Conduit Search/Toolbar

By GoldSparrow in Browser Hijackers

Translate To:

Threat Scorecard

Ranking:	58
Threat Level:	50 % (Medium)
Infected Computers:	1,015,727

First Seen:	January 2, 2013
Last Seen:	February 4, 2023
OS(es) Affected:	Windows

Conduit Search/Toolbar Image

Search.conduit.com is an online search engine which is usually accessed through a toolbar for your web browser. This website and toolbar are the work of the Conduit software. There have been various reports that the Search.conduit.com toolbar makes unauthorized changes to your web browser and that, when it comes time to remove this Browser Helper Object, the lack of a legitimate uninstaller causes several problems on the computer on which Search.conduit.com is installed.

Problems Associated with the Search.conduit.com Website and Toolbar

Affected computer users have reported that the Search.conduit.com toolbar causes browser redirects, forcing the affected user to visit the Search.conduit.com web page. Affected users have also found that Conduit's toolbar makes unauthorized changes to their web browser settings, such as changing the browser's homepage or its default search engine toolbar. ESG security researchers strongly recommend that users take extra care when installing browser toolbars. These kinds of applications tend to set off red flags when it comes to computer security since browser toolbar are common delivery vehicles for various kinds of malware. There are varieties of browser toolbars that are really adware, spyware or browser hijackers. Hackers take advantage of security vulnerabilities associated with BHOs (Browser Helper Objects) in order to infect their victims with malware. Toolbars that are advertised as helpful are also a practical way for criminals to take advantage of computer users, which are not very experienced in computer security.

Removing the Search.conduit.com Toolbar from Your Computer System

One of the problems associated with the Search.conduit.com toolbar is that Search.conduit.com does not include an uninstaller, making the removal of this application somewhat troublesome. The Search.conduit.com toolbar can be removed through the add/remove programs panel in the control panel. However, affected users will have to restore all the changes that this toolbar makes to their web browser preferences. This means restoring the default search engine and home page. Since this can be a tedious process, some computer users may prefer to reinstall their web browser or to restore it to default settings once the Search.conduit.com toolbar has been uninstalled. The Search.conduit.com toolbar is not attacking your computer like other malware, but Search.conduit.com has characteristics that make Search.conduit.com and inconvenience to many computer users.

Aliases

15 security vendors flagged this file as malicious.

Anti-Virus Software	Detection
Ikarus	not-a-virus:WebToolbar.Rubar
Ikarus	PUA.ClientConnect
McAfee	Artemis!EAF8104FE812
McAfee-GW-Edition	Artemis!Trojan
Avast	Win64:Malware-gen
AVG	Generic.ABF
McAfee	Artemis!CB65DD8AD8BC
Antiy-AVL	RiskWare[WebToolbar:not-a-virus]/Win32.Rubar
DrWeb	Adware.Toolbar.225
Kaspersky	not-a-virus:WebToolbar.Win32.Rubar.a
Symantec	WS.Reputation.1
AVG	Generic.4CC
McAfee-GW-Edition	Artemis
McAfee	Artemis!82FC4EAFF415
AVG	SearchProtect.1DD

SpyHunter Detects & Remove Conduit Search/Toolbar

File System Details

Conduit Search/Toolbar may create the following file(s):

