Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

google's all in german


  • This topic is locked This topic is locked
3 replies to this topic

#1 bakayurei

bakayurei

  • Members
  • 30 posts
  • OFFLINE
  •  
  • Local time:02:00 AM

Posted 04 December 2015 - 07:30 PM

hello, i'm not completely sure that this is the right place to ask about this but the people around here have helped me get rid of infections several times in the past so i'll see if you can help me with this as well.. google's all in german, i'm using the latest version of chrome and my operating system is windows 7 if that's at all relevant, in the settings for the browser i've set the omnibox to search using www.google.co.uk, and i've set the home page as that as well, but the homepage is google.de and so is the omnibox, what that uses to search.. i thought it might be because of a thing i use to hide my IP address, it might have been bouncing my information off a german server (or however that kind of thing's done), but that's been switched off and google's still german.. is this the first sign of the fourth reich, or is there a simpler reason for it? i've recently scanned my computer with malwarebytes anti malware and it found a few things but i don't know what they are, i've copied the log of that scan if you want to look at it.. thanks for your help and answers if you have any to give, and let me know what other information you'll need if you can't work this out from what i've told you

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 30/11/2015
Scan Time: 01:59
Logfile: mbam scan.txt
Administrator: Yes
 
Version: 2.2.0.1024
Malware Database: v2015.11.29.04
Rootkit Database: v2015.11.26.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Any1
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 384841
Time Elapsed: 36 min, 42 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 2
PUP.Optional.Spigot, HKU\S-1-5-21-1240110643-2206711756-367251617-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{34E61C39-435D-460A-B6E0-1949C66A9DB8}, Quarantined, [438596ed0883c96d3d262481d92af40c], 
PUP.Optional.Spigot, HKU\S-1-5-21-1240110643-2206711756-367251617-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{5B256B4A-9A7D-47E9-952C-8CE2282BF541}, Quarantined, [6266bfc42764d3639bc89a0b3fc49769], 
 
Registry Values: 2
PUP.Optional.Spigot, HKU\S-1-5-21-1240110643-2206711756-367251617-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{34E61C39-435D-460A-B6E0-1949C66A9DB8}|OSDFileURL, file:///C:/Program%20Files%20(x86)/Common%20Files/Spigot/Search%20Settings/yahoo_ie.xml, Quarantined, [438596ed0883c96d3d262481d92af40c]
PUP.Optional.Spigot, HKU\S-1-5-21-1240110643-2206711756-367251617-501\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{5B256B4A-9A7D-47E9-952C-8CE2282BF541}|OSDFileURL, file:///C:/Program%20Files%20(x86)/Common%20Files/Spigot/Search%20Settings/yahoo_ie.xml, Quarantined, [6266bfc42764d3639bc89a0b3fc49769]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 15
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Feeds, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\LanguagePacks, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Log, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer, Quarantined, [b612acd7315afc3a1568a6f0af537e82], 
PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}, Quarantined, [b612acd7315afc3a1568a6f0af537e82], 
 
