AdwCleaner v2.100 - Logfile created 12/13/2012 at 14:40:37
Updated 09/12/2012 by Xplode
Operating system : Windows 7 Ultimate (32 bits)
User : Admin - JAZZYDYTES
Boot Mode : Normal
Running from : C:\Users\Admin\Downloads\Programs\adwcleaner.exe
Option [Delete]
***** [Services] *****
***** [Files / Folders] *****
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\DVDVideoSoftTB
Folder Deleted : C:\Users\Admin\AppData\Local\Conduit
Folder Deleted : C:\Users\Admin\AppData\Local\Temp\CT2269050
Folder Deleted : C:\Users\Admin\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Admin\AppData\LocalLow\DVDVideoSoftTB
Folder Deleted : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hjs91m86.default\extensions{872b5b88-9db5-4310-bdd0-ac189557e5f5}
Folder Deleted : C:\Users\Admin\AppData\Roaming\OpenCandy
***** [Registry] *****
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Key Deleted : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\Default Tab
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Classes\CLSID{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Default Tab
Key Deleted : HKLM\Software\DVDVideoSoftTB
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{4B2B5427-3C57-491F-8C45-5A0520557F7C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{5B736C46-8390-497A-9B61-31B5C8C96D1B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IM
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
***** [Internet Browsers] *****
-\ Internet Explorer v8.0.7600.16385
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.conduit.com?SearchSource=10&ctid=CT2269050 → hxxp://www.google.com
-\ Mozilla Firefox v14.0.1 (en-US)
Profile name : default
File : C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hjs91m86.default\prefs.js
Deleted : user_pref(“CT2269050.autoDisableScopes”, -1);
-\ Google Chrome v23.0.1271.95
File : C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] File is clean.
AdwCleaner[S1].txt - [3553 octets] - [13/12/2012 14:40:37]
########## EOF - C:\AdwCleaner[S1].txt - [3613 octets] ##########
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org
Database version: v2012.12.13.02
Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Admin :: JAZZYDYTES [administrator]
12/13/2012 2:49:31 PM
mbam-log-2012-12-13 (14-49-31).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 192690
Time elapsed: 2 minute(s), 43 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-12-13 14:53:27
14:53:27.536 OS Version: Windows 6.1.7600
14:53:27.536 Number of processors: 4 586 0x3A09
14:53:27.536 ComputerName: JAZZYDYTES UserName: Admin
14:53:32.615 Initialize success
14:53:32.911 AVAST engine defs: 12121300
14:54:19.816 Disk 0 (boot) \Device\Harddisk0\DR0 → \Device\Ide\IAAStorageDevice-0
14:54:19.816 Disk 0 Vendor: ST350041 JC4B Size: 476940MB BusType: 3
14:54:19.832 Disk 0 MBR read successfully
14:54:19.832 Disk 0 MBR scan
14:54:19.832 Disk 0 Windows 7 default MBR code
14:54:19.847 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 2048
14:54:19.863 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 100900 MB offset 206848
14:54:19.878 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 375938 MB offset 206850048
14:54:19.894 Disk 0 scanning sectors +976771072
14:54:19.972 Disk 0 scanning C:\Windows\system32\drivers
14:54:25.822 Service scanning
14:54:36.203 Modules scanning
14:54:38.683 Disk 0 trace - called modules:
14:54:38.699 ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys halmacpi.dll iaStor.sys
14:54:38.699 1 nt!IofCallDriver → \Device\Harddisk0\DR0[0x86649460]
14:54:38.699 3 CLASSPNP.SYS[8c58d59e] → nt!IofCallDriver → [0x85d6c958]
14:54:38.699 5 ACPI.sys[8428a3b2] → nt!IofCallDriver → \Device\Ide\IAAStorageDevice-0[0x85cc6028]
14:54:41.210 AVAST engine scan C:\Windows
14:54:41.756 File: C:\Windows\explorer.exe INFECTED Win32:Explor-DU [Trj]
14:54:42.006 File: C:\Windows\explorer_backup_w7sbc.exe INFECTED Win32:Explor-DU [Trj]
14:54:42.287 File: C:\Windows\explorer_edit_w7sbc.exe INFECTED Win32:Explor-DU [Trj]
14:54:47.325 AVAST engine scan C:\Windows\system32
14:55:53.122 AVAST engine scan C:\Windows\system32\drivers
14:55:59.128 AVAST engine scan C:\Users\Admin
14:57:08.790 AVAST engine scan C:\ProgramData
14:57:33.344 Scan finished successfully
14:57:53.711 Disk 0 MBR has been saved successfully to “C:\Users\Admin\Documents\MBR.dat”
14:57:53.727 The log file has been saved successfully to “C:\Users\Admin\Documents\aswMBR.txt”
OTL text file is attached ~