Expand All | Collapse All

#	File Name	MD5	Detections Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
1.	A0028368.exe	ced18c00311fab6557daa7bfe9e3ba12	4,613
Name: A0028368.exe MD5: ced18c00311fab6557daa7bfe9e3ba12 Size: 2.13 MB (2135552 bytes) Detections: 4613 Type: Executable File Path: %SYSTEMDRIVE%\System Volume Information\_restore{06689D21-058A-4446-B0E2-E90A6A353332}\Fifoed\A0028368.exe\ Group: Malware file Last Updated: January 10, 2023
2.	avayvaxxvae.exe	bb17bcf355b790bf81670c0ca87ba2ec	143
Name: avayvaxxvae.exe MD5: bb17bcf355b790bf81670c0ca87ba2ec Size: 2.13 MB (2136064 bytes) Detections: 143 Type: Executable File Path: %SYSTEMDRIVE%\Users\user\AppData\Local\avayvaxxvae\avayvaxxvae.exe\ Group: Malware file Last Updated: January 10, 2023
3.	MLSClient.AutoUpdateService.exe	2d4160fc44148d48ecc30b1073b557e1	36
Name: MLSClient.AutoUpdateService.exe MD5: 2d4160fc44148d48ecc30b1073b557e1 Size: 22.52 KB (22528 bytes) Detections: 36 Type: Executable File Path: %PROGRAMFILES%\MLS\1.1.0.2.0.00\AutoUpdate\ Group: Malware file Last Updated: November 24, 2014
4.	MlsUI.exe	591d9419d5945906f50627286d82e5c5	31
Name: MlsUI.exe MD5: 591d9419d5945906f50627286d82e5c5 Size: 31.74 KB (31744 bytes) Detections: 31 Type: Executable File Path: %PROGRAMFILES%\MLS\1.1.0.2.0.00\App\ Group: Malware file Last Updated: November 24, 2014
5.	BackgroundContainer.dll	fa1e7216ecda699197cd4256bcfabdaa	16
Name: BackgroundContainer.dll MD5: fa1e7216ecda699197cd4256bcfabdaa Size: 325.95 KB (325952 bytes) Detections: 16 Type: Dynamic link library Path: %LOCALAPPDATA%\Tbccint\BackgroundContainer\ Group: Malware file Last Updated: March 18, 2020
6.	BackgroundContainer.dll	64b88809087171d885180e8b63979fa5	12
Name: BackgroundContainer.dll MD5: 64b88809087171d885180e8b63979fa5 Size: 325.95 KB (325952 bytes) Detections: 12 Type: Dynamic link library Path: %LOCALAPPDATA%\Tbccint\BackgroundContainer\ Group: Malware file Last Updated: March 23, 2016
7.	APISupport.dll	8d4739474723078967b674dc97ba3f1f	12
Name: APISupport.dll MD5: 8d4739474723078967b674dc97ba3f1f Size: 1.07 MB (1070400 bytes) Detections: 12 Type: Dynamic link library Path: %USERPROFILE%\Local Settings\Application Data\TB\APISupport\ Group: Malware file Last Updated: January 10, 2020
8.	avaxvyvax.exe	21ce5e311a2a0a2cb7529b71c76578f7	8
Name: avaxvyvax.exe MD5: 21ce5e311a2a0a2cb7529b71c76578f7 Size: 2.54 MB (2545664 bytes) Detections: 8 Type: Executable File Path: %LOCALAPPDATA%\avaxvyvax\ Group: Malware file Last Updated: January 30, 2015
9.	BackgroundContainer.dll	e6e5bab9447d259fec8f652b7af2be17	7
