[dimills]

Hi,
Here's the results of the aswMBR log:



aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software
Run date: 2012-08-27 20:40:07
-----------------------------
20:40:07.671 OS Version: Windows 5.1.2600 Service Pack 3
20:40:07.671 Number of processors: 2 586 0x401
20:40:07.671 ComputerName: LIVINGROOM2 UserName: Owner
20:40:08.953 Initialize success
20:40:09.218 AVAST engine defs: 12082800
20:40:29.109 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-5
20:40:29.109 Disk 0 Vendor: WDC_WD3200AAKS-00B3A0 01.03A01 Size: 305245MB BusType: 3
20:40:29.140 Disk 0 MBR read successfully
20:40:29.140 Disk 0 MBR scan
20:40:29.156 Disk 0 Windows XP default MBR code
20:40:29.156 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 305242 MB offset 63
20:40:29.171 Disk 0 scanning sectors +625137345
20:40:29.234 Disk 0 scanning C:\WINDOWS\system32\drivers
20:40:40.843 Service scanning
20:40:55.203 Modules scanning
20:41:01.203 Disk 0 trace - called modules:
20:41:01.234 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS
20:41:01.234 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8ac11ab8]
20:41:01.250 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\00000071[0x8abf3f18]
20:41:01.265 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-5[0x8ac31d98]
20:41:01.984 AVAST engine scan C:\WINDOWS
20:41:14.531 AVAST engine scan C:\WINDOWS\system32
20:44:41.796 AVAST engine scan C:\WINDOWS\system32\drivers
20:45:11.937 AVAST engine scan C:\Documents and Settings\Owner
20:49:30.890 AVAST engine scan C:\Documents and Settings\All Users
20:50:59.421 Scan finished successfully
21:23:05.234 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Scott\Desktop\MBR.dat"
21:23:05.250 The log file has been saved successfully to "C:\Documents and Settings\Scott\Desktop\aswMBR.txt"

[Advertisements]

Hi.

Any particular reason when you scanned with awsMBR you chose the option to scan with the Anti-Virus? Not a problem nor any harm done but kind of defeats the object actually because you already have avast! Free Antivirus installed and active in system memory.

Hard-Drive Maintenance/Repair:

Note: for the CHKDSK portion you may refer to this tutorial of mine here and follow the instructions for Graphical Mode if you so wish.

Click on Start >> Run and type cleanmgr in the run box and click on OK.

• Ensure the boxes for Temporary Files, Temporary Internet Files and Recycle Bin are checked.
• You can choose to check other boxes if you wish but they are not required.
• Click on OK then Yes.

Next:-

• Click on Start >> Run... then type in CMD in the run box and click on OK.
• At the Command Prompt C:\ > type the following:
• CD C:\ and hit the Enter/Return key.
• Now type in DEFRAG C: -F
• A Analysis report will be displayed and then Windows will start the Defragmention run automatically.
• This may take some time, when completed the Command Prompt C:\ > will appear.
• Now type in CHKDSK C: /R and hit the Enter/Return key.
• When prompted with:

CHKDSK cannot run because the volume is in use by another process
Would you like to schedule this volume to be checked next time the system
restarts (Y/N)

• Hit the Y key then at the Command Prompt C:\ >
• Type in EXIT and and hit the Enter/Return key.
• Now Reboot(Restart) your computer.

Note: Upon Reboot(Restart) the CHKDSK(check-disk) will start and carry out the repairs required.

You should see a screen like this just after the Post(power on self test) screen:



Note: Do not touch either the keyboard or Mouse, otherwise the Check-Disk will be cancelled and you computer will continue to boot-up as normal.

Scan with AdwCleaner:

Please download adwcleaner from here and save to your desktop.

Alternate download is here.

• Double click on adwcleaner.exe to launch the application.
• Now click on the Search tab.
• Please post the contents of the log-file created in your next post.

Note: The log can also be located at C: >> AdwCleaner[XX].txt >> XX <-- denotes the number of times the application has been ran, so in this case may be something like R1.

Next:

Let myself know when completed the above, post the AdwCleaner log. Also provide a quick update and we will go from there, thank you.

[Dakeyras]

Hi.

Any particular reason when you scanned with awsMBR you chose the option to scan with the Anti-Virus? Not a problem nor any harm done but kind of defeats the object actually because you already have avast! Free Antivirus installed and active in system memory.

Hard-Drive Maintenance/Repair:

Note: for the CHKDSK portion you may refer to this tutorial of mine here and follow the instructions for Graphical Mode if you so wish.

Click on Start >> Run and type cleanmgr in the run box and click on OK.

• Ensure the boxes for Temporary Files, Temporary Internet Files and Recycle Bin are checked.
• You can choose to check other boxes if you wish but they are not required.
• Click on OK then Yes.

Next:-

• Click on Start >> Run... then type in CMD in the run box and click on OK.
• At the Command Prompt C:\ > type the following:
• CD C:\ and hit the Enter/Return key.
• Now type in DEFRAG C: -F
• A Analysis report will be displayed and then Windows will start the Defragmention run automatically.
• This may take some time, when completed the Command Prompt C:\ > will appear.
• Now type in CHKDSK C: /R and hit the Enter/Return key.
• When prompted with:

CHKDSK cannot run because the volume is in use by another process
Would you like to schedule this volume to be checked next time the system
restarts (Y/N)

• Hit the Y key then at the Command Prompt C:\ >
• Type in EXIT and and hit the Enter/Return key.
• Now Reboot(Restart) your computer.

Note: Upon Reboot(Restart) the CHKDSK(check-disk) will start and carry out the repairs required.

You should see a screen like this just after the Post(power on self test) screen:



Note: Do not touch either the keyboard or Mouse, otherwise the Check-Disk will be cancelled and you computer will continue to boot-up as normal.

Scan with AdwCleaner:

Please download adwcleaner from here and save to your desktop.

Alternate download is here.

• Double click on adwcleaner.exe to launch the application.
• Now click on the Search tab.
• Please post the contents of the log-file created in your next post.

Note: The log can also be located at C: >> AdwCleaner[XX].txt >> XX <-- denotes the number of times the application has been ran, so in this case may be something like R1.

Next:

Let myself know when completed the above, post the AdwCleaner log. Also provide a quick update and we will go from there, thank you.

[dimills]

Hi,
When I ran awsMBR I wasn't given an option, it just came up with buttons to scan, fix mbr, etc, there was no mention of cancelling the avast, so I just clicked to scan, here's the results of AdwCleaner:

# AdwCleaner v1.801 - Logfile created 08/30/2012 at 02:06:14
# Updated 14/08/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Owner - LIVINGROOM2
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Scott\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****

