I ran all the logs. They are attached. Please help me.
Hi,
Let me look these over and I will return as quickly as possible. 
Ok thanks
Hi,
Please download and run ERUNT (Emergency Recovery Utility NT). This program allows you to keep a complete backup of your registry and restore it when needed. The standard registry backup options that come with Windows back up most of the registry but not all of it. ERUNT however creates a complete backup set, including the Security hive and user related sections. ERUNT is easy to use and since it creates a full backup, there are no options or choices other than to select the location of the backup files. The backup set includes a small executable that will launch the registry restore if needed. **Remember if you are using Windows Vista as your operating system right-click the executable and Run as Administrator.
If you are running Malwarebytes 1.6 or better, please disable it for the duration of this run.
To disable Malwarebytes
[*]Open the scanner and select the Protection tab
[*]Remove the tick from “Start Protection Module with Windows” as seen below
http://i1224.photobucket.com/albums/ee380/jeffce74/MBAM16orgreater.jpg
Once complete continue with the instructions…
Run OTL.exe
[*]Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
:Services
:Files
C:\Windows\Installer\{43d7f592-dd49-15e2-1cb1-772ee817dcbf}\U\
C:\Windows\Installer\{43d7f592-dd49-15e2-1cb1-772ee817dcbf}\L\
C:\Windows\Installer\{43d7f592-dd49-15e2-1cb1-772ee817dcbf}\@\
C:\Users\CAsaNova KiNG\AppData\Local\{43d7f592-dd49-15e2-1cb1-772ee817dcbf}\@\
:Commands
[emptytemp]
[start explorer]
[Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot when it is done
[*]Then run a new scan and post a new OTL log ( don’t check the boxes beside LOP Check or Purity this time )
Download Combofix from the link below, and save it to your desktop.
Link
Note: It is important that it is saved directly to your desktop
If you get a message saying “Illegal operation attempted on a registry key that has been marked for deletion”, please restart your computer.
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
Right-Click and Run as Administrator on ComboFix.exe & follow the prompts.
When finished, it will produce a report for you.
[*]Please post the C:\ComboFix.txt for further review.
In your next reply please attach the logs made by OTL and ComboFix.
Thanks here are the logs
Hi,
[*]Please open Notepad (Start → Run → type notepad in the Open field → OK) and copy and paste the text present inside the code box below:
ClearJavaCache::
Folder::
c:\users\CAsaNova KiNG\AppData\Roaming\GetRightToGo
c:\users\CAsaNova KiNG\AppData\Roaming\OpenCandy
c:\program files (x86)\Conduit
c:\users\CAsaNova KiNG\AppData\Local\Conduit
RegLock::
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
[*]Save this as CFScript.txt and change the “Save as type” to “All Files” and place it on your desktop.
http://img.photobucket.com/albums/v706/ried7/CFScriptB-4.gif
[*]Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before following the steps below. They can interfere with ComboFix or remove some of its embedded files which may cause “unpredictable results”.
[*]Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
[*]ComboFix will now run a scan on your system. It may reboot your system when it finishes. This is normal.
[*]When finished, it shall produce a log for you. Copy and paste the contents of the log in your next reply.
CAUTION: Do not mouse-click ComboFix’s window while it is running. That may cause it to stall.
I appreciate all your help. Here is that log.
Hi,
I see that you had Norton Internet Security on your system at one time? Please go to Control Panel >> Programs and Feature and uninstall that.
Malwarebytes
I see that you have Malwarebytes already on your computer. Please open Malwarebytes, update it and then run a Quick Scan. Save the log that is created for your next reply.
Please run a free online scan with the ESET Online Scanner
[i]Note: You will need to use Internet Explorer for this scan[/i]
[*]Tick the box next to YES, I accept the Terms of Use
[*]Click Start
[*]When asked, allow the ActiveX control to install
[*]Click Start
[*]Make sure that the options Remove found threats is NOT selected and the option Scan unwanted applications is selected.
[*]Click Scan (This scan can take several hours, so please be patient)
[*]If there are threats that are found, please press List of found threats and then in the next window that opens press Export to text file…
[*]Copy and paste/or attach that log as a reply to this topic
Note If not threats are found there will not be a log created.
In your next reply please attach the logs made by Malwarebytes and ESET online scanner.
Hi
Not sure why you see norton I deleted it a while ago. Will this virus ever be gone? It seems like its taking forever, but here are the logs.
Hi,
Things are looking good. How is your system running?
Kind of slow. Not alot but noticeable.
Hi,
Ok please run a Quick Scan with OTL and attach the new log.
Ok.
Hi,
Let’s remove Norton completely. Please download and run the tool found here >> ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe Once you run the tool, reboot your system.
Run OTL.exe
[*]Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
:Services
:OTL
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}: "URL" = http://search.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[2011/09/29 06:01:03 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
[2011/09/29 14:57:19 | 000,003,584 | ---- | C] () -- C:\Users\CAsaNova KiNG\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
:Files
ipconfig /flushdns /c
:Commands
[purity]
[resethosts]
[emptytemp]
[start explorer]
[Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot when it is done
[*]Then run a new scan and post a new OTL log ( don’t check the boxes beside LOP Check or Purity this time )
Thanks sorry for the delay here is the log.
Hi,
Ok…how is the system running?
seems to be ok just hoping the virus is gone.
Seems like the virus has been neutralized.
Download Security Check by screen317 from here or here.
[*]Save it to your Desktop.[*]Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.[*]A Notepad document should open automatically called checkup.txt [*]Please post the contents of that document.
My Avast expired is there any other freeware you would recomend? Heres the log.
Hi,
I would stay with Avast myself. I see that you are showing still that there is Norton on your system. Are you using that?
I see that your Java software is out of date. Please go to Start >> Control Panel >> Programs and Features >> delete all versions of Java.
Now download and install the newest version from here >> http://java.com/en/download/index.jsp
When you are finished let me know about Norton and if you had any problems updating Java.