c91de3 -C:\Users\Avery\AppData\Local\Temp\ct3285873\chromeid.txt PUP.Optional.Conduit.A success ef3f49cdfa82181ed91f8d5f2fd3956b -C:\Users\Avery\AppData\Local\Temp\ct3285873\setup.ini.txt PUP.Optional.Conduit.A success ef3f49cdfa82181ed91f8d5f2fd3956b -C:\Users\Avery\AppData\Local\Temp\ct3285873\stub.exe PUP.Optional.Conduit.A success ef3f49cdfa82181ed91f8d5f2fd3956b -C:\Users\Avery\AppData\Local\Temp\CT3292584\conduit.xml PUP.Optional.Conduit.A success fa34ca4cc4b80f27ad4b39b37e8440c0 -C:\Users\Avery\AppData\Local\Temp\CT3292584\CT3292584.xpi PUP.Optional.Conduit.A success fa34ca4cc4b80f27ad4b39b37e8440c0 -C:\Users\Avery\AppData\Local\Temp\CT3292584\version.txt PUP.Optional.Conduit.A success fa34ca4cc4b80f27ad4b39b37e8440c0 -C:\Users\Avery\AppData\Local\Temp\CT3292584\xpi\install.rdf PUP.Optional.Conduit.A success fa34ca4cc4b80f27ad4b39b37e8440c0 -C:\Users\Avery\AppData\Local\Temp\CT3292584\xpi\defaults\preferences\defaults.js PUP.Optional.Conduit.A success fa34ca4cc4b80f27ad4b39b37e8440c0
Mbam Protection Log:
-
Security Check (Checkup):
Results of screen317's Security Check version 0.99.89
Windows 7 x64 (UAC is disabled!)
Out of date service pack!!
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 55
Java version out of Date!
Adobe Flash Player 15.0.0.152
Adobe Reader XI
Mozilla Firefox 27.0.1 Firefox out of Date!
Google Chrome 37.0.2062.103
Google Chrome 37.0.2062.120
Google Chrome update.dll..
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
I went through the new users' guide and followed all instructions - I ran the AdwCleaner, Malwarebytes, and Security Check. But I am still getting strange ads and pop-up tabs whenever I click on ANYTHING! It's scary... please help!
Here are my various logs...
AdwCleaner:
# AdwCleaner v4.000 - Report created 18/10/2014 at 14:35:55
# DB v2014-10-17.9
# Updated 12/10/2014 by Xplode
# Operating System : Windows 7 Home Premium (64 bits)
# Username : Avery - DIMITRI
# Running from : C:\Users\Avery\Desktop\adwcleaner_4.000.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : d0e87c27
***** [ Files / Folders ] *****
Folder Deleted : C:\Users\Avery\AppData\Local\blekkotb_031
Folder Deleted : C:\ProgramData\BlockIt Ad remover
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Avery\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Users\Avery\AppData\Local\Conduit
Folder Deleted : C:\Users\Avery\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Avery\AppData\Local\Coupon Companion Plugin
Folder Deleted : C:\Users\Avery\AppData\LocalLow\Download and Sa
Folder Deleted : C:\ProgramData\NextCoup
Folder Deleted : C:\Program Files (x86)\NextCoup
Folder Deleted : C:\Users\Avery\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Avery\AppData\Roaming\SendSpace
Folder Deleted : C:\Users\Avery\AppData\Roaming\Strongvault
Folder Deleted : C:\Program Files (x86)\sw-booster
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\Avery\AppData\Local\torch
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\ProgramData\Trusted Publisher
Folder Deleted : C:\ProgramData\GoSaVe
Folder Deleted : C:\Program Files (x86)\GoSaVe
Folder Deleted : C:\ProgramData\JOniCOupoN
Folder Deleted : C:\Program Files (x86)\JOniCOupoN
Folder Deleted : C:\ProgramData\JonioCoupon
Folder Deleted : C:\ProgramData\RegularDeeals
Folder Deleted : C:\Program Files (x86)\RegularDeeals
Folder Deleted : C:\Users\Avery\AppData\Roaming\Mozilla\Firefox\Profiles\r7bskuue.default-1366047309412\Extensions\qe2uc@p.net
Folder Deleted : C:\Users\Avery\AppData\Roaming\Mozilla\Firefox\Profiles\r7bskuue.default-1366047309412\Extensions\YRuGy@zsx.org
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdkggchpnimbckiodcealjepgoapcelf
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdkggchpnimbckiodcealjepgoapcelf
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdkggchpnimbckiodcealjepgoapcelf
Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcehffaobddeodcoieengkgknkpelkig
Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcehffaobddeodcoieengkgknkpelkig
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcehffaobddeodcoieengkgknkpelkig
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdkggchpnimbckiodcealjepgoapcelf
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdkggchpnimbckiodcealjepgoapcelf
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdkggchpnimbckiodcealjepgoapcelf
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcehffaobddeodcoieengkgknkpelkig
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcehffaobddeodcoieengkgknkpelkig
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcehffaobddeodcoieengkgknkpelkig
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdkggchpnimbckiodcealjepgoapcelf
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdkggchpnimbckiodcealjepgoapcelf
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\bdkggchpnimbckiodcealjepgoapcelf
[!] Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcehffaobddeodcoieengkgknkpelkig
[!] Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcehffaobddeodcoieengkgknkpelkig
[!] Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcehffaobddeodcoieengkgknkpelkig
File Deleted : C:\END
File Deleted : C:\Users\Avery\AppData\Roaming\Mozilla\Firefox\Profiles\r7bskuue.default-1366047309412\searchplugins\Conduit.xml
File Deleted : C:\Users\Avery\AppData\Roaming\Mozilla\Firefox\Profiles\r7bskuue.default-1366047309412\searchplugins\WebSearch.xml
File Deleted : C:\Users\Avery\AppData\Roaming\Mozilla\Firefox\Profiles\r7bskuue.default-1366047309412\user.js
File Deleted : C:\Users\Avery\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.betterdeals00.betterdeals.co_0.localstorage
File Deleted : C:\Users\Avery\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.betterdeals00.betterdeals.co_0.localstorage-journal
File Deleted : C:\Users\Avery\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Avery\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
***** [ Scheduled Tasks ] *****
Task Deleted : SW-Booster-S-792098896
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\App24x7Help_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\mconduitinstaller_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\mconduitinstaller_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\strongvaultapp_rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\strongvaultapp_rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\vopackage_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\vopackage_RASMANCS
Key Deleted : HKLM\SOFTWARE\Classes\.