Found : Viewpoint Manager Service

***** [Files / Folders] *****

Folder Found : C:\Documents and Settings\Owner\Local Settings\Application Data\Conduit
Folder Found : C:\Documents and Settings\Owner\Local Settings\Application Data\Quixley_KMb
Folder Found : C:\Documents and Settings\Michael\Local Settings\Application Data\Conduit
Folder Found : C:\Documents and Settings\Michael\Local Settings\Application Data\ConduitEngine
Folder Found : C:\Documents and Settings\Michael\Local Settings\Application Data\Ilivid Player
Folder Found : C:\Documents and Settings\Michael\Local Settings\Application Data\Playbryte
Folder Found : C:\Documents and Settings\Michael\Local Settings\Application Data\Quixley_KMb
Folder Found : C:\Documents and Settings\Owner\Application Data\PriceGong
Folder Found : C:\Documents and Settings\Alex\Application Data\Toolbar4
Folder Found : C:\Documents and Settings\Alex\Application Data\Viewpoint
Folder Found : C:\Documents and Settings\Michael\Application Data\PriceGong
Folder Found : C:\Documents and Settings\Michael\Application Data\Toolbar4
Folder Found : C:\Documents and Settings\Michael\Application Data\Mozilla\Firefox\Profiles\2za892jc.default\ConduitCommon
Folder Found : C:\Documents and Settings\Michael\Application Data\Mozilla\Firefox\Profiles\2za892jc.default\extensions\[email protected]
Folder Found : C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\kdvrq1i3.default\Conduit
Folder Found : C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\kdvrq1i3.default\CT2452474
Folder Found : C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\kdvrq1i3.default\extensions\{bc04b34e-5dd8-465a-a5e0-86f7c11bc009}
Folder Found : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Found : C:\Program Files\Ilivid
Folder Found : C:\Program Files\Playbryte
Folder Found : C:\Program Files\Shop To Win
Folder Found : C:\Program Files\Viewpoint
Folder Found : C:\Program Files\Common Files\FreeCause
File Found : C:\Documents and Settings\Michael\Application Data\Mozilla\Firefox\Profiles\2za892jc.default\searchplugins\Conduit.xml

***** [Registry] *****

[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT3052046
Key Found : HKCU\Software\AppDataLow\Software\Freecause
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\PriceGong
Key Found : HKCU\Software\Quixley_KMb
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\AppID\PSText.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Found : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Found : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Found : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Found : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Found : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Found : HKLM\SOFTWARE\CompeteInc
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\MetaStream
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Found : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Playbryte
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Quixley_KMb Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Found : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Found : HKLM\SOFTWARE\Playbryte
Key Found : HKLM\SOFTWARE\Quixley_KMb
Key Found : HKLM\SOFTWARE\Viewpoint

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Found : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{61E0EF7A-9BC0-45ea-9B2F-F3E9F02692BD}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Found : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Found : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5272CCD4-4199-4B04-BF68-B28A0DCF0151}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Key Found : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Found : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F165085B-6B85-4AD5-AD00-95552A823F6D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{979F6ED2-DAEA-42A7-B831-29A0681E4FBB}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A459AB73-E92C-4D54-9276-AF27A79BD51C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DA566842-D620-41BF-8A10-149CFA14035D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{61E0EF7A-9BC0-45ea-9B2F-F3E9F02692BD}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DA566842-D620-41BF-8A10-149CFA14035D}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ksus49i4.default\prefs.js

[OK] File is clean.

Profile name : default
File : C:\Documents and Settings\Diane\Application Data\Mozilla\Firefox\Profiles\knmbqsck.default\prefs.js

[OK] File is clean.

Profile name : default
File : C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\ckxb4d8n.default\prefs.js

Found : user_pref("browser.search.selectedEngine", "BigSeekPro");
Found : user_pref("browser.startup.homepage", "hxxp://www.bigseekpro.com/bigseekpro/{0C388D2D-1A36-A7A8-609A[...]

Profile name : default
File : C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\ivv5bdbk.default\prefs.js

[OK] File is clean.

Profile name : default
File : C:\Documents and Settings\Michael\Application Data\Mozilla\Firefox\Profiles\2za892jc.default\prefs.js

Found : user_pref("CT3052046..clientLogIsEnabled", false);
Found : user_pref("CT3052046..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT3052046..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT3052046.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT3052046.AppTrackingLastCheckTime", "Fri Jul 29 2011 22:37:51 GMT-0400 (Eastern Daylight[...]
Found : user_pref("CT3052046.BrowserCompStateIsOpen_3911089572972608687", true);
Found : user_pref("CT3052046.BrowserCompStateIsOpen_4474396473824482984", true);
Found : user_pref("CT3052046.CTID", "CT3052046");
Found : user_pref("CT3052046.CurrentServerDate", "30-7-2011");
Found : user_pref("CT3052046.DialogsAlignMode", "LTR");
Found : user_pref("CT3052046.DialogsGetterLastCheckTime", "Fri Jul 29 2011 22:37:39 GMT-0400 (Eastern Daylig[...]
Found : user_pref("CT3052046.DownloadReferralCookieData", "");
Found : user_pref("CT3052046.FirstServerDate", "30-7-2011");
Found : user_pref("CT3052046.FirstTime", true);
Found : user_pref("CT3052046.FirstTimeFF3", true);
Found : user_pref("CT3052046.FixPageNotFoundErrors", true);
Found : user_pref("CT3052046.GroupingServerCheckInterval", 1440);
Found : user_pref("CT3052046.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT3052046.HasUserGlobalKeys", true);
Found : user_pref("CT3052046.Initialize", true);
Found : user_pref("CT3052046.InitializeCommonPrefs", true);
Found : user_pref("CT3052046.InstallationAndCookieDataSentCount", 1);
Found : user_pref("CT3052046.InstallationId", "CT3052046_Quixley_KMb.exe");
Found : user_pref("CT3052046.InstallationType", "ConduitIntegration");
Found : user_pref("CT3052046.InstalledDate", "Fri Jul 29 2011 22:37:40 GMT-0400 (Eastern Daylight Time)");
Found : user_pref("CT3052046.InvalidateCache", false);
Found : user_pref("CT3052046.IsAlertDBUpdated", true);
Found : user_pref("CT3052046.IsGrouping", false);
Found : user_pref("CT3052046.IsInitSetupIni", true);
Found : user_pref("CT3052046.IsMulticommunity", false);
Found : user_pref("CT3052046.IsOpenThankYouPage", false);
Found : user_pref("CT3052046.IsOpenUninstallPage", true);
Found : user_pref("CT3052046.LanguagePackLastCheckTime", "Fri Jul 29 2011 22:37:41 GMT-0400 (Eastern Dayligh[...]
Found : user_pref("CT3052046.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT3052046.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT3052046.LastLogin_3.5.1.1", "Fri Jul 29 2011 22:37:40 GMT-0400 (Eastern Daylight Time)"[...]
Found : user_pref("CT3052046.LatestVersion", "3.3.3.2");
Found : user_pref("CT3052046.Locale", "en");
Found : user_pref("CT3052046.MCDetectTooltipHeight", "83");
Found : user_pref("CT3052046.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT3052046.MCDetectTooltipWidth", "295");
Found : user_pref("CT3052046.MyStuffEnabledAtInstallation", true);
Found : user_pref("CT3052046.OriginalFirstVersion", "3.5.1.1");
Found : user_pref("CT3052046.RadioIsPodcast", false);
Found : user_pref("CT3052046.RadioLastCheckTime", "Fri Jul 29 2011 22:37:41 GMT-0400 (Eastern Daylight Time)[...]
Found : user_pref("CT3052046.RadioLastUpdateIPServer", "3");
Found : user_pref("CT3052046.RadioLastUpdateServer", "3");
Found : user_pref("CT3052046.RadioMediaID", "9962");
Found : user_pref("CT3052046.RadioMediaType", "Media Player");
Found : user_pref("CT3052046.RadioMenuSelectedID", "EBRadioMenu_CT30520469962");
Found : user_pref("CT3052046.RadioShrinkedFromSetup", false);
Found : user_pref("CT3052046.RadioStationName", "California%20Rock");
Found : user_pref("CT3052046.RadioStationURL", "hxxp://feedlive.net/california.asx");
Found : user_pref("CT3052046.SavedHomepage", "hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=o[...]
Found : user_pref("CT3052046.SearchFromAddressBarIsInit", true);
Found : user_pref("CT3052046.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT305[...]
Found : user_pref("CT3052046.SearchInNewTabEnabled", true);
Found : user_pref("CT3052046.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT3052046.SearchInNewTabLastCheckTime", "Fri Jul 29 2011 22:37:41 GMT-0400 (Eastern Dayli[...]
Found : user_pref("CT3052046.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT3052046.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT3052046.ServiceMapLastCheckTime", "Fri Jul 29 2011 22:37:34 GMT-0400 (Eastern Daylight [...]
Found : user_pref("CT3052046.SettingsLastCheckTime", "Fri Jul 29 2011 22:37:37 GMT-0400 (Eastern Daylight Ti[...]
Found : user_pref("CT3052046.SettingsLastUpdate", "1311784300");
Found : user_pref("CT3052046.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT3052046.ThirdPartyComponentsLastCheck", "Fri Jul 29 2011 22:37:34 GMT-0400 (Eastern Day[...]
Found : user_pref("CT3052046.ThirdPartyComponentsLastUpdate", "1246786978");
Found : user_pref("CT3052046.ToolbarShrinkedFromSetup", false);
Found : user_pref("CT3052046.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3052046");
Found : user_pref("CT3052046.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Found : user_pref("CT3052046.UserID", "UN29587635447840421");
Found : user_pref("CT3052046.ValidationData_Toolbar", 0);
Found : user_pref("CT3052046.WeatherNetwork", "");
Found : user_pref("CT3052046.WeatherPollDate", "Fri Jul 29 2011 22:37:43 GMT-0400 (Eastern Daylight Time)");
Found : user_pref("CT3052046.WeatherUnit", "F");
Found : user_pref("CT3052046.alertChannelId", "1443618");
Found : user_pref("CT3052046.backendstorage. appgroupon_dailyactivity", "31333131393933343633303835");
Found : user_pref("CT3052046.backendstorage. appgroupon_lifetimesent", "54525545");
Found : user_pref("CT3052046.components.1000080", true);
Found : user_pref("CT3052046.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Found : user_pref("CT3052046.globalFirstTimeInfoLastCheckTime", "Fri Jul 29 2011 22:37:40 GMT-0400 (Eastern [...]
Found : user_pref("CT3052046.homepageProtectorEnableByLogin", true);
Found : user_pref("CT3052046.initDone", true);
Found : user_pref("CT3052046.isAppTrackingManagerOn", true);
Found : user_pref("CT3052046.isFirstRadioInstallation", false);
Found : user_pref("CT3052046.myStuffEnabled", true);
Found : user_pref("CT3052046.myStuffPublihserMinWidth", 400);
Found : user_pref("CT3052046.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT3052046.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT3052046.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT3052046.searchProtectorDialogDelayInSec", 10);
Found : user_pref("CT3052046.searchProtectorEnableByLogin", true);
Found : user_pref("CT3052046.testingCtid", "");
Found : user_pref("CT3052046.toolbarAppMetaDataLastCheckTime", "Fri Jul 29 2011 22:37:39 GMT-0400 (Eastern D[...]
Found : user_pref("CT3052046.toolbarContextMenuLastCheckTime", "Fri Jul 29 2011 22:37:41 GMT-0400 (Eastern D[...]
Found : user_pref("CT3052046.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3052046&Search[...]
Found : user_pref("CommunityToolbar.ConduitSearchList", "Quixley_KMb Customized Web Search");
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1443618/1439273/US", "\"0\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3052046", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3052046",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT3052046&octid=[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Found : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\Michael\\Applicati[...]
Found : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.5.1.1");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.bing.com/search?pc=ZUGO&form=[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT3052046");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT3052046");
Found : user_pref("CommunityToolbar.ToolbarsList4", "CT3052046");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Fri Jul 29 2011 22:40:14 GMT-0400 (Eas[...]
Found : user_pref("CommunityToolbar.globalUserId", "e8ede5f5-4a0e-471a-96ff-f1f7fe13e59e");
Found : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Jul 29 2011 22:37:3[...]
Found : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Found : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Fri Jul 29 2011 22:37:49 GMT-040[...]
Found : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.notifications.locale", "en");
Found : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Jul 29 2011 22:37:36 GMT-0400 (E[...]
Found : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1305622559");
Found : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Found : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.notifications.userId", "54442499-dfa2-447c-941f-c134d0385a5c");
Found : user_pref("browser.search.defaultthis.engineName", "Quixley_KMb Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3052046&Sea[...]

