Google redirect; slow PC

Help and Discussion

Moderator: The Mod Squad

Google redirect; slow PC

Postby Nightwingsgurl » Mon Mar 31, 2014 10:43 am

Hi, I've noticed that when I search on Google, the search takes longer than normal and there are several extra characters at the end. Occasionally it says redirect, and it's like it briefly loads another page before going to the actual search page. I primarily use Chrome, although I also use Firefox.

I am getting ready to transfer several files to an external drive, so I want to make sure it's clean before I do that. I ran my regular scans and am trying to clean up extra junk to speed up my system (basically took a half day and ran scans, cancelled several startup prorams, etc). Normally my computer runs pretty quickly, even for games like Skyrim, but it's recently begun freezing during games, preventing saves, randomly shutting down browsers, etc.

I ran CCleaner, Malwarebytes, AdwCleaner, and Spybot S&D. Malwarebytes and Spybot, the first I ran, found a couple hundred items, including several high-threat ones. ADwCleaner, run later, did not find anything.

I am currently running Microsoft Security Essentials. I just finished a HitMan Pro scan and Hijack This. I am not sure what needs to stay or go, though, so I want to post the logs, but it won't let me because they contain URLs?Links. I tried to type DOTCOM, etc. to alter them, but I gave up. Is there a way to upload the files and I'm missing it?
Nightwingsgurl
Pilgrim
Pilgrim
 
Posts: 8
Joined: Mon Mar 31, 2014 10:15 am

Postby evasive » Mon Mar 31, 2014 12:09 pm

You cannot upload files here, you can only post the text of the logs if you mark them as Code.

That way no innocent people can get hurt if there's a malware link in there by accident.
We hate rut, but we fear change.
********************************
System error, strike any user to continue...
evasive
Mobo-fu Master
Mobo-fu Master
 
Posts: 37389
Joined: Sun May 06, 2001 12:01 am
Location: Netherlands

Postby Nightwingsgurl » Mon Mar 31, 2014 12:25 pm

evasive wrote:You cannot upload files here, you can only post the text of the logs if you mark them as Code.

That way no innocent people can get hurt if there's a malware link in there by accident.



Ohhhh, that makes sense. Unfortunately, I still can't upload them because I have made under 5 posts. :/
Nightwingsgurl
Pilgrim
Pilgrim
 
Posts: 8
Joined: Mon Mar 31, 2014 10:15 am

Postby Nightwingsgurl » Sun Apr 06, 2014 1:19 pm

Honestly, I hate bumping threads, but I don't know what else to do to get it past the 5-post limit so it will let me post my logs. :/
Nightwingsgurl
Pilgrim
Pilgrim
 
Posts: 8
Joined: Mon Mar 31, 2014 10:15 am

Postby Nightwingsgurl » Sun Apr 06, 2014 1:20 pm

Even putting them in as 'code,' it still picks up a URL and says I can't post. I have two Spybot logs from today and other logs from a couple of days ago.
Nightwingsgurl
Pilgrim
Pilgrim
 
Posts: 8
Joined: Mon Mar 31, 2014 10:15 am

Postby Nightwingsgurl » Sun Apr 06, 2014 1:21 pm

Also, if things aren't clearing up, would deleting Google work? Especially if viruses are from a coupon bar or something?
Nightwingsgurl
Pilgrim
Pilgrim
 
Posts: 8
Joined: Mon Mar 31, 2014 10:15 am

Postby Nightwingsgurl » Sun Apr 06, 2014 1:23 pm

Sorry for the other posts, but they were legit questions, and I had to get past five to post my logs... I'm worried about the Coupon Bar and Complitly (I don't know what that is, but a Google search shows others with the same problem).

Spybot, first scan for today:

Code: Select all
Search results from Spybot - Search & Destroy

4/6/2014 3:49:27 PM
Scan took 00:29:26.
62 items found.

CouponBar: [SBI $EFE6495E] Class ID (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}

CouponBar: [SBI $CB95FB49] Class ID (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}

CouponBar: [SBI $CB95FB49] Class ID (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}

CouponBar: [SBI $51FE8B2E] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\cpbrkpie.Coupon6Ctrl.1

CouponBar: [SBI $51FE8B2E] Class ID (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}

CouponBar: [SBI $51FE8B2E] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\cpbrkpie.Coupon6Ctrl.1

CouponBar: [SBI $7A5ACBCB] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{6E780F0B-BCD6-40CB-B2DB-7AF47AB4D4A4}

CouponBar: [SBI $7A5ACBCB] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{6E780F0B-BCD6-40CB-B2DB-7AF47AB4D4A4}

CouponBar: [SBI $7B15781E] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{A138BE8B-F051-4802-9A3F-A750A6D862D4}

CouponBar: [SBI $7B15781E] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{A138BE8B-F051-4802-9A3F-A750A6D862D4}

CouponBar: [SBI $E3788A7B] Type library (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{87255C51-CD7D-4506-B9AD-97606DAF53F3}

CouponBar: [SBI $E3788A7B] Type library (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{87255C51-CD7D-4506-B9AD-97606DAF53F3}

Complitly: [SBI $3378259D] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda

Complitly: [SBI $2E3BE6DA] Uninstall settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1

Complitly: [SBI $0DF030C9] Class ID (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

Complitly: [SBI $0DF030C9] Class ID (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

Complitly: [SBI $5DB75812] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}

Complitly: [SBI $5DB75812] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}

Complitly: [SBI $992D65E6] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO

Complitly: [SBI $992D65E6] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1

Complitly: [SBI $992D65E6] Class ID (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

Complitly: [SBI $992D65E6] Browser helper object (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

Complitly: [SBI $992D65E6] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1

Complitly: [SBI $992D65E6] Class ID (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

Complitly: [SBI $992D65E6] Browser helper object (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

Complitly: [SBI $992D65E6] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO

Complitly: [SBI $F77B8047] Type library (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}

Complitly: [SBI $F77B8047] Type library (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}

Complitly: [SBI $471C063E] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\{442F13BC-2031-42D5-9520-437F65271153}

Complitly: [SBI $471C063E] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\{442F13BC-2031-42D5-9520-437F65271153}

Complitly: [SBI $C3A7FBCB] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\Complitly.DLL