Name: BackgroundContainer.dll MD5: e6e5bab9447d259fec8f652b7af2be17 Size: 325.95 KB (325952 bytes) Detections: 7 Type: Dynamic link library Path: %SystemDrive%\Users\Margo M. Yarbray\AppData\Local\Conduit\BackgroundContainer\ Group: Malware file Last Updated: November 19, 2019
10.	The_Pirate_Bay.exe	92becf79224ac52f9e3943f6040090d7	5
Name: The_Pirate_Bay.exe MD5: 92becf79224ac52f9e3943f6040090d7 Size: 1.31 MB (1314064 bytes) Detections: 5 Type: Executable File Path: %USERPROFILE%\Mina dokument\Min musik\ Group: Malware file Last Updated: June 15, 2016
11.	BackgroundContainer.dll	0b51d7ac421cca21e9164d92302400a5	3
Name: BackgroundContainer.dll MD5: 0b51d7ac421cca21e9164d92302400a5 Size: 325.92 KB (325920 bytes) Detections: 3 Type: Dynamic link library Path: %SystemDrive%\Users\LV\AppData\Local\Conduit\BackgroundContainer\ Group: Malware file Last Updated: March 23, 2016
12.	ConduitHelper.exe	280062cb75b91fbf44abc416fc464a80	2
Name: ConduitHelper.exe MD5: 280062cb75b91fbf44abc416fc464a80 Size: 272.38 KB (272384 bytes) Detections: 2 Type: Executable File Path: %PUBLIC%\Conduit\ConduitHelper\ Group: Malware file Last Updated: March 30, 2016
13.	APISupport.dll	5691d2e4dce886cab24668a4451c0b05	2
Name: APISupport.dll MD5: 5691d2e4dce886cab24668a4451c0b05 Size: 1.08 MB (1082176 bytes) Detections: 2 Type: Dynamic link library Path: %LOCALAPPDATA%\TB\APISupport\ Group: Malware file Last Updated: March 23, 2016
14.	UninstallerUI.exe	d2fb0b4bbec33768550194d19548b062	2
Name: UninstallerUI.exe MD5: d2fb0b4bbec33768550194d19548b062 Size: 1.76 MB (1766888 bytes) Detections: 2 Type: Executable File Path: %ALLUSERSPROFILE%\Conduit\IE\CT3316068\ Group: Malware file Last Updated: June 17, 2020
15.	BackgroundContainer.dll	7183744a0b3fbb245d163ca1f4464974	1
Name: BackgroundContainer.dll MD5: 7183744a0b3fbb245d163ca1f4464974 Size: 20B (20 bytes) Detections: 1 Type: Dynamic link library Path: %LOCALAPPDATA%\Conduit\BackgroundContainer\ Group: Malware file Last Updated: March 23, 2016
16.	BackgroundContainer.dll	6abb50c6f10866d877b80a0f56706633	1
Name: BackgroundContainer.dll MD5: 6abb50c6f10866d877b80a0f56706633 Size: 20B (20 bytes) Detections: 1 Type: Dynamic link library Path: %SystemDrive%\Users\eder\AppData\Local\Conduit\BackgroundContainer\ Group: Malware file Last Updated: March 23, 2016
17.	APISupport.dll	0719fb9aa39b2f9fb32a2cfd79c15ec1	1
Name: APISupport.dll MD5: 0719fb9aa39b2f9fb32a2cfd79c15ec1 Size: 1.04 MB (1045312 bytes) Detections: 1 Type: Dynamic link library Path: %LOCALAPPDATA%\TB\APISupport\ Group: Malware file Last Updated: March 23, 2016