Profile name : default
File : C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\kdvrq1i3.default\prefs.js

Found : user_pref("CT2452474.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2452474.CTID", "CT2452474");
Found : user_pref("CT2452474.Chat.Meebo.ServerLastCheckTime", "Fri May 07 2010 02:05:02 GMT-0400 (Eastern Da[...]
Found : user_pref("CT2452474.Chat.Meebo.ServerLastResponseTime", "Fri May 07 2010 02:05:02 GMT-0400 (Eastern[...]
Found : user_pref("CT2452474.Chat.Meebo.rooms.2030of7a78203f", 40);
Found : user_pref("CT2452474.Chat.Meebo.rooms.30plus683ec0a3", 40);
Found : user_pref("CT2452474.Chat.Meebo.rooms.entertainment3d98c8ee", 1);
Found : user_pref("CT2452474.Chat.Meebo.rooms.gamesbar1communitychat22ec8aa1", 12);
Found : user_pref("CT2452474.Chat.Meebo.rooms.musicpca565a36", 4);
Found : user_pref("CT2452474.Chat.Meebo.rooms.sports84029aeb", 1);
Found : user_pref("CT2452474.Chat.Meebo.rooms.technology9fc01102", 0);
Found : user_pref("CT2452474.Chat.Meebo.rooms.teenagers60fc8fbc", 28);
Found : user_pref("CT2452474.Chat.Meebo.rooms.videogames58dc7b74", 2);
Found : user_pref("CT2452474.Chat.ServerLastCheckTime", "Fri May 07 2010 01:15:02 GMT-0400 (Eastern Daylight[...]
Found : user_pref("CT2452474.CurrentServerDate", "7-5-2010");
Found : user_pref("CT2452474.DialogsAlignMode", "LTR");
Found : user_pref("CT2452474.ExternalComponentPollDate129032022755062690", "Thu May 06 2010 16:52:05 GMT-040[...]
Found : user_pref("CT2452474.ExternalComponentPollDate129067376611248112", "Thu May 06 2010 16:52:05 GMT-040[...]
Found : user_pref("CT2452474.FirstServerDate", "14-3-2010");
Found : user_pref("CT2452474.FirstTime", true);
Found : user_pref("CT2452474.FirstTimeFF3", true);
Found : user_pref("CT2452474.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2452474.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2452474.Initialize", true);
Found : user_pref("CT2452474.InitializeCommonPrefs", true);
Found : user_pref("CT2452474.InstalledDate", "Sun Mar 14 2010 13:35:04 GMT-0400 (Eastern Daylight Time)");
Found : user_pref("CT2452474.InvalidateCache", false);
Found : user_pref("CT2452474.IsGrouping", false);
Found : user_pref("CT2452474.IsMulticommunity", false);
Found : user_pref("CT2452474.IsOpenThankYouPage", true);
Found : user_pref("CT2452474.IsOpenUninstallPage", true);
Found : user_pref("CT2452474.LanguagePackLastCheckTime", "Thu May 06 2010 16:52:05 GMT-0400 (Eastern Dayligh[...]
Found : user_pref("CT2452474.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2452474.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2452474.LastLogin_2.5.6.0", "Thu May 06 2010 22:58:46 GMT-0400 (Eastern Daylight Time)"[...]
Found : user_pref("CT2452474.LatestVersion", "2.1.0.18");
Found : user_pref("CT2452474.Locale", "en");
Found : user_pref("CT2452474.LoginCache", 4);
Found : user_pref("CT2452474.MCDetectTooltipHeight", "83");
Found : user_pref("CT2452474.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2452474.MCDetectTooltipWidth", "295");
Found : user_pref("CT2452474.RadioIsPodcast", false);
Found : user_pref("CT2452474.RadioLastCheckTime", "Thu May 06 2010 16:52:06 GMT-0400 (Eastern Daylight Time)[...]
Found : user_pref("CT2452474.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2452474.RadioLastUpdateServer", "3");
Found : user_pref("CT2452474.RadioMediaID", "9962");
Found : user_pref("CT2452474.RadioMediaType", "Media Player");
Found : user_pref("CT2452474.RadioMenuSelectedID", "EBRadioMenu_CT24524749962");
Found : user_pref("CT2452474.RadioStationName", "California%20Rock");
Found : user_pref("CT2452474.RadioStationURL", "hxxp://feedlive.net/california.asx");
Found : user_pref("CT2452474.SHRINK_TOOLBAR", 1);
Found : user_pref("CT2452474.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Found : user_pref("CT2452474.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2452474.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT245[...]
Found : user_pref("CT2452474.SearchInNewTabEnabled", true);
Found : user_pref("CT2452474.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2452474.SearchInNewTabLastCheckTime", "Thu May 06 2010 16:52:05 GMT-0400 (Eastern Dayli[...]
Found : user_pref("CT2452474.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2452474.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2452474.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2452474.SettingsLastCheckTime", "Fri May 07 2010 01:15:01 GMT-0400 (Eastern Daylight Ti[...]
Found : user_pref("CT2452474.SettingsLastUpdate", "1273158835");
Found : user_pref("CT2452474.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2452474.ThirdPartyComponentsLastCheck", "Tue Apr 27 2010 16:12:29 GMT-0400 (Eastern Day[...]
Found : user_pref("CT2452474.ThirdPartyComponentsLastUpdate", "1272136758");
Found : user_pref("CT2452474.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Found : user_pref("CT2452474.UserID", "UN96841838790198354");
Found : user_pref("CT2452474.ValidationData_Search", 0);
Found : user_pref("CT2452474.ValidationData_Toolbar", 2);
Found : user_pref("CT2452474.WeatherNetwork", "");
Found : user_pref("CT2452474.WeatherPollDate", "Fri May 07 2010 01:45:03 GMT-0400 (Eastern Daylight Time)");
Found : user_pref("CT2452474.WeatherUnit", "F");
Found : user_pref("CT2452474.alertChannelId", "846288");
Found : user_pref("CT2452474.backendstorage.hxxp://cmg1_conduit-widgets_com/pitsi.state", "434C4F5345");
Found : user_pref("CT2452474.clientLogIsEnabled", true);
Found : user_pref("CT2452474.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Found : user_pref("CT2452474.components.1000034", false);
Found : user_pref("CT2452474.myStuffEnabled", true);
Found : user_pref("CT2452474.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2452474.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&amp;SearchSour[...]
Found : user_pref("CT2452474.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2452474.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2452474.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Found : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://oryte.com/content/games/players/sonic.php[...]
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2452474");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2452474");
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri May 07 2010 02:15:01 GMT-0400 (Easte[...]
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu May 06 2010 16:52:03 GMT-0400 (Eastern D[...]
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1234796400");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "{22a095d7-6ea9-4c1f-8f01-84ac730037ed}");
Found : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu May 06 2010 16:52:06 GMT-0400 (Eas[...]