Complitly: [SBI $C3A7FBCB] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\Complitly.DLL

Complitly: [SBI $D99E9709] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\SimplyGen

Complitly: [SBI $52ABDAA1] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda

Complitly: [SBI $52ABDAA1] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda

Conduit.SearchProtect: [SBI $C559C1BC] Settings (Registry Value, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\SearchProtect\Environment

Conduit.SearchProtect: [SBI $746A4EE2] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\SearchProtect

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\Imari\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\87EUB7M3\eplayer-static.clipsyndicate.com\analytics.sol
  Properties.size=419
  Properties.md5=E6084F055DD827F9A23D6D9E1163574E
  Properties.filedate=1396325742
  Properties.filedatetext=2014-04-01 00:15:41

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\Imari\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\87EUB7M3\kotaku.com\analytics.sol
  Properties.size=257
  Properties.md5=CBFE2D85FDEF12B402586E2CD6157935
  Properties.filedate=1396325927
  Properties.filedatetext=2014-04-01 00:18:47

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\Imari\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\87EUB7M3\kotaku.com\com.longtailvideo.jwplayer.sol
  Properties.size=55
  Properties.md5=4A5621B8838D1E72DE9838582FC82B90
  Properties.filedate=1396325917
  Properties.filedatetext=2014-04-01 00:18:37

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\Imari\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\87EUB7M3\player.ooyala.com\auth.sol
  Properties.size=47
  Properties.md5=0FA60AF4F70B12FCD601DE713CE37AD9
  Properties.filedate=1396804042
  Properties.filedatetext=2014-04-06 13:07:22

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\Imari\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\87EUB7M3\player.ooyala.com\auth2.sol
  Properties.size=262
  Properties.md5=CE9DB42BC57C37861D30EE53F5CFDC7E
  Properties.filedate=1396813766
  Properties.filedatetext=2014-04-06 15:49:26

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\Imari\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\87EUB7M3\player.ooyala.com\auth_id.sol
  Properties.size=40
  Properties.md5=4D8ABC885EBEA1988A6D0559C14C1E5A
  Properties.filedate=1396804044
  Properties.filedatetext=2014-04-06 13:07:23

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\Imari\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\87EUB7M3\player.ooyala.com\ooyala_guid.sol
  Properties.size=63
  Properties.md5=644A3884F671FCD8F777FB720C4D8E63
  Properties.filedate=1396805688
  Properties.filedatetext=2014-04-06 13:34:47

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\Imari\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\87EUB7M3\player.ooyala.com\perf.sol
  Properties.size=127
  Properties.md5=120514BECAF50204345A19473CC4B697
  Properties.filedate=1396813578
  Properties.filedatetext=2014-04-06 15:46:18

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\Imari\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\87EUB7M3\s.ytimg.com\soundData.sol
  Properties.size=49
  Properties.md5=B3C573870154C584C0492D01AA7FBF6B
  Properties.filedate=1396761406
  Properties.filedatetext=2014-04-06 01:16:45

Macromedia.FlashPlayer.Cookies: [SBI $1EF45977]  Text file (File, nothing done)
  C:\Users\Imari\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\87EUB7M3\skype.com\#ui\preferences.sol
  Properties.size=234
  Properties.md5=7296BCF418002B04B3B24263C6BF2FC9
  Properties.filedate=1396720815
  Properties.filedatetext=2014-04-05 14:00:14

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1487551961-3572496284-799048130-1000\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

MS DirectInput: [SBI $9A063C91] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1487551961-3572496284-799048130-1000\Software\Microsoft\DirectInput\MostRecentApplication\Name

MS DirectInput: [SBI $7B184199] Most recent application ID (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-1487551961-3572496284-799048130-1000\Software\Microsoft\DirectInput\MostRecentApplication\Id

Windows Explorer: [SBI $7308A845] Run history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1487551961-3572496284-799048130-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1487551961-3572496284-799048130-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Cache: [SBI $49804B54] Browser: Cache (50) (Browser: Cache, nothing done)
 

History: [SBI $49804B54] Browser: History (2) (Browser: History, nothing done)
 

Cookie: [SBI $49804B54] Browser: Cookie (224) (Browser: Cookie, nothing done)
 


--- Spybot - Search & Destroy version: 2.1.18.131  DLL (build: 20130516) ---

2013-09-20 blindman.exe (2.2.18.151)
2013-09-20 explorer.exe (2.2.18.177)
2013-09-20 SDBootCD.exe (2.2.18.109)
2013-09-20 SDCleaner.exe (2.2.18.110)
2013-09-20 SDDelFile.exe (2.2.18.94)
2013-06-18 SDDisableProxy.exe
2013-09-20 SDFiles.exe (2.2.18.135)
2013-09-20 SDFileScanHelper.exe (2.2.16.1)
2013-10-15 SDFSSvc.exe (2.2.25.211)
2013-10-10 SDHookHelper.exe (2.3.30.2)
2013-10-10 SDHookInst32.exe (2.3.30.2)
2013-10-10 SDHookInst64.exe (2.3.30.2)
2013-09-20 SDImmunize.exe (2.2.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-10-14 SDOnAccess.exe (2.2.25.4)
2013-09-20 SDPESetup.exe (2.2.18.3)
2013-09-20 SDPEStart.exe (2.2.18.86)
2013-09-20 SDPhoneScan.exe (2.2.18.28)
2013-09-20 SDPRE.exe (2.2.18.22)
2013-09-20 SDPrepPos.exe (2.2.18.10)
2013-09-20 SDQuarantine.exe (2.2.18.103)
2013-09-20 SDRootAlyzer.exe (2.2.18.116)
2013-09-20 SDSBIEdit.exe (2.2.18.39)
2013-09-20 SDScan.exe (2.2.18.177)
2013-09-20 SDScript.exe (2.2.18.53)
2013-10-15 SDSettings.exe (2.2.25.138)
2013-09-20 SDShell.exe (2.2.18.2)
2013-09-20 SDShred.exe (2.2.18.107)
2013-09-20 SDSysRepair.exe (2.2.18.101)
2013-09-20 SDTools.exe (2.2.18.150)
2013-07-25 SDTray.exe (2.1.21.129)
2013-09-20 SDUpdate.exe (2.2.18.91)
2013-09-20 SDUpdSvc.exe (2.2.18.76)
2013-09-20 SDWelcome.exe (2.2.21.129)
2013-09-13 SDWSCSvc.exe (2.2.22.2)
2013-06-19 spybotsd2-translation-frx.exe
2014-01-02 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-05-16 SDECon64.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-10-14 SDFileScanLibrary.dll (2.2.25.14)
2013-10-10 SDHook32.dll (2.3.30.2)
2013-10-10 SDHook64.dll (2.3.30.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2014-03-05 Includes\Adware-000.sbi (*)
2014-01-08 Includes\Adware-001.sbi (*)
2014-03-26 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-01-08 Includes\Dialer-000.sbi (*)
2014-01-08 Includes\Dialer-001.sbi (*)
2014-01-08 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-01-08 Includes\Hijackers-000.sbi (*)
2014-01-08 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2014-01-08 Includes\Keyloggers-000.sbi (*)
2014-03-19 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2014-01-09 Includes\Malware-001.sbi (*)
2014-01-09 Includes\Malware-002.sbi (*)
2014-02-05 Includes\Malware-003.sbi (*)
2014-01-28 Includes\Malware-004.sbi (*)
2014-01-09 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2014-03-19 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-01-15 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2014-03-26 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2014-01-08 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2014-01-08 Includes\Spyware-000.sbi (*)
2014-01-08 Includes\Spyware-001.sbi (*)
2014-01-08 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-01-15 Includes\Trojans-002.sbi (*)
2014-01-15 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2014-01-15 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-01-15 Includes\Trojans-008.sbi (*)
2014-01-15 Includes\Trojans-009.sbi (*)
2014-03-26 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-01-15 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)