Key Deleted : HKLM\SOFTWARE\Classes\..9
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\S-792098896
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{d0e87c27}
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021804.BHO
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021804.Sandbox
Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0021804.Sandbox.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3292584
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{72D89EBF-0C5D-4190-91FD-398E45F1D007}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0dcfb42c-d07f-4f59-9c9f-f94ae7404399}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110211181104}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220222182204}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7ca56836-a714-4d80-a5e7-fa23592cf8b2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{b1cde001-2abe-4a1e-b61b-c0948fd8788b}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{df88bd48-5eeb-41d9-919c-35f5401b8fc5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{f4c0f545-0ce6-40c2-ab71-7b5565dc7f4b}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550255185504}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186604}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110211181104}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b1cde001-2abe-4a1e-b61b-c0948fd8788b}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A1E28287-1A31-4B0F-8D05-AA8C465D3C5A}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110211181104}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{b1cde001-2abe-4a1e-b61b-c0948fd8788b}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{f4c0f545-0ce6-40c2-ab71-7b5565dc7f4b}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110211181104}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{b1cde001-2abe-4a1e-b61b-c0948fd8788b}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{f4c0f545-0ce6-40c2-ab71-7b5565dc7f4b}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0dcfb42c-d07f-4f59-9c9f-f94ae7404399}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110211181104}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7ca56836-a714-4d80-a5e7-fa23592cf8b2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{b1cde001-2abe-4a1e-b61b-c0948fd8788b}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{df88bd48-5eeb-41d9-919c-35f5401b8fc5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{f4c0f545-0ce6-40c2-ab71-7b5565dc7f4b}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110211181104}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{0dcfb42c-d07f-4f59-9c9f-f94ae7404399}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{7ca56836-a714-4d80-a5e7-fa23592cf8b2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{b1cde001-2abe-4a1e-b61b-c0948fd8788b}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{df88bd48-5eeb-41d9-919c-35f5401b8fc5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{f4c0f545-0ce6-40c2-ab71-7b5565dc7f4b}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3B3F3AAD-FB97-49FF-BFEE-D22869AC4326}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550255185504}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660266186604}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b1cde001-2abe-4a1e-b61b-c0948fd8788b}
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Software\ViewPassword
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\SOFTWARE\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\SW-Booster
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\sw-boo~1\assist~1.dll
Data Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SW-BOO~1\ASSIST~2.DLL
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16476
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
-\\ Mozilla Firefox v27.0.1 (en-US)
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("CT3292584_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1366084809518,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3292584&octid=CT3292584&SearchSource=61&CUI=UN21470212234550904&UM=2&UP=SP9452DDA5-5801-4593-B7D0-3D145BDA5C57");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "MixiDJ V1 Customized Web Search");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3292584&SearchSource=2&CUI=UN21470212234550904&UM=2&q=");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3292584");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("browser.search.defaultenginename", "WebSearch");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("browser.search.defaultenginename,S", "WebSearch");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("browser.search.defaultthis.engineName", "MixiDJ V1 Customized Web Search");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("browser.search.defaulturl", "hxxp://websearch.searchandfly.info/?pid=3925&r=2014/09/23&hid=6039844556688528524&lg=EN&cc=US&unqvl=62&l=1&q=");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("browser.search.order.1", "WebSearch");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("browser.search.order.1,S", "WebSearch");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("browser.search.selectedEngine", "WebSearch");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("browser.search.selectedEngine,S", "WebSearch");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("browser.startup.homepage", "hxxp://websearch.searchandfly.info/?pid=3925&r=2014/09/23&hid=6039844556688528524&lg=EN&cc=US&unqvl=62");
[r7bskuue.default-1366047309412] - Line Deleted : user_pref("keyword.URL", "hxxp://websearch.searchandfly.info/?pid=3925&r=2014/09/23&hid=6039844556688528524&lg=EN&cc=US&unqvl=62&l=1&q=");
-\\ Google Chrome v37.0.2062.120
*************************
AdwCleaner[R0].txt - [16632 octets] - [18/10/2014 14:34:04]
AdwCleaner[S0].txt - [15136 octets] - [18/10/2014 14:35:55]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [15197 octets] ##########
Malwarebytes:
-
Mbam Protection Log:
-
Security Check (Checkup):
Results of screen317's Security Check version 0.99.89
Windows 7 x64 (UAC is disabled!)
Out of date service pack!!
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Microsoft Security Essentials
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 55
Java version out of Date!
Adobe Flash Player 15.0.0.152
Adobe Reader XI
Mozilla Firefox 27.0.1 Firefox out of Date!
Google Chrome 37.0.2062.103
Google Chrome 37.0.2062.120
Google Chrome update.dll..
````````Process Check: objlist.exe by Laurent````````
Microsoft Security Essentials MSMpEng.exe
Microsoft Security Essentials msseces.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````