Avast WEBforum

Other => Viruses and worms => Topic started by: Warrior Soul on March 24, 2014, 08:08:31 PM

Title: Unable to remove Pup.optional.conduit
Post by: Warrior Soul on March 24, 2014, 08:08:31 PM

Greetings, Please help in removing pup.optional.conduit at registry values. It always gets quarantined and deleted, always appears again when I rescan pc. 

Thank you so much!

 

Title: Re: Unable to remove Pup.optional.conduit
Post by: TwinHeadedEagle on March 24, 2014, 08:17:15 PM

Hi,


Please download zoek.zip or zoek.rar by smeenk ((http://www.mcshield.net/personal/magna86/Images/Zoek_icon.png)) from here (http://www.hijackthis.nl/smeenk/201213/zoek.zip) or here (http://www.hijackthis.nl/smeenk/201213/zoek.rar) and save it to your Desktop.
Unpack the archive...

• Close any open browsers
• Temporarily disable your AntiVirus program. (If necessary)
  If you are unsure how to do this please read this (http://'http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html') or this (http://'http://www.bleepingcomputer.com/forums/topic114351.html') Instruction.
  
  
• Double click on zoek.exe to run the tool .
  Please wait for the tool to start...
  
  
• Copy the text present inside the code box below and paste it into the large window in the zoek tool:

Code: [Select]

createsrpoint;
gpt.ini;z
C:\Windows\System32\GroupPolicy;v
C:\Windows\SysWOW64\GroupPolicy;v
StandardSearch;
emptyfolderscheck;
installer-list;
installedprogs;
uninstall-list;


• Click on (http://www.mcshield.net/personal/magna86/Images/Run%20Script%20by%20zoek.png) button.
  Please wait until a logreport will open (this can be after reboot)
  
  
• Save notepad to your Desktop and attach here zoek-results.log
  Note: It will also create a log in the C:\ directory named "zoek-results.log"
  

Title: Re: Unable to remove Pup.optional.conduit
Post by: Warrior Soul on March 24, 2014, 10:09:19 PM

Please find attached Zoek.exe log

Title: Re: Unable to remove Pup.optional.conduit
Post by: TwinHeadedEagle on March 25, 2014, 01:17:31 PM

Re-run Zoek again, with the script below:

Code: [Select]

C:\Users\Monchi PC\AppData\Local\SearchProtect;fs
[HKEY_USERS\S-1-5-21-2769841063-4059942374-1137654693-1000\Software\Microsoft\Windows\CurrentVersion\Run];r
"BackgroundContainer"=-;r
C:\Users\Monchi PC\AppData\Local\Conduit\BackgroundContainer;fs
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r
"BackgroundContainer"=-;r
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows];r
"AppInit_DLLs"=-;r
C:\\PROGRA~2\\SearchProtect;fs
autoclean;
emptyalltemp;
emptyclsid;
ipconfig /flushdns;b