Spybot, second scan immediately afterwards (it said it cleared everything from the first scan, but it doesn't seem to be?):

Code: Select all
Search results from Spybot - Search & Destroy

4/6/2014 4:52:32 PM
Scan took 00:25:02.
46 items found.

CouponBar: [SBI $EFE6495E] Class ID (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}

CouponBar: [SBI $CB95FB49] Class ID (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}

CouponBar: [SBI $CB95FB49] Class ID (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\CLSID\{A85A5E6A-DE2C-4F4E-99DC-F469DF5A0EEC}

CouponBar: [SBI $51FE8B2E] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\cpbrkpie.Coupon6Ctrl.1

CouponBar: [SBI $51FE8B2E] Class ID (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9522B3FB-7A2B-4646-8AF6-36E7F593073C}

CouponBar: [SBI $51FE8B2E] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\cpbrkpie.Coupon6Ctrl.1

CouponBar: [SBI $7A5ACBCB] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{6E780F0B-BCD6-40CB-B2DB-7AF47AB4D4A4}

CouponBar: [SBI $7A5ACBCB] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{6E780F0B-BCD6-40CB-B2DB-7AF47AB4D4A4}

CouponBar: [SBI $7B15781E] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{A138BE8B-F051-4802-9A3F-A750A6D862D4}

CouponBar: [SBI $7B15781E] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{A138BE8B-F051-4802-9A3F-A750A6D862D4}

CouponBar: [SBI $E3788A7B] Type library (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{87255C51-CD7D-4506-B9AD-97606DAF53F3}

CouponBar: [SBI $E3788A7B] Type library (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{87255C51-CD7D-4506-B9AD-97606DAF53F3}

Complitly: [SBI $3378259D] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda

Complitly: [SBI $2E3BE6DA] Uninstall settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1

Complitly: [SBI $0DF030C9] Class ID (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

Complitly: [SBI $0DF030C9] Class ID (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

Complitly: [SBI $5DB75812] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}

Complitly: [SBI $5DB75812] Interface (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}

Complitly: [SBI $992D65E6] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO

Complitly: [SBI $992D65E6] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1

Complitly: [SBI $992D65E6] Class ID (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

Complitly: [SBI $992D65E6] Browser helper object (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

Complitly: [SBI $992D65E6] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1

Complitly: [SBI $992D65E6] Class ID (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

Complitly: [SBI $992D65E6] Browser helper object (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

Complitly: [SBI $992D65E6] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO

Complitly: [SBI $F77B8047] Type library (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}

Complitly: [SBI $F77B8047] Type library (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}

Complitly: [SBI $471C063E] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\{442F13BC-2031-42D5-9520-437F65271153}

Complitly: [SBI $471C063E] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\{442F13BC-2031-42D5-9520-437F65271153}

Complitly: [SBI $C3A7FBCB] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\Complitly.DLL

Complitly: [SBI $C3A7FBCB] Settings (Registry Key, nothing done)
  HKEY_CLASSES_ROOT\AppID\Complitly.DLL

Complitly: [SBI $D99E9709] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\SimplyGen

Complitly: [SBI $52ABDAA1] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda

Complitly: [SBI $52ABDAA1] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda

Conduit.SearchProtect: [SBI $C559C1BC] Settings (Registry Value, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\SearchProtect\Environment

Conduit.SearchProtect: [SBI $746A4EE2] Settings (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\SearchProtect

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

Windows Explorer: [SBI $D20DA0AD] Recent file global history (Registry Key, nothing done)
  HKEY_USERS\S-1-5-21-1487551961-3572496284-799048130-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Cache: [SBI $49804B54] Browser: Cache (2) (Browser: Cache, nothing done)
 

Cookie: [SBI $49804B54] Browser: Cookie (3) (Browser: Cookie, nothing done)
 