18.	TBMessagingHost.exe	6d3282fa8d14e621193a4e83ea189a31	1
Name: TBMessagingHost.exe MD5: 6d3282fa8d14e621193a4e83ea189a31 Size: 1.08 MB (1087296 bytes) Detections: 1 Type: Executable File Path: %LOCALAPPDATA%\NativeMessaging\CT2504091\1_0_2_0\ Group: Malware file Last Updated: March 26, 2016
19.	APISupport.dll	af9ade58b26a0bec3cfca744979ba58e	1
Name: APISupport.dll MD5: af9ade58b26a0bec3cfca744979ba58e Size: 1.04 MB (1045312 bytes) Detections: 1 Type: Dynamic link library Path: %LOCALAPPDATA%\TB\APISupport\ Group: Malware file Last Updated: March 23, 2016
20.	APISupport.dll	5d69ac8c1f0d99ce73da73446a742aa4	1
Name: APISupport.dll MD5: 5d69ac8c1f0d99ce73da73446a742aa4 Size: 1.04 MB (1045312 bytes) Detections: 1 Type: Dynamic link library Path: %LOCALAPPDATA%\TB\APISupport\ Group: Malware file Last Updated: March 23, 2016
21.	APISupport.dll	24bd5d772c3b22f265da59821d2df274	1
Name: APISupport.dll MD5: 24bd5d772c3b22f265da59821d2df274 Size: 991.04 KB (991040 bytes) Detections: 1 Type: Dynamic link library Path: %SystemDrive%\Users\xavier\AppData\Local\Conduit\APISupport\ Group: Malware file Last Updated: March 23, 2016
22.	APISupport.dll	8c7475dcf6b7dacf5d6571514a33fe47	1
Name: APISupport.dll MD5: 8c7475dcf6b7dacf5d6571514a33fe47 Size: 1.04 MB (1045312 bytes) Detections: 1 Type: Dynamic link library Path: %LOCALAPPDATA%\TB\APISupport\ Group: Malware file Last Updated: March 23, 2016
23.	UninstallerUI.exe	3cb679b8f9bf317aa423487a23efe220	1
Name: UninstallerUI.exe MD5: 3cb679b8f9bf317aa423487a23efe220 Size: 1.7 MB (1709168 bytes) Detections: 1 Type: Executable File Path: %ALLUSERSPROFILE%\Conduit\IE\CT1561552\ Group: Malware file Last Updated: March 30, 2016
24.	ConduitCrashHandler.exe	a4185bdaca04cf569cc14de1b0e9013d	1
Name: ConduitCrashHandler.exe MD5: a4185bdaca04cf569cc14de1b0e9013d Size: 144.08 KB (144088 bytes) Detections: 1 Type: Executable File Path: %LOCALAPPDATA%\Conduit\Update\1.3.25.25\ Group: Malware file Last Updated: March 30, 2016
25.	BackgroundContainer.dll	c493fbba3eb993039b872d6d47ebe8a3	1
Name: BackgroundContainer.dll MD5: c493fbba3eb993039b872d6d47ebe8a3 Size: 325.95 KB (325952 bytes) Detections: 1 Type: Dynamic link library Path: %USERPROFILE%\ Group: Malware file Last Updated: March 23, 2016
26.	BackgroundContainer.dll	d42c388f33a2099abc3a311691fa406e	1
Name: BackgroundContainer.dll MD5: d42c388f33a2099abc3a311691fa406e Size: 20B (20 bytes) Detections: 1 Type: Dynamic link library Path: %WINDIR%\system32\config\systemprofile\AppData\Local\Conduit\BackgroundContainer\ Group: Malware file Last Updated: March 23, 2016