-\\ Google Chrome v21.0.1180.83

File : C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Found : "description": "The fastest way to search the web.",
Found : "scriptable_host": [ "hxxp://*/*", "hxxp://cap1.conduit-apps.com/Apps/jdownloader/jdC[...]
Found : "matches": [ "hxxp://cap1.conduit-apps.com/Apps/jdownloader/jdController.html*", "[...]
Found : "path": "plugins/ConduitChromeApiPlugin.dll",
Found : "update_url": "hxxp://autoupdate.chromewebtb.conduit-services.com/?productId=CT305204[...]
Found : "path": "C:\\Program Files\\Mozilla Firefox\\plugins\\npViewpoint.dll",

File : C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Found : "description": "The fastest way to search the web.",
Found : "path": "C:\\Program Files\\Mozilla Firefox\\plugins\\npViewpoint.dll",

File : C:\Documents and Settings\Michael\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [30711 octets] - [30/08/2012 02:06:14]

########## EOF - C:\AdwCleaner[R1].txt - [30840 octets] ##########

[Dakeyras]

Hi.

When I ran awsMBR I wasn't given an option, it just came up with buttons to scan, fix mbr, etc, there was no mention of cancelling the avast, so I just clicked to scan

OK and not a problem as I mentioned prior. Let proceed as follows shall we...

Backup the Registry:

Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.

Click on Start >> Run...(or the Windows key and R together) to bring up the Run box and and copy and paste in:

"C:\Program Files\ERUNT\ERUNT.EXE" %SystemRoot%\ERDNT\GTG-backup

and click on OK.

Note: If you have uninstalled ERUNT since we last used it, please inform myself before proceeding any further.

Re-scan with AdwCleaner:

• Double click on adwcleaner.exe to launch the application.
• Now click on the Delete tab >> Reboot your machine if prompted.
• Please post the contents of the log-file created in your next post.

Note: The log can also be located at C: >> AdwCleaner[XX].txt >> XX <-- denotes the number of times the application has been ran, so in this case should be something like S1 for example.

Next:

Reboot(restart) your machine if you were not prompted to do so by AdwCleaner. Post the new AdwCleaner log and let myself know how you machine is performing now etc.

[dimills]

Hi,
Here's the log for AdwCleaner:

# AdwCleaner v1.801 - Logfile created 08/31/2012 at 01:02:54
# Updated 14/08/2012 by Xplode
# Operating system : Microsoft Windows XP Service Pack 3 (32 bits)
# User : Owner - LIVINGROOM2
# Boot Mode : Normal
# Running from : C:\Documents and Settings\Scott\Desktop\adwcleaner.exe
# Option [Delete]


***** [Services] *****

Stopped & Deleted : Viewpoint Manager Service

***** [Files / Folders] *****

Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\Quixley_KMb
Folder Deleted : C:\Documents and Settings\Michael\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\Michael\Local Settings\Application Data\ConduitEngine
Folder Deleted : C:\Documents and Settings\Michael\Local Settings\Application Data\Ilivid Player
Folder Deleted : C:\Documents and Settings\Michael\Local Settings\Application Data\Playbryte
Folder Deleted : C:\Documents and Settings\Michael\Local Settings\Application Data\Quixley_KMb
Folder Deleted : C:\Documents and Settings\Owner\Application Data\PriceGong
Folder Deleted : C:\Documents and Settings\Alex\Application Data\Toolbar4
Folder Deleted : C:\Documents and Settings\Alex\Application Data\Viewpoint
Folder Deleted : C:\Documents and Settings\Michael\Application Data\PriceGong
Folder Deleted : C:\Documents and Settings\Michael\Application Data\Toolbar4
Folder Deleted : C:\Documents and Settings\Michael\Application Data\Mozilla\Firefox\Profiles\2za892jc.default\ConduitCommon
Folder Deleted : C:\Documents and Settings\Michael\Application Data\Mozilla\Firefox\Profiles\2za892jc.default\extensions\[email protected]
Folder Deleted : C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\kdvrq1i3.default\Conduit
Folder Deleted : C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\kdvrq1i3.default\CT2452474
Folder Deleted : C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\kdvrq1i3.default\extensions\{bc04b34e-5dd8-465a-a5e0-86f7c11bc009}
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
Folder Deleted : C:\Program Files\Ilivid
Folder Deleted : C:\Program Files\Playbryte
Deleted on reboot : C:\Program Files\Shop To Win
Folder Deleted : C:\Program Files\Viewpoint
Folder Deleted : C:\Program Files\Common Files\FreeCause
File Deleted : C:\Documents and Settings\Michael\Application Data\Mozilla\Firefox\Profiles\2za892jc.default\searchplugins\Conduit.xml