--- Spybot - Search & Destroy version: 2.1.18.131  DLL (build: 20130516) ---

2013-09-20 blindman.exe (2.2.18.151)
2013-09-20 explorer.exe (2.2.18.177)
2013-09-20 SDBootCD.exe (2.2.18.109)
2013-09-20 SDCleaner.exe (2.2.18.110)
2013-09-20 SDDelFile.exe (2.2.18.94)
2013-06-18 SDDisableProxy.exe
2013-09-20 SDFiles.exe (2.2.18.135)
2013-09-20 SDFileScanHelper.exe (2.2.16.1)
2013-10-15 SDFSSvc.exe (2.2.25.211)
2013-10-10 SDHookHelper.exe (2.3.30.2)
2013-10-10 SDHookInst32.exe (2.3.30.2)
2013-10-10 SDHookInst64.exe (2.3.30.2)
2013-09-20 SDImmunize.exe (2.2.18.130)
2013-05-16 SDLogReport.exe (2.1.18.107)
2013-10-14 SDOnAccess.exe (2.2.25.4)
2013-09-20 SDPESetup.exe (2.2.18.3)
2013-09-20 SDPEStart.exe (2.2.18.86)
2013-09-20 SDPhoneScan.exe (2.2.18.28)
2013-09-20 SDPRE.exe (2.2.18.22)
2013-09-20 SDPrepPos.exe (2.2.18.10)
2013-09-20 SDQuarantine.exe (2.2.18.103)
2013-09-20 SDRootAlyzer.exe (2.2.18.116)
2013-09-20 SDSBIEdit.exe (2.2.18.39)
2013-09-20 SDScan.exe (2.2.18.177)
2013-09-20 SDScript.exe (2.2.18.53)
2013-10-15 SDSettings.exe (2.2.25.138)
2013-09-20 SDShell.exe (2.2.18.2)
2013-09-20 SDShred.exe (2.2.18.107)
2013-09-20 SDSysRepair.exe (2.2.18.101)
2013-09-20 SDTools.exe (2.2.18.150)
2013-07-25 SDTray.exe (2.1.21.129)
2013-09-20 SDUpdate.exe (2.2.18.91)
2013-09-20 SDUpdSvc.exe (2.2.18.76)
2013-09-20 SDWelcome.exe (2.2.21.129)
2013-09-13 SDWSCSvc.exe (2.2.22.2)
2013-06-19 spybotsd2-translation-frx.exe
2014-01-02 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2013-05-16 SDAdvancedCheckLibrary.dll (2.1.18.98)
2013-05-16 SDAV.dll
2013-05-16 SDECon32.dll (2.1.18.113)
2013-05-16 SDECon64.dll (2.1.18.113)
2013-04-05 SDEvents.dll (2.1.16.2)
2013-10-14 SDFileScanLibrary.dll (2.2.25.14)
2013-10-10 SDHook32.dll (2.3.30.2)
2013-10-10 SDHook64.dll (2.3.30.2)
2013-05-16 SDImmunizeLibrary.dll (2.1.18.2)
2013-05-16 SDLicense.dll (2.1.18.0)
2013-05-16 SDLists.dll (2.1.18.4)
2013-05-16 SDResources.dll (2.1.18.7)
2013-05-16 SDScanLibrary.dll (2.1.18.131)
2013-05-16 SDTasks.dll (2.1.18.15)
2013-05-16 SDWinLogon.dll (2.1.18.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2013-05-16 Tools.dll (2.1.18.36)
2014-03-05 Includes\Adware-000.sbi (*)
2014-01-08 Includes\Adware-001.sbi (*)
2014-03-26 Includes\Adware-C.sbi (*)
2014-01-13 Includes\Adware.sbi (*)
2014-01-13 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2014-01-08 Includes\Dialer-000.sbi (*)
2014-01-08 Includes\Dialer-001.sbi (*)
2014-01-08 Includes\Dialer-C.sbi (*)
2014-01-13 Includes\Dialer.sbi (*)
2014-01-13 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2014-01-08 Includes\Hijackers-000.sbi (*)
2014-01-08 Includes\Hijackers-001.sbi (*)
2014-01-08 Includes\Hijackers-C.sbi (*)
2014-01-13 Includes\Hijackers.sbi (*)
2014-01-13 Includes\HijackersC.sbi (*)
2014-01-08 Includes\iPhone-000.sbi (*)
2014-01-08 Includes\iPhone.sbi (*)
2014-01-08 Includes\Keyloggers-000.sbi (*)
2014-03-19 Includes\Keyloggers-C.sbi (*)
2014-01-13 Includes\Keyloggers.sbi (*)
2014-01-13 Includes\KeyloggersC.sbi (*)
2014-01-09 Includes\Malware-001.sbi (*)
2014-01-09 Includes\Malware-002.sbi (*)
2014-02-05 Includes\Malware-003.sbi (*)
2014-01-28 Includes\Malware-004.sbi (*)
2014-01-09 Includes\Malware-005.sbi (*)
2014-02-26 Includes\Malware-006.sbi (*)
2014-01-09 Includes\Malware-007.sbi (*)
2014-03-19 Includes\Malware-C.sbi (*)
2014-01-13 Includes\Malware.sbi (*)
2013-12-23 Includes\MalwareC.sbi (*)
2014-01-15 Includes\PUPS-000.sbi (*)
2014-01-15 Includes\PUPS-001.sbi (*)
2014-01-15 Includes\PUPS-002.sbi (*)
2014-03-26 Includes\PUPS-C.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2014-01-07 Includes\PUPSC.sbi (*)
2014-01-08 Includes\Security-000.sbi (*)
2014-01-08 Includes\Security-C.sbi (*)
2014-01-21 Includes\Security.sbi (*)
2014-01-21 Includes\SecurityC.sbi (*)
2014-01-08 Includes\Spyware-000.sbi (*)
2014-01-08 Includes\Spyware-001.sbi (*)
2014-01-08 Includes\Spyware-C.sbi (*)
2014-01-21 Includes\Spyware.sbi (*)
2014-01-21 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2012-11-19 Includes\Tracks.uti (*)
2014-01-15 Includes\Trojans-000.sbi (*)
2014-01-15 Includes\Trojans-001.sbi (*)
2014-01-15 Includes\Trojans-002.sbi (*)
2014-01-15 Includes\Trojans-003.sbi (*)
2014-01-15 Includes\Trojans-004.sbi (*)
2014-03-19 Includes\Trojans-005.sbi (*)
2014-01-15 Includes\Trojans-006.sbi (*)
2014-01-15 Includes\Trojans-007.sbi (*)
2014-01-15 Includes\Trojans-008.sbi (*)
2014-01-15 Includes\Trojans-009.sbi (*)
2014-03-26 Includes\Trojans-C.sbi (*)
2014-01-15 Includes\Trojans-OG-000.sbi (*)
2014-01-15 Includes\Trojans-TD-000.sbi (*)
2014-01-15 Includes\Trojans-VM-000.sbi (*)
2014-01-15 Includes\Trojans-VM-001.sbi (*)
2014-01-15 Includes\Trojans-VM-002.sbi (*)
2014-01-15 Includes\Trojans-VM-003.sbi (*)
2014-01-15 Includes\Trojans-VM-004.sbi (*)
2014-01-15 Includes\Trojans-VM-005.sbi (*)
2014-01-15 Includes\Trojans-VM-006.sbi (*)
2014-01-15 Includes\Trojans-VM-007.sbi (*)
2014-01-15 Includes\Trojans-VM-008.sbi (*)
2014-01-15 Includes\Trojans-VM-009.sbi (*)
2014-01-15 Includes\Trojans-VM-010.sbi (*)
2014-01-15 Includes\Trojans-VM-011.sbi (*)
2014-01-15 Includes\Trojans-VM-012.sbi (*)
2014-01-15 Includes\Trojans-VM-013.sbi (*)
2014-01-15 Includes\Trojans-VM-014.sbi (*)
2014-01-15 Includes\Trojans-VM-015.sbi (*)
2014-01-15 Includes\Trojans-VM-016.sbi (*)
2014-01-15 Includes\Trojans-VM-017.sbi (*)
2014-01-15 Includes\Trojans-VM-018.sbi (*)
2014-01-15 Includes\Trojans-VM-019.sbi (*)
2014-01-15 Includes\Trojans-VM-020.sbi (*)
2014-01-15 Includes\Trojans-VM-021.sbi (*)
2014-01-15 Includes\Trojans-VM-022.sbi (*)
2014-01-15 Includes\Trojans-VM-023.sbi (*)
2014-01-15 Includes\Trojans-VM-024.sbi (*)
2014-01-15 Includes\Trojans-ZB-000.sbi (*)
2014-01-15 Includes\Trojans-ZL-000.sbi (*)
2014-01-09 Includes\Trojans.sbi (*)
2014-01-16 Includes\TrojansC-01.sbi (*)
2014-01-16 Includes\TrojansC-02.sbi (*)
2014-01-16 Includes\TrojansC-03.sbi (*)
2014-01-16 Includes\TrojansC-04.sbi (*)
2014-01-16 Includes\TrojansC-05.sbi (*)
2014-01-09 Includes\TrojansC.sbi (*)