More files

Registry Details

Conduit Search/Toolbar may create the following registry entry or registry entries:

CLSID

{1BBF13E0-551E-42DD-91F4-1A547443FFDA}

{30F9B915-B755-4826-820B-08FBA6BD249D}

{3c471948-f874-49f5-b338-4f214a2ee0b1}

{5CF209CF-1B8A-4D23-A927-1165BE2AEFD8}

{7473b6bd-4691-4744-a82b-7854eb3d70b6}

{afdbddaa-5d3f-42ee-b79c-185a7020515b}

{C0C2693D-2EE8-47B4-9DF7-B67A0EE31988}

{DFBEB35B-444D-4F25-8D7D-EB2683C206EC}

{E802027B-1F2B-40BD-B307-0BD96D036835}

File name without path

client.conduit-storage[1].xml

http_app.mam.conduit.com_0.localstorage

http_app.mam.conduit.com_0.localstorage-journal

http_cap1.conduit-apps.com_0.localstorage

http_cap1.conduit-apps.com_0.localstorage-journal

http_search.conduit.com_0.localstorage

http_search.conduit.com_0.localstorage-journal

http_storage.conduit.com_0.localstorage

http_storage.conduit.com_0.localstorage-journal

http_twitter.conduitapps.com_0.localstorage

http_twitter.conduitapps.com_0.localstorage-journal

https_facebook.conduitapps.com_0.localstorage

https_facebook.conduitapps.com_0.localstorage-journal

https_youtube.conduitapps.com_0.localstorage

https_youtube.conduitapps.com_0.localstorage-journal

Regexp file mask

%LOCALAPPDATA%\Conduit\BackgroundContainer\BackgroundContainer.dll

%LOCALAPPDATA%\ConduitInstaller.exe

%LOCALAPPDATA%\CRE\[RANDOM CHARACTERS].crx

%temp%\[RANDOM CHARACTERS]ConduitEngineSetup.exe

%TEMP%\ConduitInstaller.exe

%TEMP%\tbWhit.dll

%USERPROFILE%\Local Settings\Application Data\CRE\[RANDOM CHARACTERS].crx

%WINDIR%\System32\Tasks\BackgroundContainer Startup Task

%WinDir%\System32\Tasks\pcreg

%WinDir%\Tasks\pcreg.job

HKEY..\..\..\..{RegistryKeys}

SOFTWARE\AppDataLow\Software\AstroburnBar\toolbar

Software\AppDataLow\Software\BackgroundContainer

Software\AppDataLow\Software\Begin-download_FLV\toolbar

Software\AppDataLow\Software\Conduit

Software\AppDataLow\Software\conduitEngine

Software\AppDataLow\Software\ConduitSearchScopes

Software\AppDataLow\Software\MixiDJ\toolbar

Software\AppDataLow\Software\PHPNukeEN

Software\AppDataLow\Software\Produtools_Manuals_2.1\toolbar

Software\AppDataLow\Software\Produtools_Manuals_2.1_B2\toolbar

Software\AppDataLow\Software\Smartbar

Software\AppDataLow\Software\Tbccint

Software\AppDataLow\Software\TbccintSearchScopes

Software\AppDataLow\Software\TV_Bar_2\toolbar

Software\AppDataLow\Software\uTorrentControl_v2

SOFTWARE\AppDataLow\Software\YesStreamer_Bar

Software\AppDataLow\Toolbar\RegisteredSources\Conduitengine

Software\AppDataLow\Toolbar\RegisteredSources\CT3272718

SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

SOFTWARE\Classes\Toolbar.CT3272718

SOFTWARE\Conduit

SOFTWARE\DT Soft\Astroburn Toolbar

Software\Google\Chrome\NativeMessagingHosts\nmhostct408137

SOFTWARE\mamverifier

Software\Microsoft\Internet Explorer\Approved Extensions\{30F9B915-B755-4826-820B-08FBA6BD249D}

Software\Microsoft\Internet Explorer\Approved Extensions\{413c77a8-1554-46ac-b5e0-e5ac3c4e839e}

Software\Microsoft\Internet Explorer\Approved Extensions\{AEFEDA6A-9A49-47E5-9307-ECBEC7D6D879}

Software\Microsoft\Internet Explorer\Approved Extensions\{c0c2693d-2ee8-47b4-9df7-b67a0ee31988}

Software\Microsoft\Internet Explorer\Approved Extensions\{C9CEFC16-8DBE-4DB8-A3E5-4C3CE4685756}

Software\Microsoft\Internet Explorer\DOMStorage\app.mam.conduit.com

Software\Microsoft\Internet Explorer\DOMStorage\conduit-apps.com

Software\Microsoft\Internet Explorer\DOMStorage\conduit.com

Software\Microsoft\Internet Explorer\DOMStorage\conduitapps.com

Software\Microsoft\Internet Explorer\DOMStorage\tbccint.com

SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit-storage.com

SOFTWARE\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduit.com

Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\Produtools_Manuals_2.1.exe

Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\tb_Conduit.exe

Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\tb_Conduit_brch.exe

Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\tb_Conduit_brff.exe

Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\tb_Conduit_brie.exe

Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION\tb_Conduit_Search.exe

Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

SOFTWARE\Microsoft\Internet Explorer\Toolbar\{589d7cff-0173-47a9-966a-9afae3e5c249}

SOFTWARE\Microsoft\Internet Explorer\Toolbar\{9843474f-6082-4a44-b63d-5559d9e8c6a8}

SOFTWARE\Microsoft\Internet Explorer\Toolbar\{aefeda6a-9a49-47e5-9307-ecbec7d6d879}