Files: 72
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\DynamicDialogs.zip, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\DialogsAPI.js, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\PIE.htc, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\settings.js, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\version.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\AppNotification.js, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\initialNotification.html, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\main.html, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyle.css, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\sampleNotification.html, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\close.png, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\like.png, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next.png, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next_hover.png, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\powered-by.png, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev.png, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev_hover.png, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\settings.png, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Thumbs.db, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\close.png, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\Next.png, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\Next_hover.png, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\powered-by.png, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\Prev.png, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\Prev_hover.png, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\dark\settings.png, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\close.png, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\light\Thumbs.db, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_897164_892962_UK.xml, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\Community Alerts\LanguagePacks\en.xml, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091.1000034.Settings.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091.129079840422026594.search.selectedEngineId.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091.129079840422026594.search.settings.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091.129079840422964131.feed_129079840422964131.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091.AlertService.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091.AlertsInfoData.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091.appOptions.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091.NotificationSettings.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091.NOTIFICATION_ID.alert_login_service.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091.NOTIFICATION_ID.notifications_serviceMap.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091.pg_conf_global.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091.savedPositions.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091.searchProtectorData.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091_10.11.21.5.serviceLayer_services_appsMetadata.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091_10.11.21.5.serviceLayer_services_appTrackingFirstTime.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091_10.11.21.5.serviceLayer_services_gottenAppsContextMenu.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091_10.11.21.5.serviceLayer_services_login.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091_10.11.21.5.serviceLayer_services_optimizer.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091_10.11.21.5.serviceLayer_services_otherAppsContextMenu.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091_RAW.serviceLayer_services_translation.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091_10.11.21.5.serviceLayer_services_serviceMap.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091_10.11.21.5.serviceLayer_services_toolbarContextMenu.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091_10.11.21.5.serviceLayer_services_toolbarSettings.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091_10.11.21.5.serviceLayer_services_translation.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091_RAW.serviceLayer_services_appsMetadata.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091_RAW.serviceLayer_services_appTrackingFirstTime.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091_RAW.serviceLayer_services_gottenAppsContextMenu.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091_RAW.serviceLayer_services_login.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091_RAW.serviceLayer_services_optimizer.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091_RAW.serviceLayer_services_otherAppsContextMenu.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091_RAW.serviceLayer_services_searchAPI.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091_RAW.serviceLayer_services_serviceMap.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091_RAW.serviceLayer_services_toolbarContextMenu.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\toolbar_initializing_logger.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\uninstallData.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\uninstallUrl.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091_10.11.21.5.serviceLayer_services_searchAPI.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.ConduitTB.Gen, C:\Users\Any1\AppData\LocalLow\Conduit\ChromeExtData\ojpijjmpahflnipadmlpgbjmagmjchkk\Repository\CT2504091_RAW.serviceLayer_services_toolbarSettings.txt, Quarantined, [8345b2d18a01bb7bc01ee6b5867c14ec], 
PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.dat, Quarantined, [b612acd7315afc3a1568a6f0af537e82], 
PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.exe, Quarantined, [b612acd7315afc3a1568a6f0af537e82], 
PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\Setup.ico, Quarantined, [b612acd7315afc3a1568a6f0af537e82], 
PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setup.dll, Quarantined, [b612acd7315afc3a1568a6f0af537e82], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)


BC AdBot (Login to Remove)

 


#2 satchfan

satchfan

  • Malware Response Team
  • 2,937 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:02:00 AM

Posted 05 December 2015 - 03:15 AM

Hello bakayurei and welcome to Bleeping Computer.

My name is Satchfan and I would be glad to help you with your computer problem.

Please read the following guidelines which will help to make cleaning your machine easier:

  • please follow all instructions in the order posted
  • please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear
  • all logs/reports, etc. must be posted in Notepad. Please ensure that word wrap is unchecked. In Notepad click Format, uncheck Word wrap if it is checked
  • if you don't understand something, please don't hesitate to ask for clarification before proceeding
  • the fixes are specific to your problem and should only be used for this issue on this machine.
  • please reply within 3 days. If you do not reply within this period I will post a reminder but topics with no reply in 4 days will be closed!

IMPORTANT:

Please DO NOT install/uninstall any programs unless asked to.
Please DO NOT run any scans other than those requested

===================================================

Note: Please run these in the order given in the instructions.

===================================================

Download and run AdwCleaner

Download AdwCleaner from here and save it to your desktop.


  • run AdwCleaner
  • when it has finished, select Clean
  • if it asks to reboot, allow the reboot
  • on reboot a log will be produced; please attach the content of the log to your next reply.

===================================================

Download and run Junkware Removal Tool

thisisujrt.gif Please download Junkware Removal Tool to your desktop.

  • shut down your protection software now to avoid potential conflicts.
  • run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator"
  • the tool will open and start scanning your system
  • please be patient as this can take a while to complete depending on your system's specifications
  • on completion, a log (JRT.txt) is saved to your desktop and will automatically open
  • post the contents of JRT.txt into your next message.

===================================================

Run Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • press Scan button
  • it will produce a log called Frst.txt in the same directory the tool is run from
  • please copy and paste log back here.
  • the first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the Frst.txt into your reply.

Logs to include with next post:

AdwCleaner log
JRT.txt
Frst.txt
Addition.txt


Thanks

Satchfan

 


My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#3 satchfan

satchfan

  • Malware Response Team
  • 2,937 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:02:00 AM

Posted 07 December 2015 - 03:49 AM

It has been a couple of days since I replied to your request for help with your computer problems.

Please let me know if you are having problems and still need help.

Thanks

Satchfan


Edited by satchfan, 07 December 2015 - 03:51 AM.

My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.


#4 satchfan

satchfan

  • Malware Response Team
  • 2,937 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Devon, UK
  • Local time:02:00 AM

Posted 08 December 2015 - 08:42 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

My help is always free of charge. If you are happy with the help provided, if you wish you can make a donation to buy me a beer.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users