HiJack This log from March 31:

Code: Select all
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:28:23 PM, on 3/31/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16521)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Users\Imari\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
D:\iTunesHelper.exe
D:\Program Files (x86)\program\soffice.exe
D:\Program Files (x86)\program\soffice.bin
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
C:\Windows\SysWOW64\NOTEPAD.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\Imari\AppData\Roaming\Complitly\Complitly.dll (file missing)
O2 - BHO: Trend Micro NSC BHO - {1CA1377B-DC1D-4A52-9585-6E06050FAC53} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: TmBpIeBHO - {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files (x86)\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
O4 - HKLM\..\Run: [iTunesHelper] "D:\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Imari\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_088366B8425CDDF58F863564672C4010] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
O4 - HKCU\..\Run: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_70_Plugin.exe -update plugin
O4 - HKUS\S-1-5-18\..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SpUninstallDeleteDir] rmdir /s /q "\SearchProtect" (User 'Default user')
O4 - Startup: Dropbox.lnk = Imari\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: OpenOffice.org 3.3.lnk = D:\Program Files (x86)\program\quickstart.exe
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: Adobe SwitchBoard (SwitchBoard) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 15351 bytes



Hitman Pro log from March 31:

[code]
HitmanPro 3.7.9.216
www.hitmanpro.com

Computer name . . . . : IMARI-PC
Windows . . . . . . . : 6.1.1.7601.X64/2
User name . . . . . . : Imari-PC\Imari
UAC . . . . . . . . . : Enabled
License . . . . . . . : Free

Scan date . . . . . . : 2014-03-31 13:56:43
Scan mode . . . . . . : Normal
Scan duration . . . . : 14m 5s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No

Threats . . . . . . . : 0
Traces . . . . . . . : 252

Objects scanned . . . : 1,350,849
Files scanned . . . . : 29,700
Remnants scanned . . : 365,345 files / 955,804 keys

Potential Unwanted Programs _________________________________________________

session/startup_urls[1]
C:\Users\Imari\AppData\Local\Google\Chrome\User Data\Default\Preferences

C:\Users\Imari\AppData\LocalLow\Conduit\ (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\ (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173.128848965243869715.search.history.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173.128848965243869715.search.selectedEngineId.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173.128848965243869715.search.settings.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173.installUsage.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173.installUsageEarly.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173.NOTIFICATION_ID.notifications-repository.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173.NOTIFICATION_ID.notifications-service_657446.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173.NOTIFICATION_ID.notifications-servicemap.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173.NotificationSettings.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173.savedPositions.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173.searchProtectorData.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173.searchUserMode.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173.serviceLayer_service_login_isFirstLoginInvoked.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.15.2.23.serviceLayer_services_appsMetadata.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.15.2.23.serviceLayer_services_appTrackingFirstTime.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.15.2.23.serviceLayer_services_gottenAppsContextMenu.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.15.2.23.serviceLayer_services_location.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.15.2.23.serviceLayer_services_login.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.15.2.23.serviceLayer_services_otherAppsContextMenu.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.15.2.23.serviceLayer_services_searchAPI.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.15.2.23.serviceLayer_services_serviceMap.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.15.2.23.serviceLayer_services_toolbarContextMenu.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.15.2.23.serviceLayer_services_toolbarSettings.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.15.2.23.serviceLayer_services_translation.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.15.2.523.serviceLayer_services_appsMetadata.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.15.2.523.serviceLayer_services_appTrackingFirstTime.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.15.2.523.serviceLayer_services_gottenAppsContextMenu.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.15.2.523.serviceLayer_services_location.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.15.2.523.serviceLayer_services_login.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.15.2.523.serviceLayer_services_otherAppsContextMenu.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.15.2.523.serviceLayer_services_searchAPI.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.15.2.523.serviceLayer_services_serviceMap.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.15.2.523.serviceLayer_services_toolbarContextMenu.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.15.2.523.serviceLayer_services_toolbarSettings.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.15.2.523.serviceLayer_services_translation.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.16.100.504.serviceLayer_services_appsMetadata.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.16.100.504.serviceLayer_services_appTrackingFirstTime.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.16.100.504.serviceLayer_services_Configuration.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.16.100.504.serviceLayer_services_gottenAppsContextMenu.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.16.100.504.serviceLayer_services_login.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.16.100.504.serviceLayer_services_otherAppsContextMenu.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.16.100.504.serviceLayer_services_searchAPI.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.16.100.504.serviceLayer_services_serviceMap.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.16.100.504.serviceLayer_services_toolbarContextMenu.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.16.100.504.serviceLayer_services_toolbarSettings.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.16.100.504.serviceLayer_services_translation.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.16.4.512.serviceLayer_services_appsMetadata.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.16.4.512.serviceLayer_services_appTrackingFirstTime.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.16.4.512.serviceLayer_services_Configuration.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.16.4.512.serviceLayer_services_gottenAppsContextMenu.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbbjak\Repository\CT2260173_10.16.4.512.serviceLayer_services_login.txt (Conduit)
C:\Users\Imari\AppData\LocalLow\Conduit\ChromeExtData\apjkpjchfbckhjhokinlgdbmibpbb
Last edited by Nightwingsgurl on Mon Apr 07, 2014 7:16 am, edited 2 times in total.
Nightwingsgurl
Pilgrim
Pilgrim
 