SOFTWARE\Microsoft\Internet Explorer\Toolbar\{C9CEFC16-8DBE-4DB8-A3E5-4C3CE4685756}

SOFTWARE\Microsoft\Internet Explorer\Toolbar\{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}

SOFTWARE\Microsoft\Internet Explorer\Toolbar\{e802027b-1f2b-40bd-b307-0bd96d036835}

SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{589d7cff-0173-47a9-966a-9afae3e5c249}

Software\Microsoft\Internet Explorer\URLSearchHooks\{AEFEDA6A-9A49-47E5-9307-ECBEC7D6D879}

SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DatamngrCoordinator.exe

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avaavaevy

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BackgroundContainer Startup Task

SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\pcreg

SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{589d7cff-0173-47a9-966a-9afae3e5c249}

SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}

Software\Microsoft\Windows\CurrentVersion\Run\APISupport

SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BackgroundContainerV2

SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BackgroundContainerV3

SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ConduitHelper

Software\Microsoft\Windows\CurrentVersion\Run\pcreg

SOFTWARE\Microsoft\Windows\CurrentVersion\Run\TBHostSupport

SOFTWARE\PHPNukeEN

Software\Tbccint

Software\Tbccint_HKLM

SOFTWARE\Wow6432Node\Conduit

SOFTWARE\Wow6432Node\conduitEngine

SOFTWARE\Wow6432Node\DT Soft\Astroburn Toolbar

SOFTWARE\Wow6432Node\Google\Chrome\NativeMessagingHosts\nmhostct408137

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{589d7cff-0173-47a9-966a-9afae3e5c249}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{9843474f-6082-4a44-b63d-5559d9e8c6a8}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{aefeda6a-9a49-47e5-9307-ecbec7d6d879}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{c0c2693d-2ee8-47b4-9df7-b67a0ee31988}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{C9CEFC16-8DBE-4DB8-A3E5-4C3CE4685756}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{e802027b-1f2b-40bd-b307-0bd96d036835}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\{589d7cff-0173-47a9-966a-9afae3e5c249}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\{c0c2693d-2ee8-47b4-9df7-b67a0ee31988}

SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\URLSearchHooks\{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}

SOFTWARE\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASAPI32

SOFTWARE\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASMANCS

SOFTWARE\Wow6432Node\Microsoft\Tracing\MixiDJAutoUpdateHelper_RASAPI32

SOFTWARE\Wow6432Node\Microsoft\Tracing\MixiDJAutoUpdateHelper_RASMANCS

SOFTWARE\Wow6432Node\Microsoft\Tracing\MixiDJToolbarHelper_RASAPI32

SOFTWARE\Wow6432Node\Microsoft\Tracing\MixiDJToolbarHelper_RASMANCS

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{589d7cff-0173-47a9-966a-9afae3e5c249}

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{c0c2693d-2ee8-47b4-9df7-b67a0ee31988}

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{dfbeb35b-444d-4f25-8d7d-eb2683c206ec}

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\BackgroundContainerV2

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\ConduitHelper

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\pcreg

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\TBHostSupport

SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine

SOFTWARE\Wow6432Node\MixiDJ

SOFTWARE\Wow6432Node\PHPNukeEN

SYSTEM\ControlSet001\services\pcregservice

SYSTEM\ControlSet001\services\TBSrv

SYSTEM\ControlSet002\services\pcregservice

SYSTEM\CurrentControlSet\services\pcregservice

SYSTEM\CurrentControlSet\services\TBSrv

Toolbar\RegisteredSources\CT408137

HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}

CHCT408137

PHPNukeEN Toolbar

{4BD8E034-E0F4-4509-A753-467A8E854CD8}

Directories

Conduit Search/Toolbar may create the following directory or directories:

%ALLUSERSPROFILE%\Application Data\Conduit

%ALLUSERSPROFILE%\Application Data\Tbccint

%ALLUSERSPROFILE%\Conduit

%ALLUSERSPROFILE%\Tbccint

%LOCALAPPDATA%\Conduit

%LOCALAPPDATA%\TBHostSupport

%LOCALAPPDATA%\Tbccint

%LOCALAPPDATA%\cctbplt

%PROGRAMFILES%\AstroburnBar

%PROGRAMFILES%\Conduit

%PROGRAMFILES%\ConduitEngine

%PROGRAMFILES%\Nova

%PROGRAMFILES%\Tbccint

%PROGRAMFILES%\pcreg

%PROGRAMFILES(x86)%\AstroburnBar

%PROGRAMFILES(x86)%\Conduit

%PROGRAMFILES(x86)%\Nova

%PROGRAMFILES(x86)%\Tbccint

%PUBLIC%\Conduit

%TEMP%\38fdaae5-8e0e-493c-88ec-e05c3be06e42

%TEMP%\AstroburnBar

%TEMP%\CT3302872

%TMP%\ct2571160

%Temp%\CT3302999

%Temp%\CT3310393

%Temp%\CT3317212

%Temp%\ct3311333

%Temp%\mam-ct3317212

%USERPROFILE%\AppData\LocalLow\ConduitEngine

%USERPROFILE%\AppData\LocalLow\PHPNukeEN

%USERPROFILE%\AppData\LocalLow\Tbccint

%USERPROFILE%\Configuración local\Datos de programa\Conduit

%USERPROFILE%\Configurações Locais\Dados de aplicativos\Conduit

%USERPROFILE%\Impostazioni locali\Dati applicazioni\Conduit

%USERPROFILE%\Local Settings\Application Data\Conduit

%USERPROFILE%\Lokale Einstellungen\Anwendungsdaten\Conduit

%USERPROFILE%\Ustawienia lokalne\Dane aplikacji\Conduit

%UserProfile%\AppData\LocalLow\Conduit

%UserProfile%\Local Settings\Application Data\TBHostSupport

%UserProfile%\Local Settings\Application Data\Tbccint

%appdata%\Tbccint

%programfiles%\PHPNukeEN

%programfiles(x86)%\PHPNukeEN

%systemdrive%\users\appdata\locallow\Conduit

%temp%\Conduit

%temp%\ConduitSP

%temp%\ct3309759

2 Comments

Arlene 9 years ago Reply

Man This Virus Was So Annoying! Took Me About 3-5 Months To Get It Off! First, I Had To Run Spyhunter's Scan And Remove The Threats. Then, I Had To Initally Remove It. If You See Any Free Downloads. Chances Are, They Could Include Conduit Search/Toolbar. I Highly Recommend That You Buy Spyhunter, Then Turn System Guard On So It Cant Get Onto Your Computer!

Aroldo Tissot Júnior 8 years ago Reply

Como faco para deletar este search Protect criminoso que entro no meu PC e nada mais e que um vírus dominante, que aparentemente está oculto em alguma pasta de meu PC e dominou a internet, abre sozinho sites de publicidade, e vive tentando fazer eu instalar novos programas. Como faço para denunciar? Entrou no meu PC quando fui baixar o CCLEANER no Baixaki.

EnigmaSoft Releases NEW SpyHunter Pro to Fight Malware, Enhance Privacy Protection, & Optimize PCs

Search

Change Region

Conduit Search/Toolbar

Threat Scorecard

EnigmaSoft Threat Scorecard

Problems Associated with the Search.conduit.com Website and Toolbar

Removing the Search.conduit.com Toolbar from Your Computer System

Aliases

SpyHunter Detects & Remove Conduit Search/Toolbar

File System Details

Registry Details

Directories

2 Comments

Submit Comment

Trending

'Drive-by Exploit' Email Scam

Spam Alert: Phishing Email Scam Titled 'Bank of...

White Rabbit Ransomware

Most Viewed

AntiMalware

DNS Unlocker

Antivirus Security Pro