0 Members and 1 Guest are viewing this topic.
HKU\S-1-5-21-2331929575-4195832412-1728464189-1000\...\Run: [ConduitFloatingPlugin_bjninacglmmmbabmlkaegnanopeoiong] => "C:\windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Conduit\CT3269511\plugins\TBVerifier.dll",RunConduitFloatingPlugin bjninacglmmmbabmlkaegnanopeoiongGroupPolicy: Group Policy on Chrome detected <======= ATTENTIONHKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://start.search.us.com/v/2/?guid={FF2B4B5F-222A-41BA-A3BB-CE7019617ED0}&serpv=5SearchScopes: HKLM-x32 - DefaultScope {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://uk.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://uk.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.certified-toolbar.com?si=38268&bs=true&tid=77&q={searchTerms}SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.simplespeedy.info/?l=1&q={searchTerms}SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://search.conduit.com/Results.aspx?gd=&ctid=CT3321897&octid=EB_ORIGINAL_CTID&ISID=M5D182B5E-3F66-4F16-8B57-9016B5A54FCC&SearchSource=58&CUI=&UM=5&UP=SP6FFE4FCD-FFAB-4A34-86A7-A870CF463BED&q={searchTerms}&SSPV=SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://search.certified-toolbar.com?si=38268&bs=true&tid=77&q={searchTerms}SearchScopes: HKCU - {384E8513-39C7-47CD-88BA-0444244DE211} URL = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10553SearchScopes: HKCU - {7C47C845-2212-4E84-A6FA-1669FF2A5C9E} URL = http://search.us.com/serp?guid={FF2B4B5F-222A-41BA-A3BB-CE7019617ED0}&action=default_search&serpv=5&k={searchTerms}SearchScopes: HKCU - {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = https://uk.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.simplespeedy.info/?l=1&q={searchTerms}SearchScopes: HKCU - {C20B986E-A199-4004-A9B1-D0EBA7A5C4BE} URL = http://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10553BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> C:\Program Files (x86)\Hotspot Shield\HssIE\HssIE_64.dll No FileBHO-x32: No Name -> {301EB127-DE7A-9615-2292-3B15FD81D1A9} -> No FileBHO-x32: No Name -> {472BC38C-7047-6087-AE10-620AB1B2082A} -> No FileBHO-x32: No Name -> {63997FF8-4C18-4439-AFC0-BB611BB228EA} -> No FileBHO-x32: No Name -> {EA5CA8B6-9B9C-4994-A7A1-947B6C631BE7} -> No FileBHO-x32: No Name -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> No FileToolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No FileToolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No FileFF Extension: General Crawler - C:\Users\Maestro\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\gencrawler@some.com [2012-03-17]CHR Extension: (GioSAvue) - C:\Users\Maestro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkfncepemdahanhojofefbfjlmhdaoki [2014-09-16]CHR HKLM-x32\...\Chrome\Extension: [mfjakkbapgpnfehokplepkmfhgjohdoi] - C:\ProgramData\Codec-V\mfjakkbapgpnfehokplepkmfhgjohdoi.crx [2014-07-14]CHR HKLM-x32\...\Chrome\Extension: [oelbclnhkbhlhikfmpmbakbgeonbjjnp] - C:\Users\Maestro\AppData\Local\CRE\oelbclnhkbhlhikfmpmbakbgeonbjjnp.crx [2013-02-28]CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTIONCHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION2014-09-16 23:03 - 2014-09-16 23:03 - 00000000 ____D () C:\Users\Maestro\AppData\Local\Torch2014-09-16 23:03 - 2014-09-16 23:03 - 00000000 ____D () C:\Users\Maestro\AppData\Local\Comodo2014-09-16 23:03 - 2014-09-16 23:03 - 00000000 ____D () C:\Users\Maestro\AppData\Local\Chromatic Browser2014-09-16 23:03 - 2014-09-16 23:03 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch2014-09-16 23:03 - 2014-09-16 23:03 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google2014-09-16 23:03 - 2014-09-16 23:03 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo2014-09-16 23:03 - 2014-09-16 23:03 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser2014-09-16 23:03 - 2014-09-16 23:03 - 00000000 ____D () C:\Users\Experiment\AppData\Local\Torch2014-09-16 23:03 - 2014-09-16 23:03 - 00000000 ____D () C:\Users\Experiment\AppData\Local\Comodo2014-09-16 23:03 - 2014-09-16 23:03 - 00000000 ____D () C:\Users\Experiment\AppData\Local\Chromatic Browser2014-09-16 23:03 - 2014-09-16 23:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch2014-09-16 23:03 - 2014-09-16 23:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google2014-09-16 23:03 - 2014-09-16 23:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo2014-09-16 23:03 - 2014-09-16 23:03 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser2014-09-16 23:03 - 2014-09-16 23:03 - 00000000 ____D () C:\ProgramData\4d09ce8d5400296dTask: {0AD9F518-539E-4AB0-8D81-FD790A1756F9} - System32\Tasks\Your File Updater => C:\Program Files (x86)\YourFileDownloader\YourFileUpdater.exe <==== ATTENTIONTask: {DEE089FD-58E6-47A5-8859-B9FDC798DE91} - System32\Tasks\CodecUpdaterTask{755F3BC0-23EA-4A95-8BEE-6E2B30B8FC82} => C:\ProgramData\Premium\Codec\Codec.exe <==== ATTENTIONTask: C:\windows\Tasks\CodecUpdaterTask{755F3BC0-23EA-4A95-8BEE-6E2B30B8FC82}.job => C:\ProgramData\Premium\Codec\Codec.exe <==== ATTENTIONC:\Program Files (x86)\YourFileDownloaderC:\ProgramData\PremiumC:\Users\Maestro\AmazonMP3Downloader.exeC:\Users\Maestro\Uninstall.exeC:\Users\Maestro\AppData\Local\Google\Chrome\User Data\Default\File System\004 EmptyTemp: CMD: bitsadmin /reset /allusers