identifying/removing traffic.outbrain.com in browser/computor

[1oldman]

hi ken, here is the log. getting rid of popcap was no loss thanks for the advice. i also came across a program named XM asia pacific ltd. and another named K-NFB reading tech.that i dont recall downloading i dumped them also figuring if they were needed they would reinstall at the time needed. what is your opinion of wild tangent i know it is a game client for HP but i have heard rumors it may have security issues also. couldn't help noticing the thread just posted about traffic outbrain on this site, i am curious what this is and will watch closely in the future to see if it pops up again, seems to me what you have done has resolved that issue and then some' can't tell you how much i value the advice.

[ken545]

Your fix log wont open, its best just to copy and paste the logs we ask for directly into the this thread.

Willd Tangent is in the same category as PopCap so getting rid of it would be a good move

Not seeing anything in your logs for traffic out brain , why dont your run a new scan with Spybot and let me see where its located

[1oldman]

All processes killed
Error: Unable to interpret <Code:> in the current context!
========== OTL ==========
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}\ not found.
Registry key HKEY_USERS\S-1-5-21-1052855104-1268557068-1444297151-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}\ not found.
C:\Windows\SysNative\drivers\etc\hosts.20140223-224811.backup moved successfully.
C:\Windows\SysNative\drivers\etc\hosts.20140203-095421.backup moved successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
< ipconfig /flushdns /c >
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
C:\Users\momco\Downloads\cmd.bat deleted successfully.
C:\Users\momco\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYJAVA]

User: All Users

User: Default

User: Default User

User: dub_cm_auto

User: momco
->Java cache emptied: 297828 bytes

User: Public

User: the other account
->Java cache emptied: 990106 bytes

Total Java Files Cleaned = 1.00 mb


[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 56466 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: dub_cm_auto

User: momco
->Temp folder emptied: 272054185 bytes
->Temporary Internet Files folder emptied: 49587707 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 38894873 bytes
->Google Chrome cache emptied: 353120797 bytes
->Flash cache emptied: 57838 bytes

User: Public

User: the other account
->Temp folder emptied: 84305329 bytes
->Temporary Internet Files folder emptied: 199963150 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 394162595 bytes
->Google Chrome cache emptied: 397859324 bytes
->Flash cache emptied: 62400 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 43307610 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33298 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1,749.00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 06112014_132518

Files\Folders moved on Reboot...
C:\Users\momco\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\momco\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully.
File move failed. C:\Windows\temp\Low\SkypeClickToCall\Logs\AutoUpdateSvc.log scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
hello ken, i hope this is the what you need to see. i got in the habit of saving everything to documents and i guess that caused an issue with being able to open the folder i sent earlier. the info i have posted was found in OTL's files on the c drive. sometimes i feel like this years poster child for the digitally handicapped. but by reading instructions and a little common sense i manage to make it work. anyway to keep things in order i will put the spy-bot scans in another post.

[ken545]

When you copy and paste the fix into OTL, :OTL <-- has to be in the included in the fix as the first entry or sometimes the fix wont work, but it looked like it did

Don't worry about making mistakes, when your new to running all these different scanners and saving logs most times it can be confusing. Lets see what Spybot comes up with

[1oldman]

hello again ken, i have a habit of watching the addresses flash by in the lower left corner of my browser as i'm loading a site, so after thinking about it i remembered seeing traffic outbrain as a site was loading. since i only use this machine for browsing news, email and playing diablo 3 on battlenet it wasnt too hard to find traff. outbrain on the BBC news site and possibly telegraph i'm beginning to suspect its just another info-mining outfit. so in keeping with that line of thought i ran two scans the first (-0811) was run after first starting up today, the second scan (0853) was run right after the first but after visiting CNN BBC and the telegraph news sites. let me know if there is a problem with the attachments, i know i can copy and paste them but zipping and attaching files is something new to me and i'm kind of using this as practice so in the future i can at least pretend to know what i'm doing. thanks again

[ken545]

I dont see anything related to traffic.outbrain

You will need the 64bit version of this program

Download and Run SystemLook

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2
64 Bit Version

• Double-click SystemLook.exe to run it.
• Copy the content of the following codebox into the main textfield:
  
  Code:

  :folderfind
  Traffic.outbrain
  :filefind
  Traffic.outbrain
  :regfind
  Traffic.outbrain

• Click the Look button to start the scan.
• When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.

Note: The log can also be found on your Desktop entitled SystemLook.txt

[1oldman]

SystemLook 30.07.11 by jpshortstuff
Log created at 12:09 on 12/06/2014 by momco
Administrator - Elevation successful

========== folderfind ==========

Searching for "Traffic.outbrain"
No folders found.

========== filefind ==========

Searching for "Traffic.outbrain"
No files found.

========== regfind ==========

Searching for "Traffic.outbrain"
No data found.

-= EOF =-

hello again, well it looks like nothing is on my machine, if i have windows do a search all i find is crosstown traffic by by jimmy h, i think i'll keep that file. at any rate this has been an education for me and i finally got rid of the rest of my search dial and pop cap/tangent. can't tell you how much i value good advice. wouldn't mind starting a new thread in the future on cleaning up my laptop, thats the one my wife and grandkids are on all the time, its bound to be a mess. please let me know what your thoughts are on traffic outbrain, the only place i saw it was a couple times on the browser history but it made me wonder why my browser was going there. thanks again.

[ken545]

Let me know how this went

Internet Explorer

• Open Internet Explorer
• Click on Tools up on the top right
• Click on Manage Add Ons
• Click on Search Providers
• Highlite Traffic.outbrain and select Delete

Firefox

• Open Firefox
• Up on the Top Right in the Search Box , click on the down arrow and select Manage Search Engines
• Highlite Traffic.outbrain and select Delete

Chrome

• Open Chrome
• Click the Chrome menu on the browser toolbar.
• Click on Settings
• Then Manage Search Engines
• Highlite Traffic.outbrain and select Delete

[1oldman]

hi again, none of the browsers showed traffic outbrain but i did manage to dump various search providers i will never use. im thinking if traf. out. was ever installed one of the scans must have taken care of it. one thing i would like to ask about is my uninstall of wild tangent seemed to go according to plan and i cant find any trace of it except in my games folder it still offers a lot of wild tangent games do you think these are just links to wild t. and they are not on the computer untill i try and open one?

[ken545]

Found these on your OTL extras log

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App for HP

I dont think I would worry about it, just stay away from using it