Posts: 8
Joined: Mon Mar 31, 2014 10:15 am

Postby evasive » Mon Apr 07, 2014 12:08 am

Your hijackthis log comes up clean. This:
http://www.bleepingcomputer.com/downloa ... er/dl/125/

will take care of Conduit in Chrome. Yes, remove that one.
We hate rut, but we fear change.
********************************
System error, strike any user to continue...
evasive
Mobo-fu Master
Mobo-fu Master
 
Posts: 37389
Joined: Sun May 06, 2001 12:01 am
Location: Netherlands

Postby Nightwingsgurl » Mon Apr 07, 2014 7:13 am

evasive wrote:Your hijackthis log comes up clean. This:
http://www.bleepingcomputer.com/downloa ... er/dl/125/

will take care of Conduit in Chrome. Yes, remove that one.



Thank you. I ran that before but was unsure of what to remove. I don't want the Complitly (which Spybot registers as a critical threat, and which I didn't intentionally install) or Coupon Bar (which it registers as a low-medium threat).

Here are my logs from adwcleaner:

Code: Select all
 # AdwCleaner v3.023 - Report created 07/04/2014 at 11:08:42
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Imari - IMARI-PC
# Running from : C:\Users\Imari\Downloads\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****


***** [ Files / Folders ] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\nsprotector.js
Folder Found C:\ProgramData\Partner
Folder Found C:\Users\Imari\AppData\Local\NativeMessaging
Folder Found C:\Users\Imari\AppData\Local\WhiteListing
Folder Found C:\Users\Imari\AppData\LocalLow\Conduit
Folder Found C:\Users\Imari\AppData\Roaming\Mozilla\Firefox\Profiles\j3c4jgnx.default\ConduitCommon
Folder Found C:\Users\Imari\AppData\Roaming\Mozilla\Firefox\Profiles\j3c4jgnx.default\FCTB
Folder Found C:\Windows\SysWOW64\SearchProtect

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\SmartBar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : [x64] HKCU\Software\Conduit
Key Found : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Key Found : HKLM\SOFTWARE\Classes\AppID\{442F13BC-2031-42D5-9520-437F65271153}
Key Found : HKLM\SOFTWARE\Classes\AppID\Complitly.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022442293}
Key Found : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066446693}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Found : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO
Key Found : HKLM\SOFTWARE\Classes\SuggestMeYes.SuggestMeYesBHO.1
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{01BCB858-2F62-4F06-A8F4-48F927C15333}
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\dlfienamagdnkekbbbocojppncdambda
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : HKLM\Software\SearchProtect
Key Found : HKLM\Software\SimplyGen
Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{0FB6A909-6086-458F-BD92-1F8EE10042A0}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066446693}
Key Found : [x64] HKLM\SOFTWARE\Classes\Interface\{C9AE652B-8C99-4AC2-B556-8B501182874E}
Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0FB6A909-6086-458F-BD92-1F8EE10042A0}

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Users\Imari\AppData\Roaming\Mozilla\Firefox\Profiles\j3c4jgnx.default\prefs.js ]