***** [Registry] *****

[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3052046
Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\PriceGong
Key Deleted : HKCU\Software\Quixley_KMb
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\AppID\PSText.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Key Deleted : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Key Deleted : HKLM\SOFTWARE\CompeteInc
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\MetaStream
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Playbryte
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Quixley_KMb Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
Key Deleted : HKLM\SOFTWARE\Playbryte
Key Deleted : HKLM\SOFTWARE\Quixley_KMb
Key Deleted : HKLM\SOFTWARE\Viewpoint

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{61E0EF7A-9BC0-45ea-9B2F-F3E9F02692BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5272CCD4-4199-4B04-BF68-B28A0DCF0151}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F165085B-6B85-4AD5-AD00-95552A823F6D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{979F6ED2-DAEA-42A7-B831-29A0681E4FBB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A459AB73-E92C-4D54-9276-AF27A79BD51C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DA566842-D620-41BF-8A10-149CFA14035D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{61E0EF7A-9BC0-45ea-9B2F-F3E9F02692BD}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B49699FC-1665-4414-A1CB-C4A2A4A13EEC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DA566842-D620-41BF-8A10-149CFA14035D}

***** [Internet Browsers] *****

-\\ Internet Explorer v8.0.6001.18702

[OK] Registry is clean.

-\\ Mozilla Firefox v14.0.1 (en-US)

Profile name : default
File : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ksus49i4.default\prefs.js

C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\ksus49i4.default\user.js ... Deleted !

[OK] File is clean.

Profile name : default
File : C:\Documents and Settings\Diane\Application Data\Mozilla\Firefox\Profiles\knmbqsck.default\prefs.js

[OK] File is clean.

Profile name : default
File : C:\Documents and Settings\Alex\Application Data\Mozilla\Firefox\Profiles\ckxb4d8n.default\prefs.js

Deleted : user_pref("browser.search.selectedEngine", "BigSeekPro");
Deleted : user_pref("browser.startup.homepage", "hxxp://www.bigseekpro.com/bigseekpro/{0C388D2D-1A36-A7A8-609A[...]

Profile name : default
File : C:\Documents and Settings\Jonathan\Application Data\Mozilla\Firefox\Profiles\ivv5bdbk.default\prefs.js

[OK] File is clean.

Profile name : default
File : C:\Documents and Settings\Michael\Application Data\Mozilla\Firefox\Profiles\2za892jc.default\prefs.js

C:\Documents and Settings\Michael\Application Data\Mozilla\Firefox\Profiles\2za892jc.default\user.js ... Deleted !

Deleted : user_pref("CT3052046..clientLogIsEnabled", false);
Deleted : user_pref("CT3052046..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT3052046..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT3052046.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT3052046.AppTrackingLastCheckTime", "Fri Jul 29 2011 22:37:51 GMT-0400 (Eastern Daylight[...]
Deleted : user_pref("CT3052046.BrowserCompStateIsOpen_3911089572972608687", true);
Deleted : user_pref("CT3052046.BrowserCompStateIsOpen_4474396473824482984", true);
Deleted : user_pref("CT3052046.CTID", "CT3052046");
Deleted : user_pref("CT3052046.CurrentServerDate", "30-7-2011");
Deleted : user_pref("CT3052046.DialogsAlignMode", "LTR");
Deleted : user_pref("CT3052046.DialogsGetterLastCheckTime", "Fri Jul 29 2011 22:37:39 GMT-0400 (Eastern Daylig[...]
Deleted : user_pref("CT3052046.DownloadReferralCookieData", "");
Deleted : user_pref("CT3052046.FirstServerDate", "30-7-2011");
Deleted : user_pref("CT3052046.FirstTime", true);
Deleted : user_pref("CT3052046.FirstTimeFF3", true);
Deleted : user_pref("CT3052046.FixPageNotFoundErrors", true);
Deleted : user_pref("CT3052046.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT3052046.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT3052046.HasUserGlobalKeys", true);
Deleted : user_pref("CT3052046.Initialize", true);
Deleted : user_pref("CT3052046.InitializeCommonPrefs", true);
Deleted : user_pref("CT3052046.InstallationAndCookieDataSentCount", 1);
Deleted : user_pref("CT3052046.InstallationId", "CT3052046_Quixley_KMb.exe");
Deleted : user_pref("CT3052046.InstallationType", "ConduitIntegration");
Deleted : user_pref("CT3052046.InstalledDate", "Fri Jul 29 2011 22:37:40 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT3052046.InvalidateCache", false);
Deleted : user_pref("CT3052046.IsAlertDBUpdated", true);
Deleted : user_pref("CT3052046.IsGrouping", false);
Deleted : user_pref("CT3052046.IsInitSetupIni", true);
Deleted : user_pref("CT3052046.IsMulticommunity", false);
Deleted : user_pref("CT3052046.IsOpenThankYouPage", false);
Deleted : user_pref("CT3052046.IsOpenUninstallPage", true);
Deleted : user_pref("CT3052046.LanguagePackLastCheckTime", "Fri Jul 29 2011 22:37:41 GMT-0400 (Eastern Dayligh[...]
Deleted : user_pref("CT3052046.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT3052046.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT3052046.LastLogin_3.5.1.1", "Fri Jul 29 2011 22:37:40 GMT-0400 (Eastern Daylight Time)"[...]
Deleted : user_pref("CT3052046.LatestVersion", "3.3.3.2");
Deleted : user_pref("CT3052046.Locale", "en");
Deleted : user_pref("CT3052046.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT3052046.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT3052046.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT3052046.MyStuffEnabledAtInstallation", true);
Deleted : user_pref("CT3052046.OriginalFirstVersion", "3.5.1.1");
Deleted : user_pref("CT3052046.RadioIsPodcast", false);
Deleted : user_pref("CT3052046.RadioLastCheckTime", "Fri Jul 29 2011 22:37:41 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT3052046.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT3052046.RadioLastUpdateServer", "3");
Deleted : user_pref("CT3052046.RadioMediaID", "9962");
Deleted : user_pref("CT3052046.RadioMediaType", "Media Player");
Deleted : user_pref("CT3052046.RadioMenuSelectedID", "EBRadioMenu_CT30520469962");
Deleted : user_pref("CT3052046.RadioShrinkedFromSetup", false);
Deleted : user_pref("CT3052046.RadioStationName", "California%20Rock");
Deleted : user_pref("CT3052046.RadioStationURL", "hxxp://feedlive.net/california.asx");
Deleted : user_pref("CT3052046.SavedHomepage", "hxxp://en-US.start3.mozilla.com/firefox?client=firefox-a&rls=o[...]
Deleted : user_pref("CT3052046.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT3052046.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT305[...]
Deleted : user_pref("CT3052046.SearchInNewTabEnabled", true);
Deleted : user_pref("CT3052046.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT3052046.SearchInNewTabLastCheckTime", "Fri Jul 29 2011 22:37:41 GMT-0400 (Eastern Dayli[...]
Deleted : user_pref("CT3052046.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT3052046.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT3052046.ServiceMapLastCheckTime", "Fri Jul 29 2011 22:37:34 GMT-0400 (Eastern Daylight [...]
Deleted : user_pref("CT3052046.SettingsLastCheckTime", "Fri Jul 29 2011 22:37:37 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT3052046.SettingsLastUpdate", "1311784300");
Deleted : user_pref("CT3052046.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT3052046.ThirdPartyComponentsLastCheck", "Fri Jul 29 2011 22:37:34 GMT-0400 (Eastern Day[...]
Deleted : user_pref("CT3052046.ThirdPartyComponentsLastUpdate", "1246786978");
Deleted : user_pref("CT3052046.ToolbarShrinkedFromSetup", false);
Deleted : user_pref("CT3052046.TrusteLinkUrl", "hxxp://trust.conduit.com/CT3052046");
Deleted : user_pref("CT3052046.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Deleted : user_pref("CT3052046.UserID", "UN29587635447840421");
Deleted : user_pref("CT3052046.ValidationData_Toolbar", 0);
Deleted : user_pref("CT3052046.WeatherNetwork", "");
Deleted : user_pref("CT3052046.WeatherPollDate", "Fri Jul 29 2011 22:37:43 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT3052046.WeatherUnit", "F");
Deleted : user_pref("CT3052046.alertChannelId", "1443618");
Deleted : user_pref("CT3052046.backendstorage. appgroupon_dailyactivity", "31333131393933343633303835");
Deleted : user_pref("CT3052046.backendstorage. appgroupon_lifetimesent", "54525545");
Deleted : user_pref("CT3052046.components.1000080", true);
Deleted : user_pref("CT3052046.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Deleted : user_pref("CT3052046.globalFirstTimeInfoLastCheckTime", "Fri Jul 29 2011 22:37:40 GMT-0400 (Eastern [...]
Deleted : user_pref("CT3052046.homepageProtectorEnableByLogin", true);
Deleted : user_pref("CT3052046.initDone", true);
Deleted : user_pref("CT3052046.isAppTrackingManagerOn", true);
Deleted : user_pref("CT3052046.isFirstRadioInstallation", false);
Deleted : user_pref("CT3052046.myStuffEnabled", true);
Deleted : user_pref("CT3052046.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT3052046.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT3052046.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT3052046.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT3052046.searchProtectorDialogDelayInSec", 10);
Deleted : user_pref("CT3052046.searchProtectorEnableByLogin", true);
Deleted : user_pref("CT3052046.testingCtid", "");
Deleted : user_pref("CT3052046.toolbarAppMetaDataLastCheckTime", "Fri Jul 29 2011 22:37:39 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT3052046.toolbarContextMenuLastCheckTime", "Fri Jul 29 2011 22:37:41 GMT-0400 (Eastern D[...]
Deleted : user_pref("CT3052046.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3052046&Search[...]
Deleted : user_pref("CommunityToolbar.ConduitSearchList", "Quixley_KMb Customized Web Search");
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1443618/1439273/US", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT3052046", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT3052046",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT3052046&octid=[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\Michael\\Applicati[...]
Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.5.1.1");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.bing.com/search?pc=ZUGO&form=[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT3052046");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT3052046");
Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT3052046");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Fri Jul 29 2011 22:40:14 GMT-0400 (Eas[...]
Deleted : user_pref("CommunityToolbar.globalUserId", "e8ede5f5-4a0e-471a-96ff-f1f7fe13e59e");
Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Fri Jul 29 2011 22:37:3[...]
Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Fri Jul 29 2011 22:37:49 GMT-040[...]
Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.locale", "en");
Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Jul 29 2011 22:37:36 GMT-0400 (E[...]
Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1305622559");
Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.notifications.userId", "54442499-dfa2-447c-941f-c134d0385a5c");
Deleted : user_pref("browser.search.defaultthis.engineName", "Quixley_KMb Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3052046&Sea[...]

