Windows 7: win32/Small.CA virus

Will do, it will have to wait until tomorrow...at work until mid-night. Do I just attach it here?

If the file is not too long, you can just pot it.

If not, attach is fine.

Here is the text file:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.6.9 (03.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Asus on Mon 03/11/2013 at 10:41:35.77
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\urlsearchhooks\\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_local_machine\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\smartbar
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\toolbar
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT2260173
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\Users\Asus\AppData\Roaming\searchprotect"
Successfully deleted: [Folder] "C:\Users\Asus\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Asus\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Asus\appdata\locallow\swag_bucks"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Failed to delete: [Folder] "C:\Program Files (x86)\searchprotect"
Successfully deleted: [Folder] "C:\Program Files (x86)\swag_bucks"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\95rsgyio.default\smartbar
Failed to delete: [Folder] C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\95rsgyio.default\extensions\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}
Successfully deleted the following from C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\95rsgyio.default\prefs.js

user_pref("CT2260173.1000082.isPlayDisplay", "true");
user_pref("CT2260173.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock - Rock\",\"url\":\"hxxp://www.feedlive.net/california.
user_pref("CT2260173.1000234.TWC_TMP_city", "STOCKBRIDGE");
user_pref("CT2260173.1000234.TWC_TMP_country", "US");
user_pref("CT2260173.1000234.TWC_country", "UNITED STATES");
user_pref("CT2260173.1000234.TWC_locId", "USGA0538");
user_pref("CT2260173.1000234.TWC_location", "Stockbridge, GA");
user_pref("CT2260173.1000234.TWC_region", "US");
user_pref("CT2260173.1000234.TWC_temp_dis", "f");
user_pref("CT2260173.1000234.TWC_wind_dis", "mph");
user_pref("CT2260173.1000234.weatherData", "{\"icon\":\"26.png\",\"temperature\":\"56°F\",\"temperatureClear\":\"56°F\",\"highTemperature\":\"6 4°F\",\"lowTemperature\":\"39
user_pref("CT2260173.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2260173.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2260173.FF19Solved", "true");
user_pref("CT2260173.FirstTime", "true");
user_pref("CT2260173.FirstTimeFF3", "true");
user_pref("CT2260173.UserID", "UN42062467072460616");
user_pref("CT2260173.addressBarTakeOverEnabledInHidden", "true");
user_pref("CT2260173.addressUrlXPETakeover", "true");
user_pref("CT2260173.autoDisableScopes", -1);
user_pref("CT2260173.defaultSearch", "false");
user_pref("CT2260173.embeddedsData", "[{\"appId\":\"128848965243869715\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\" :true,\"getMainFrameUrl\":true,\"get
user_pref("CT2260173.enableAlerts", "always");
user_pref("CT2260173.enableFix404ByUser", "FALSE");
user_pref("CT2260173.enableSearchFromAddressBar", "true");
user_pref("CT2260173.firstTimeDialogOpened", "true");
user_pref("CT2260173.fixPageNotFoundError", "true");
user_pref("CT2260173.fixPageNotFoundErrorByUser", "true");
user_pref("CT2260173.fixPageNotFoundErrorInHidden", "true");
user_pref("CT2260173.fixUrls", true);
user_pref("CT2260173.installDate", "6/3/2013 9:05:56");
user_pref("CT2260173.installId", "dm");
user_pref("CT2260173.installType", "conduitnsisintegration");
user_pref("CT2260173.isCheckedStartAsHidden", true);
user_pref("CT2260173.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2260173.isFirstTimeToolbarLoading", "false");
user_pref("CT2260173.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT2260173.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT2260173.keyword", "true");
user_pref("CT2260173.lastVersion", "10.14.65.43");
user_pref("CT2260173.mam_gk_installer_preapproved.enc", "dHJ1ZQ==");
user_pref("CT2260173.migrateAppsAndComponents", true);
user_pref("CT2260173.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fus-mg6.mail.yahoo.com%2Fneo%2Flaunch%3F.rand%3D5csapj8ojjckr\",\"EB
user_pref("CT2260173.openThankYouPage", "true");
user_pref("CT2260173.openUninstallPage", "true");
user_pref("CT2260173.revertSettingsEnabled", "false");
user_pref("CT2260173.search.searchAppId", "128848965243869715");
user_pref("CT2260173.search.searchCount", "2");
user_pref("CT2260173.searchInNewTabEnabledByUser", "false");
user_pref("CT2260173.searchInNewTabEnabledInHidden", "true");
user_pref("CT2260173.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2260173.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT2260173.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
user_pref("CT2260173.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2260173\"}");
user_pref("CT2260173.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://SwagBucks.OurToolbar.com//xpi\"}");
user_pref("CT2260173.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Swag Bucks\"}");
user_pref("CT2260173.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2260173.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1362578782894");
user_pref("CT2260173.serviceLayer_services_appsMetadata_lastUpdate", "1362970498713");
user_pref("CT2260173.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1362578781742");
user_pref("CT2260173.serviceLayer_services_location_lastUpdate", "1362943903760");
user_pref("CT2260173.serviceLayer_services_login_10.14.65.43_lastUpdate", "1363005465871");
user_pref("CT2260173.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1362578781703");
user_pref("CT2260173.serviceLayer_services_searchAPI_lastUpdate", "1362943903884");
user_pref("CT2260173.serviceLayer_services_serviceMap_lastUpdate", "1362943903663");
user_pref("CT2260173.serviceLayer_services_setupAPI_lastUpdate", "1362943903908");
user_pref("CT2260173.serviceLayer_services_toolbarContextMenu_lastUpdate", "1362578781639");
user_pref("CT2260173.serviceLayer_services_toolbarSettings_lastUpdate", "1363005467629");
user_pref("CT2260173.serviceLayer_services_translation_lastUpdate", "1362943904403");
user_pref("CT2260173.settingsINI", true);
user_pref("CT2260173.shouldFirstTimeDialog", "false");
user_pref("CT2260173.smartbar.CTID", "CT2260173");
user_pref("CT2260173.smartbar.Uninstall", "0");
user_pref("CT2260173.smartbar.toolbarName", "Swag Bucks ");
user_pref("CT2260173.startPage", "false");
user_pref("CT2260173.toolbarBornServerTime", "6-3-2013");
user_pref("CT2260173.toolbarCurrentServerTime", "11-3-2013");
user_pref("CT2260173_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1363011081312,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=2&CUI=UN42062467072460616&UM=UM_ID&q=");
user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=2&CUI=UN42062467072460616&UM=UM_ID&q=");
user_pref("smartbar.originalSearchAddressUrl", "");
Emptied folder: C:\Users\Asus\AppData\Roaming\mozilla\firefox\profiles\95rsgyio.default\minidumps [7 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 03/11/2013 at 11:02:18.16
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

radman3d,

MyWebSearch, to my understanding is powered by Conduit, which shows on the report.

It also comes bundled with other stuff.

When you download programs, keep an eye on the fine print, or on an occassional item that is checked...
It might be a Gotcha!!

I saw conduit on the report. Not sure where it came from. I try to catch all those that are checked and uncheck them. One may have slipped by. I will have to be more vigilant for now on. Thanks for the help, cottonball.

Glad to help!

Good luck, radman3d!!