Line Found : user_pref("CT2260173..clientLogIsEnabled", false);
Line Found : user_pref("CT2260173..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Found : user_pref("CT2260173..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Found : user_pref("CT2260173.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Line Found : user_pref("CT2260173.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Found : user_pref("CT2260173.CT2260173", "CT2260173");
Line Found : user_pref("CT2260173.CommunitiesChangesLastCheckTime", "0");
Line Found : user_pref("CT2260173.CurrentServerDate", "7-3-2012");
Line Found : user_pref("CT2260173.DSInstall", true);
Line Found : user_pref("CT2260173.DialogsAlignMode", "LTR");
Line Found : user_pref("CT2260173.DialogsGetterLastCheckTime", "Mon Mar 05 2012 00:59:52 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CT2260173.DownloadReferralCookieData", "");
Line Found : user_pref("CT2260173.EMailNotifierPollDate", "Wed Mar 07 2012 14:51:22 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CT2260173.FeedLastCount128940659599556287", 0);
Line Found : user_pref("CT2260173.FeedPollDate128940659196275477", "Wed Mar 07 2012 14:51:22 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CT2260173.FeedPollDate128940659574712536", "Wed Mar 07 2012 14:13:17 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CT2260173.FeedTTL128940659574712536", 40);
Line Found : user_pref("CT2260173.FirstServerDate", "16-2-2012");
Line Found : user_pref("CT2260173.FirstTime", true);
Line Found : user_pref("CT2260173.FirstTimeFF3", true);
Line Found : user_pref("CT2260173.FixPageNotFoundErrors", false);
Line Found : user_pref("CT2260173.GroupingInvalidateCache", false);
Line Found : user_pref("CT2260173.GroupingLastCheckTime", "0");
Line Found : user_pref("CT2260173.GroupingLastServerUpdateTime", "0");
Line Found : user_pref("CT2260173.GroupingServerCheckInterval", 1440);
Line Found : user_pref("CT2260173.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Found : user_pref("CT2260173.HPInstall", false);
Line Found : user_pref("CT2260173.HasUserGlobalKeys", true);
Line Found : user_pref("CT2260173.HomePageProtectorEnabled", false);
Line Found : user_pref("CT2260173.HomepageBeforeUnload", "chrome://branding/locale/browserconfig.properties");
Line Found : user_pref("CT2260173.Initialize", true);
Line Found : user_pref("CT2260173.InitializeCommonPrefs", true);
Line Found : user_pref("CT2260173.InstallationAndCookieDataSentCount", 3);
Line Found : user_pref("CT2260173.InstallationType", "Unknown");
Line Found : user_pref("CT2260173.InstalledDate", "Sun Feb 12 2012 23:09:06 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CT2260173.InvalidateCache", false);
Line Found : user_pref("CT2260173.IsAlertDBUpdated", true);
Line Found : user_pref("CT2260173.IsGrouping", false);
Line Found : user_pref("CT2260173.IsInitSetupIni", true);
Line Found : user_pref("CT2260173.IsMulticommunity", false);
Line Found : user_pref("CT2260173.IsOpenThankYouPage", true);
Line Found : user_pref("CT2260173.IsOpenUninstallPage", true);
Line Found : user_pref("CT2260173.LanguagePackLastCheckTime", "Wed Mar 07 2012 14:46:21 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CT2260173.LanguagePackReloadIntervalMM", 1440);
Line Found : user_pref("CT2260173.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Found : user_pref("CT2260173.LastLogin_3.10.0.1", "Wed Mar 07 2012 14:46:21 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CT2260173.LastLogin_3.9.0.3", "Wed Mar 07 2012 09:53:32 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CT2260173.LatestVersion", "3.10.0.1");
Line Found : user_pref("CT2260173.Locale", "en");
Line Found : user_pref("CT2260173.MCDetectTooltipHeight", "83");
Line Found : user_pref("CT2260173.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Found : user_pref("CT2260173.MCDetectTooltipWidth", "295");
Line Found : user_pref("CT2260173.MyStuffEnabledAtInstallation", true);
Line Found : user_pref("CT2260173.OriginalFirstVersion", "3.9.0.3");
Line Found : user_pref("CT2260173.RadioIsPodcast", false);
Line Found : user_pref("CT2260173.RadioLastCheckTime", "Wed Mar 07 2012 01:13:03 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CT2260173.RadioLastUpdateIPServer", "3");
Line Found : user_pref("CT2260173.RadioLastUpdateServer", "0");
Line Found : user_pref("CT2260173.RadioMediaID", "9942");
Line Found : user_pref("CT2260173.RadioMediaType", "Media Player");
Line Found : user_pref("CT2260173.RadioMenuSelectedID", "EBRadioMenu_CT22601739942");
Line Found : user_pref("CT2260173.RadioShrinkedFromSetup", false);
Line Found : user_pref("CT2260173.RadioStationName", "1.FM%20(Country)");
Line Found : user_pref("CT2260173.RadioStationURL", "hxxp://1.fm/wm/energycountry32k.asx");
Line Found : user_pref("CT2260173.SHRINK_TOOLBAR", 1);
Line Found : user_pref("CT2260173.SearchCaption", "Swag Bucks Customized Web Search");
Line Found : user_pref("CT2260173.SearchEngineBeforeUnload", "Web Search");
Line Found : user_pref("CT2260173.SearchFromAddressBarIsInit", true);
Line Found : user_pref("CT2260173.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=2&q=");
Line Found : user_pref("CT2260173.SearchInNewTabEnabled", true);
Line Found : user_pref("CT2260173.SearchInNewTabIntervalMM", 1440);
Line Found : user_pref("CT2260173.SearchInNewTabLastCheckTime", "Wed Mar 07 2012 14:46:22 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CT2260173.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Found : user_pref("CT2260173.SearchProtectorEnabled", false);
Line Found : user_pref("CT2260173.SearchProtectorToolbarDisabled", false);
Line Found : user_pref("CT2260173.SendProtectorDataViaLogin", true);
Line Found : user_pref("CT2260173.ServiceMapLastCheckTime", "Wed Mar 07 2012 14:46:20 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CT2260173.SettingsLastCheckTime", "Wed Mar 07 2012 14:46:19 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CT2260173.SettingsLastUpdate", "1326723880");
Line Found : user_pref("CT2260173.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2260173&SearchSource=13");
Line Found : user_pref("CT2260173.ThirdPartyComponentsInterval", 504);
Line Found : user_pref("CT2260173.ThirdPartyComponentsLastCheck", "Wed Mar 07 2012 14:46:19 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CT2260173.ThirdPartyComponentsLastUpdate", "1312887586");
Line Found : user_pref("CT2260173.ToolbarShrinkedFromSetup", false);
Line Found : user_pref("CT2260173.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2260173");
Line Found : user_pref("CT2260173.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityToolbars.com,ForumToolbar.com,MyBlogToolbar.com,MyCity[...]
Line Found : user_pref("CT2260173.UserID", "UN97761848826736965");
Line Found : user_pref("CT2260173.ValidationData_Search", 2);
Line Found : user_pref("CT2260173.ValidationData_Toolbar", 2);
Line Found : user_pref("CT2260173.WeatherNetwork", "");
Line Found : user_pref("CT2260173.WeatherPollDate", "Wed Mar 07 2012 14:46:22 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CT2260173.WeatherUnit", "C");
Line Found : user_pref("CT2260173.alertChannelId", "657446");
Line Found : user_pref("CT2260173.components.1000034", true);
Line Found : user_pref("CT2260173.components.1000082", true);
Line Found : user_pref("CT2260173.components.1000234", true);
Line Found : user_pref("CT2260173.generalConfigFromLogin", "{"ApiMaxAlerts":"12","SocialDomains":"social.conduit.com;apps.conduit.com;services.apps.conduit.com","AppsDetectionUrlPattern":"hxxp://appdown[...]
Line Found : user_pref("CT2260173.globalFirstTimeInfoLastCheckTime", "Sun Feb 26 2012 22:30:43 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CT2260173.homepageProtectorEnableByLogin", true);
Line Found : user_pref("CT2260173.initDone", true);
Line Found : user_pref("CT2260173.isAppTrackingManagerOn", true);
Line Found : user_pref("CT2260173.isFirstRadioInstallation", false);
Line Found : user_pref("CT2260173.myStuffEnabled", true);
Line Found : user_pref("CT2260173.myStuffPublihserMinWidth", 400);
Line Found : user_pref("CT2260173.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Found : user_pref("CT2260173.myStuffServiceIntervalMM", 1440);