Profile name : default
File : C:\Documents and Settings\Ashley\Application Data\Mozilla\Firefox\Profiles\kdvrq1i3.default\prefs.js

Deleted : user_pref("CT2452474.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2452474.CTID", "CT2452474");
Deleted : user_pref("CT2452474.Chat.Meebo.ServerLastCheckTime", "Fri May 07 2010 02:05:02 GMT-0400 (Eastern Da[...]
Deleted : user_pref("CT2452474.Chat.Meebo.ServerLastResponseTime", "Fri May 07 2010 02:05:02 GMT-0400 (Eastern[...]
Deleted : user_pref("CT2452474.Chat.Meebo.rooms.2030of7a78203f", 40);
Deleted : user_pref("CT2452474.Chat.Meebo.rooms.30plus683ec0a3", 40);
Deleted : user_pref("CT2452474.Chat.Meebo.rooms.entertainment3d98c8ee", 1);
Deleted : user_pref("CT2452474.Chat.Meebo.rooms.gamesbar1communitychat22ec8aa1", 12);
Deleted : user_pref("CT2452474.Chat.Meebo.rooms.musicpca565a36", 4);
Deleted : user_pref("CT2452474.Chat.Meebo.rooms.sports84029aeb", 1);
Deleted : user_pref("CT2452474.Chat.Meebo.rooms.technology9fc01102", 0);
Deleted : user_pref("CT2452474.Chat.Meebo.rooms.teenagers60fc8fbc", 28);
Deleted : user_pref("CT2452474.Chat.Meebo.rooms.videogames58dc7b74", 2);
Deleted : user_pref("CT2452474.Chat.ServerLastCheckTime", "Fri May 07 2010 01:15:02 GMT-0400 (Eastern Daylight[...]
Deleted : user_pref("CT2452474.CurrentServerDate", "7-5-2010");
Deleted : user_pref("CT2452474.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2452474.ExternalComponentPollDate129032022755062690", "Thu May 06 2010 16:52:05 GMT-040[...]
Deleted : user_pref("CT2452474.ExternalComponentPollDate129067376611248112", "Thu May 06 2010 16:52:05 GMT-040[...]
Deleted : user_pref("CT2452474.FirstServerDate", "14-3-2010");
Deleted : user_pref("CT2452474.FirstTime", true);
Deleted : user_pref("CT2452474.FirstTimeFF3", true);
Deleted : user_pref("CT2452474.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2452474.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2452474.Initialize", true);
Deleted : user_pref("CT2452474.InitializeCommonPrefs", true);
Deleted : user_pref("CT2452474.InstalledDate", "Sun Mar 14 2010 13:35:04 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT2452474.InvalidateCache", false);
Deleted : user_pref("CT2452474.IsGrouping", false);
Deleted : user_pref("CT2452474.IsMulticommunity", false);
Deleted : user_pref("CT2452474.IsOpenThankYouPage", true);
Deleted : user_pref("CT2452474.IsOpenUninstallPage", true);
Deleted : user_pref("CT2452474.LanguagePackLastCheckTime", "Thu May 06 2010 16:52:05 GMT-0400 (Eastern Dayligh[...]
Deleted : user_pref("CT2452474.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2452474.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2452474.LastLogin_2.5.6.0", "Thu May 06 2010 22:58:46 GMT-0400 (Eastern Daylight Time)"[...]
Deleted : user_pref("CT2452474.LatestVersion", "2.1.0.18");
Deleted : user_pref("CT2452474.Locale", "en");
Deleted : user_pref("CT2452474.LoginCache", 4);
Deleted : user_pref("CT2452474.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2452474.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2452474.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2452474.RadioIsPodcast", false);
Deleted : user_pref("CT2452474.RadioLastCheckTime", "Thu May 06 2010 16:52:06 GMT-0400 (Eastern Daylight Time)[...]
Deleted : user_pref("CT2452474.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2452474.RadioLastUpdateServer", "3");
Deleted : user_pref("CT2452474.RadioMediaID", "9962");
Deleted : user_pref("CT2452474.RadioMediaType", "Media Player");
Deleted : user_pref("CT2452474.RadioMenuSelectedID", "EBRadioMenu_CT24524749962");
Deleted : user_pref("CT2452474.RadioStationName", "California%20Rock");
Deleted : user_pref("CT2452474.RadioStationURL", "hxxp://feedlive.net/california.asx");
Deleted : user_pref("CT2452474.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2452474.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT2452474.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2452474.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT245[...]
Deleted : user_pref("CT2452474.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2452474.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2452474.SearchInNewTabLastCheckTime", "Thu May 06 2010 16:52:05 GMT-0400 (Eastern Dayli[...]
Deleted : user_pref("CT2452474.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2452474.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2452474.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2452474.SettingsLastCheckTime", "Fri May 07 2010 01:15:01 GMT-0400 (Eastern Daylight Ti[...]
Deleted : user_pref("CT2452474.SettingsLastUpdate", "1273158835");
Deleted : user_pref("CT2452474.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2452474.ThirdPartyComponentsLastCheck", "Tue Apr 27 2010 16:12:29 GMT-0400 (Eastern Day[...]
Deleted : user_pref("CT2452474.ThirdPartyComponentsLastUpdate", "1272136758");
Deleted : user_pref("CT2452474.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Deleted : user_pref("CT2452474.UserID", "UN96841838790198354");
Deleted : user_pref("CT2452474.ValidationData_Search", 0);
Deleted : user_pref("CT2452474.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2452474.WeatherNetwork", "");
Deleted : user_pref("CT2452474.WeatherPollDate", "Fri May 07 2010 01:45:03 GMT-0400 (Eastern Daylight Time)");
Deleted : user_pref("CT2452474.WeatherUnit", "F");
Deleted : user_pref("CT2452474.alertChannelId", "846288");
Deleted : user_pref("CT2452474.backendstorage.hxxp://cmg1_conduit-widgets_com/pitsi.state", "434C4F5345");
Deleted : user_pref("CT2452474.clientLogIsEnabled", true);
Deleted : user_pref("CT2452474.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT2452474.components.1000034", false);
Deleted : user_pref("CT2452474.myStuffEnabled", true);
Deleted : user_pref("CT2452474.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2452474.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&amp;SearchSour[...]
Deleted : user_pref("CT2452474.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2452474.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2452474.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://oryte.com/content/games/players/sonic.php[...]
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2452474");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2452474");
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri May 07 2010 02:15:01 GMT-0400 (Easte[...]
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Thu May 06 2010 16:52:03 GMT-0400 (Eastern D[...]
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1234796400");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "{22a095d7-6ea9-4c1f-8f01-84ac730037ed}");
Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu May 06 2010 16:52:06 GMT-0400 (Eas[...]

