:processes explorer.exe iexplore.exe firefox.exe msnmsgr.exe Teatimer.exe :OTL IE - HKU\S-1-5-21-1871111397-3539990770-1974983793-1000\..\SearchScopes\{A79A856F-CF51-4F9D-9382-08ECB9299830}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3307695&CUI=UN67514204215484167&UM=3 [2013/08/31 10:24:14 | 000,000,000 | ---D | M] (SeeSimilar) -- C:\Users\drinus\AppData\Roaming\mozilla\Extensions\SeeSimilar@SeeSimilar.com CHR - Extension: 01NET.com V1 = C:\Users\drinus\AppData\Local\Google\Chrome\User Data\Default\Extensions\biahaobfpkgeiomkihcdgknebbhadonc\10.16.100.4_0\ O3 - HKLM\..\Toolbar: (eBuyClub) - {B00A2A69-AEB9-4466-A3D3-D965CCF868B6} - C:\Program Files\ShoppingBarreEbuyClub\tbcore3.dll () O3 - HKU\S-1-5-21-1871111397-3539990770-1974983793-1000\..\Toolbar\WebBrowser: (eBuyClub) - {B00A2A69-AEB9-4466-A3D3-D965CCF868B6} - C:\Program Files\ShoppingBarreEbuyClub\tbcore3.dll () O4 - HKLM\..\Run: [startertv_fr_19] File not found O4 - HKU\S-1-5-21-1871111397-3539990770-1974983793-1000\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe File not found O4 - HKU\S-1-5-21-1871111397-3539990770-1974983793-1000\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe File not found O4 - HKU\S-1-5-21-1871111397-3539990770-1974983793-1000\..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup File not found O9 - Extra Button: eBuyClub - {B00A2A69-AEB9-4466-A3D3-D965CCF868B6} - C:\Program Files\ShoppingBarreEbuyClub\tbcore3.dll () O9 - Extra 'Tools' menuitem : eBuyClub - {B00A2A69-AEB9-4466-A3D3-D965CCF868B6} - C:\Program Files\ShoppingBarreEbuyClub\tbcore3.dll () [2014/01/13 20:57:58 | 000,000,000 | ---D | C] -- C:\Program Files\ShoppingBarreEbuyClub [2012/10/11 11:34:57 | 000,000,000 | ---D | M] -- C:\ProgramData\Spybot - Search & Destroy [2013/08/30 23:01:27 | 000,000,000 | ---D | M] -- C:\Users\drinus\AppData\Local\avgchrome [2013/08/21 11:59:08 | 000,000,000 | ---D | M] -- C:\Users\drinus\AppData\Local\CRE [2012/10/11 11:34:58 | 000,000,000 | ---D | M] -- C:\Program Files\Spybot - Search & Destroy [2010/04/21 22:27:12 | 000,003,540 | ---- | M] () -- C:\windows\system32\Tasks\CreateChoiceProcessTask :reg [-HKEY_LOCAL_MACHINE\Software\BrowserChoice] [-HKEY_LOCAL_MACHINE\Software\ASK] [-HKEY_LOCAL_MACHINE\Software\Safer Networking Limited] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall"=DWORD:0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall"=DWORD:0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall"=DWORD:0 :Files C:\Users\drinus\AppData\Local\{*} C:\windows\Temp\* :commands [emptytemp]