Line Found : user_pref("CT2260173.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Found : user_pref("CT2260173.oldAppsList", "128848965243869714,128848965243869715,111,128958821111237507,128940706283150316,129441809115231739,128940706522681543,128940651219556906,128941656432219667,12894165[...]
Line Found : user_pref("CT2260173.revertSettingsEnabled", false);
Line Found : user_pref("CT2260173.searchProtectorDialogDelayInSec", 10);
Line Found : user_pref("CT2260173.searchProtectorEnableByLogin", true);
Line Found : user_pref("CT2260173.testingCtid", "");
Line Found : user_pref("CT2260173.toolbarAppMetaDataLastCheckTime", "Wed Mar 07 2012 14:46:21 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CT2260173.toolbarContextMenuLastCheckTime", "Sun Feb 26 2012 23:08:53 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CT2260173.usagesFlag", 2);
Line Found : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2260173/CT2260173", ""a4769207f0425a793c4eea27c9caa4b21"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/657446/653307/US", ""0"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2260173", ""0"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "wVmmvqqOMqrv5xct1cJIHg==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "0uSPYx+Kl2jpu8sJZMeHjw==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "Dclc8oo4TTv7+mAkSlUSWg==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "cTVrc75U9YwdI74PAhUYFw==");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", ""d229fa25f6c9cc1:0"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.0.3", ""801a319dd78ccc1:0"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2260173", ""7097bb27983d23fb65dfbd9398fad22c"");
Line Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", ""15c6875f0df8cf57859fb5c237274efb"");
Line Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Imari\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\j3c4jgnx.default\\conduitCommon\\modules\\3.10.0.1");
Line Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.10.0.1");
Line Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxps://www.mypoints.com/emp/u/mysearch.vm?st=mypWeb&fctb.dns=1&q=");
Line Found : user_pref("CommunityToolbar.ToolbarsList", "CT2260173");
Line Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2260173");
Line Found : user_pref("CommunityToolbar.ToolbarsList4", "CT2260173");
Line Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed Mar 07 2012 14:46:21 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CommunityToolbar.globalUserId", "47707fef-b91d-4af6-a772-fbcb01bed7ad");
Line Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Line Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Line Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2260173");
Line Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Mar 07 2012 14:46:21 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CommunityToolbar.notifications.alertEnabled", true);
Line Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
Line Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Wed Mar 07 2012 14:46:28 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Found : user_pref("CommunityToolbar.notifications.locale", "en");
Line Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Line Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Mar 07 2012 14:46:21 GMT-0500 (Eastern Standard Time)");
Line Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Line Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Line Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Line Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Line Found : user_pref("CommunityToolbar.notifications.userId", "1c3d269c-3627-4145-ab52-0dcbd47b9c7f");
Line Found : user_pref("CommunityToolbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Line Found : user_pref("CommunityToolbar.originalSearchEngine", "Web Search");
Line Found : user_pref("extensions.crossrider.bic", "13bb4c0eb7c0448666640a1551b7b1b4");
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.2799403.KeywordHistory", "Black%2520Mountain%2520Library%7CAP%2520publication%7Centry%2520level%2520reporter%2520salary%7CYo-yo%7CSwagbucks");
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.AutoSearchEventData", "auto%20search");
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.ClearCacheDate", 7);
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.DNSCatch", true);
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.DisplayEULA", false);
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.DnsCatchEventData", "dns%20catch");
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.FirstLaunchShown", true);
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.LoadLayoutDate.60497", 7);
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.MailLastCheckTime", 1331149877);
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.NewTabSearchEventData", "tab%20search");
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.RemoveAllData", true);
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.ShowRecommendedOptions", false);
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.StateReportDate", "1330996588045");
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.TopRightSearchEventData", "top%20right%20search");
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.api.settings.fctoolbar51ef49d2624b41948b971c468e9b0efe.user", "4efb4t");
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.beforeInstallSaved", true);
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.beforeinstall.homepage", "chrome%3A//branding/locale/browserconfig.properties");
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.beforeinstall.search", "Google");
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.customNewTab", false);
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.helpUsImprove", true);
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.hideOthers", false);
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.processAddrBar", true);
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.remove_search", true);
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.restoreSearch", false);
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.searchHistory", true);
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.session", "78ACB88B2AF9A70D636CEC356F75612693A6A89F506C57951E9CC7F0B3D62F0CE2CFBB707DF7E0ED405D92FD6C0BCA3237695A31FEA68579DAF0781196AF32318EE586D4[...]
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.showFirstLaunchOptions", false);
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.tb_lang", "en");
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.tool_id", "60497");
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.user_id", "74830059");
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.user_key", "78a743b2106965bae0b388d283532236ecb7aded");
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.user_layouts", "60497");
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.user_lnames", "MyPoints%20Point%20Finder");
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.weather_location_IDcid2799617", "USNC0678");
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.weather_location_namecid2799617", "Swannanoa%2C%20NC");
Line Found : user_pref("freecause51ef49d2624b41948b971c468e9b0efe.yahooSearch", false);

-\\ Google Chrome v33.0.1750.154

[ File : C:\Users\Imari\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [22262 octets] - [31/03/2014 14:05:55]
AdwCleaner[R1].txt - [21464 octets] - [07/04/2014 11:08:42]

########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [21525 octets] ##########
Nightwingsgurl
Pilgrim
Pilgrim
 
Posts: 8
Joined: Mon Mar 31, 2014 10:15 am

Postby evasive » Wed Apr 09, 2014 7:09 am

You can use the Clean option next for adwcleaner on all that is listed.
We hate rut, but we fear change.
********************************
System error, strike any user to continue...
evasive
Mobo-fu Master
Mobo-fu Master
 
Posts: 37389
Joined: Sun May 06, 2001 12:01 am
Location: Netherlands

Next

Return to Virus/Spyware/Security

Who is online

Users browsing this forum: No registered users and 1 guest

cron