-\\ Google Chrome v21.0.1180.83

File : C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Deleted : "description": "The fastest way to search the web.",
Deleted : "scriptable_host": [ "hxxp://*/*", "hxxp://cap1.conduit-apps.com/Apps/jdownloader/jdC[...]
Deleted : "matches": [ "hxxp://cap1.conduit-apps.com/Apps/jdownloader/jdController.html*", "[...]
Deleted : "path": "plugins/ConduitChromeApiPlugin.dll",
Deleted : "update_url": "hxxp://autoupdate.chromewebtb.conduit-services.com/?productId=CT305204[...]
Deleted : "path": "C:\\Program Files\\Mozilla Firefox\\plugins\\npViewpoint.dll",

File : C:\Documents and Settings\Diane\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

Deleted : "description": "The fastest way to search the web.",
Deleted : "path": "C:\\Program Files\\Mozilla Firefox\\plugins\\npViewpoint.dll",

File : C:\Documents and Settings\Michael\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [30842 octets] - [30/08/2012 02:06:14]
AdwCleaner[S1].txt - [31729 octets] - [31/08/2012 01:02:54]

########## EOF - C:\AdwCleaner[S1].txt - [31858 octets] ##########

Machine definitely feels less sluggish, haven't had too much time for the long run.

[Dakeyras]

Hi.

Machine definitely feels less sluggish, haven't had too much time for the long run.

OK, carry out the below for myself please as follows...

TFC(Temp File Cleaner):

• Please download TFC to your desktop,
• Save any unsaved work. TFC will close all open application windows.
• Double-click TFC.exe to run the program.
• Click the Start button in the bottom left of TFC
• If prompted, click "Yes" to reboot.

Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It should not take longer than a couple of minutes , and may only take a few seconds. Only if needed will you be prompted to reboot.

ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

• Please go here to run the scan...
  

  Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
  All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

• Select the option YES, I accept the Terms of Use then click on:
• When prompted allow the Add-On/Active X to install.
• Make sure that the option Remove found threats is Not checked, and the option Scan archives is checked.
• Now click on Advanced Settings and select the following:

• • Scan for potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth Technology
• Now click on:
• The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
• When completed the Online Scan will begin automatically.
• Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
• When completed select Uninstall application on close if you so wish, make sure you copy the log-file first!
• Now click on:
• Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
• Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

[dimills]

Hi,
I ran TFC, then Eset, here's the Eset log:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=2b207f013597364b9be605120f9a4437
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-03 06:01:45
# local_time=2012-07-03 02:01:45 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=512 16777215 100 0 120658894 120658894 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=153654
# found=6
# cleaned=6
# scan_time=5321
C:\Documents and Settings\Michael\Application Data\Toolbar4\{338B4DFE-2E2C-4338-9E41-E176D497299E}\UninstallToolbar.exe Win32/Somoto application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Michael\My Documents\Downloads\HC2Setup.exe Win32/Somoto application (deleted - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Michael\My Documents\Downloads\SoftonicDownloader57865.exe a variant of Win32/SoftonicDownloader.A application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Michael\My Documents\Downloads\WinZip165.exe a variant of Win32/OpenInstall application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\Documents and Settings\Michael\My Documents\Downloads\ZipSoftware.exe a variant of Win32/InstallCore.X application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
C:\System Volume Information\_restore{1A4C8DBC-B04C-4011-BED2-EB93793480A5}\RP1088\A0816589.exe Win32/Somoto application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
# version=7
# iexplore.exe=8.00.6001.18702 (longhorn_ie8_rtm(wmbla).090308-0339)
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=2b207f013597364b9be605120f9a4437
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2012-09-01 03:54:28
# local_time=2012-09-01 11:54:28 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=8192 67108863 100 0 4296452 4296452 0 0
# scanned=230467
# found=4
# cleaned=0
# scan_time=6957
C:\Documents and Settings\Michael\My Documents\Downloads\Facebook Credit Generator Setup(2).zip a variant of MSIL/Agent.NSJ trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Michael\My Documents\Downloads\Facebook Credit Generator Setup(3).zip a variant of MSIL/Agent.NSJ trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Michael\My Documents\Downloads\Facebook Credit Generator Setup.zip a variant of MSIL/Agent.NSJ trojan (unable to clean) 00000000000000000000000000000000 I
C:\Documents and Settings\Michael\My Documents\Downloads\StepMania-3.9a.exe Win32/OpenCandy application (unable to clean) 00000000000000000000000000000000 I

[Dakeyras]

Hi.

After researching the results of the online scan I think it best we remove all. Reason being they may be compromised depending on the original download source, more so if the installed P2P was used to download them for example.

So if not used I strongly advise delete all as follows...

Using Windows Explorer (to get there right-click your Start button and go to Explore), please delete these files (if present):

C:\Documents and Settings\Michael\My Documents\Downloads\Facebook Credit Generator Setup(2).zip
C:\Documents and Settings\Michael\My Documents\Downloads\Facebook Credit Generator Setup(3).zip
C:\Documents and Settings\Michael\My Documents\Downloads\Facebook Credit Generator Setup.zip
C:\Documents and Settings\Michael\My Documents\Downloads\StepMania-3.9a.exe

Next click on Start >> Run and type cleanmgr in the box and press OK.

• Ensure the boxes for Temporary Files, Temporary Internet Files and Recycle Bin are checked.
• You can choose to check other boxes if you wish but they are not required.
• Click on OK then Yes.

Java Advice:

Regarding a new Java installation, I strongly advise against re-installing a updated version at present because the software as a whole has been exploited of late and your machine could end up seriously infected. Even though this exploit has been reportedly fixed there is still a vulnerability with the software.

Your choice if you wish to go ahead and reinstall but as mentioned I advise against it and for the present I do not even have anything Java related installed on my machines.

So let myself know what you wish to do about this in your next reply please.

New Adobe Reader Installation:

• Go(click) here and click on AdbeRdr1014_en_US.exe to download the latest version of Adobe Reader.
• Save this file to your desktop and run it to install the latest version of Adobe Reader.
• After the new Reader is installed, Open Adobe Reader X.
• OK the license.
• Click on Edit and select Preferences.
• On the Left, click on the Javascript category and Uncheck Enable Acrobat Javascript.
• Click on the Security (Enhanced) category and Uncheck Automatically trust sites from my Win OS security zones.
• Click on the Trust Manager category and Uncheck Allow opening of non-PDF file attachments with external applications.
• Click the OK button

Next:

Let myself know when completed the above, your decision about Java. If any further issues remaining, thank you.

[dimills]

Hi,
I'm unable to find those files present under windows explorer, should I just go on to the next steps?

[Dakeyras]

Hi.

The reason not found is they appear to be associated with a different user account on the machine to what you are currently using. So just run the below custom OTL script to remove them as follows...

• Double-click on OTL.exe to start the program.
• Copy the lines from the quote-box(do not copy the word quote) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

:Files
C:\Documents and Settings\Michael\My Documents\Downloads\Facebook Credit Generator Setup(2).zip
C:\Documents and Settings\Michael\My Documents\Downloads\Facebook Credit Generator Setup(3).zip
C:\Documents and Settings\Michael\My Documents\Downloads\Facebook Credit Generator Setup.zip
C:\Documents and Settings\Michael\My Documents\Downloads\StepMania-3.9a.exe

:Commands
[EmptyTemp]

• Return to OTL, right-click in the Custom Scans/Fixes window (under the cyan bar) and choose Paste.
• Then click the red Run Fix button.
• Let the program run unhindered.
• If OTL asks to reboot your computer, allow it to do so. The report should appear in Notepad after the reboot.

Note: The logfile can also be located C: >> _OTL >> MovedFiles >> DD/DD/DD TT/TT.txt <-- denotes date/time log created.

[dimills]

Hi,
I ran the fix in OTL, then decided not to install Java, and then installed the Adobe Reader. Computer is definitely running better, but I still have the problem of the computer freezing when I watch videos on YouTube. I just updated my video drivers, but it didn't help, the computer is still freezing. Anything else it could be?

[Dakeyras]

Hi.

I still have the problem of the computer freezing when I watch videos on YouTube. I just updated my video drivers, but it didn't help,

Feasible there may be a problem with the installed Flash Player, so uninstall the following:-

Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin

Then download install a new version from here

Note: deselect the option:- Yes, install Chrome as my default browser and Google Toolbar for Internet Explorer – optional <-- You appear to have both installed already. If you actually do not use either might as well uninstall them as-well.

This YouTube support page may be of assistance also.

Still a problem and it is occurring with YouTube when using Internet Explorer for example. Download and run this Microsoft FixIt.

Note: Any add-ons will require to be reapplied after the above reset/running the Microsoft FixIt .

Finally if still issues afterwards my best advice would be to create a new topic in the Applications part of the forum. Reason being primarily I only provide Anti-Malware support...

Next:

Congratulations your computer appears to be malware free!

Now I have some tasks for your good self to carry out as part of a clean up process and some advice about online safety.

Importance of Regular System Maintenance:

I advice you read both of the below listed topics as this will go a long way to keeping your Computer performing well.

Help! My computer is slow!

Also so is this:

What to do if your Computer is running slowly

Reset SR Points/Clean up with OTL:

• Double-click OTL to start the program.
• Copy the lines from the codebox to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):

:Commands
[ClearAllRestorePoints]

• Return to OTL, right-click in the Custom Scans/Fixes window (under the cyan bar) and choose Paste.
• Then click the red Run Fix button.
• Let the program run unhindered. When finished click on OK and close the log that appears.
• Note: I do not need to review the log produced.
• Now close all other programs apart from OTL as this step will require a reboot.
• On the OTL main screen, depress the CleanUp button.
• Say Yes to the prompt and then allow the program to reboot your computer.

The above process should flush the system restore points/set a new clean one and clean up and remove the vast majority of scanners used and logs created etc.

Any left over merely delete yourself and empty the Recycle Bin.

Now some advice for on-line safety:

Malwarebyte's Anti-Malware:

This is a excellent application and I advise you keep this installed. Check for updates and run a scan at least once per week.

Other installed security software:

Your presently installed security application, avast! Free Antivirus automatically checks for updates and downloads/installs them with every system reboot and or periodically if the machine is left running providing a internet connection is active.

I advise you also run a complete scan with this also at least once per week.

Erunt:

Emergency Recovery Utility NT, I advice you keep this installed as a means to keep a complete backup of your registry and restore it when needed.

Myself I would actually create a new back up once per week as this along with System Restore may prove to be invaluable if something unforeseen occurs!

Keep your system updated:

Microsoft releases patches for Windows and other products regularly:

I do advise visiting Windows Update periodically as Microsoft releases patches for Windows and other products regularly.

Plus check Automatic Updates is enabled.

Update Mozilla Firefox:

The latest version is 15.0

To update, launch the browser >> Help >> About Firefox >> follow the prompts.

Be careful when opening attachments and downloading files:

Never open email attachments, not even if they are from someone you know. If you need to open them, scan them with your antivirus program before opening.
Never open emails from unknown senders.
Beware of emails that warn about viruses that are spreading, especially those from antivirus vendors. These email addresses can be easily spoofed. Check the antivirus vendor websites to be sure.
Be careful of what you download. Only download files from known sources. Also, avoid cracked programs. If you need a particular program that costs too much for you, try finding free alternatives on Sourceforge or Pricelessware.

Stop malicious scripts:

Windows by default allow scripts (which is VBScript and JavaScript) to run and some of these scripts are malicious. Use Noscript by Symantec or Script Defender by AnalogX to handle these scripts.

Avoid Peer to Peer software:

P2P may be a great way to get lots of seemingly freeware, but it is a great way to get infected as well. There's no way to tell if the file being shared is infected. Worse still, some worms spread via P2P networks, infecting you as well. My advice is avoid these types of software applications.

Hosts File:

A Hosts file is like a phone book. You look up someone's name in the phone book before calling him/her. Similarly, your computer will look up the website's IP address before you can view the website.

Hosts file will replace your current Hosts file with another one containing well-known advertisement sites, spyware sites and other bad sites. This new Hosts file will protect you by re-directing these bad sites to 127.0.0.1.

Here are some Hosts files:

• MVPS Hosts File
• hpHosts

Only use one of the above!

Consider Installing WinPatrol:

WinPatrol alerts you about possible system hijacks, malware attacks and critical changes made to your computer without your permission.

Download it from here.

You can find information about how WinPatrol works here.

Next:

This is a very helpful/useful set of advice from Microsoft: Microsoft Safety & Security Center

Any questions? Feel free to ask, if not stay safe!

[Dakeyras]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.