another HiJackThis Log

S

sarus86

New Member
ok so this time its not on my computers, but on a computer that use to be my gf's familys but now they gave it to her grandparents. Her grandfather decided he wanted the internet so i got to go over and hook it up for him, and since i knew everything was out of date i had to update everything and run scans and the whole 9 yards. To come down to things, im not on the computer right now, but i ran a HiJackThis log before i left and i saved the log so i could post it. im just guessing its going to have a virus because malwarebytes had found 281 infected objects and removed them, but i have yet to have a chance to put virus software on it, that will be for tomorrows job. but ok so this is my HiJackThis Log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:30:22 PM, on 1/30/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\TimeSink\AdGateway\TSAdBot.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Common Files\AOL\1127269757\ee\AOLSoftware.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Jillian.ANDERSON\Application Data\U3\00001673A6729D78\LaunchPad.exe
H:\for viruses\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TimeSink Ad Client] "C:\Program Files\TimeSink\AdGateway\TSAdBot.exe"
O4 - HKLM\..\Run: [SemanticInsight] C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1127269757\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1264819054594
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 4506 bytes


Hows it look?
 
o and just so you know, what i have done so far, is all the windows updates that poped up, which was everything from service pack 2 to service pack 3, then i also uninstalled a bunch of stupid games, and then i cant uninstall some other ones it wont let me, then i ran a ccleaner, a quick scan defraggler, a malwarebytes scan and if needed i have a saved log of the programs listed in add remove program, but i figured id start of with the HiJackThis log first
 
Rerun hijackthis and place a check next to these entries.

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [TimeSink Ad Client] "C:\Program Files\TimeSink\AdGateway\TSAdBot.exe"
O4 - HKLM\..\Run: [SemanticInsight] C:\Program Files\RXToolBar\Semantic Insight\SemanticInsight.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file)

Then click on fix checked at the bottom.

I would need to see the list of programs that are installed. You have a few that needs to be uninstalled. And I really recommend if Aol won't be used to uninstall that as well.

Can you post the malwarebytes log please, I would like to see what it found and what version you have. As it should have removed more adware items according to your hijackthis log.
 
thank you for your help as always, i had a question do you think those first three 04 ones you listed are viruses? from what i read i believe they are, so i was just curious. Secondly i do not have the malwarebytes log with me right now its on the computer that is infected but i am not were that computer is located but i can post it tomorrow most likely. Lastly i have tried to uninstall the aol stuff but to no real luck, i did some reading about how to uninstall it tonight so i was going to try that tomorrow unless you have any better suggestions on how to remove it. and this is my list of programs please let me know what you think. thank you again

Adobe Acrobat 5.0 Adobe Systems, Inc. 5.0
Adobe Reader 6.0 Adobe Systems Incorporated 6.0
Ahead Nero Burning ROM
AOL Coach Version 2.0(Build:20041026.5 en)
AOL Uninstaller (Choose which Products to Remove)
Apple Software Update Apple Computer, Inc. 1.0.2.1
ArcSoft PhotoImpression 4
CCleaner Piriform 2.28
Defraggler Piriform
DSC3000 Drivers 4.36.0.0_F312-DC-M002
DSC3000(Documents)
Google Desktop Search Google -
Harry Potter
J2SE Runtime Environment 5.0 Update 3 Sun Microsystems, Inc. 1.5.0.30
Java(TM) 6 Update 17 Sun Microsystems, Inc. 6.0.170
LiveReg (Symantec Corporation) Symantec Corporation 3.0.0
LiveUpdate 3.0 (Symantec Corporation) Symantec Corporation 3.0.0.160
Malwarebytes' Anti-Malware Malwarebytes Corporation
Microsoft Office 2000 Small Business Microsoft Corporation 9.00.2720
Norton AntiVirus 2005 (Symantec Corporation) Symantec Corporation 11.0.1
Pure Networks Port Magic Pure Networks 1.2.1393.0
QuickTime Apple Computer, Inc. 7.1.3.170
RealPlayer Basic
Ulead Photo Explorer 8.0 SE Basic Ulead Systems, Inc. 8.0
Viewpoint Media Player
Windows Genuine Advantage Validation Tool (KB892130) Microsoft Corporation
Windows Internet Explorer 8 Microsoft Corporation 20090308.140743
Windows XP Service Pack 3 Microsoft Corporation 20080414.031525
 
and i actually believe that since i saved that list of programs that i uninstalled the norton because it was expired, but i should be able to get you a fresh list tomorrow, but from that list what do you think can be uninstalled and is unneccasry?
 
The second and third 04 entries are adware, which malwarebytes should have removed. You might want to try running superantispyware, sometimes it catches things malwarebytes misses.

http://download.cnet.com/SuperAntiSpyware-Free-Edition/3000-8022_4-10523889.html

Please uninstall these entries from add/remove programs.

Adobe Acrobat 5.0 Adobe Systems, Inc. 5.0
Adobe Reader 6.0 Adobe Systems Incorporated 6.0
J2SE Runtime Environment 5.0 Update 3 Sun Microsystems, Inc. 1.5.0.30
Java(TM) 6 Update 17 Sun Microsystems, Inc. 6.0.170
LiveReg (Symantec Corporation) Symantec Corporation 3.0.0
LiveUpdate 3.0 (Symantec Corporation) Symantec Corporation 3.0.0.160
Viewpoint Media Player

Then go here to download the latest adobe reader and Java

http://get.adobe.com/reader/?promoid=BUIGO

Just make sure you uncheck the mcafee security scan before downloading.

http://www.java.com/en/download/index.jsp
 
ok so to start i went and worked on that computer more on sunday, so i have a fresh HiJackThis log and i also have the logs for avira, malwarebytes and SuperAntispyware. So to start off here is the new HiJackThis log, how does it look??

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:57:57 PM, on 1/31/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Documents and Settings\Jillian.ANDERSON\Application Data\U3\00001673A6729D78\LaunchPad.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
H:\for viruses\HijackThis\HijackThis.exe
C:\Program Files\Avira\AntiVir Desktop\avwsc.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1264819054594
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

--
End of file - 3205 bytes
 
next this was the malwarebytes log (seperated into 2 posts it was too long)

Malwarebytes' Anti-Malware 1.44
Database version: 3664
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

1/30/2010 5:04:05 PM
mbam-log-2010-01-30 (17-04-04).txt

Scan type: Quick Scan
Objects scanned: 172379
Time elapsed: 19 minute(s), 0 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 163
Registry Values Infected: 8
Registry Data Items Infected: 0
Folders Infected: 19
Files Infected: 91

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\funwebproducts.browseroverlaybarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{98635087-3f5d-418f-990c-b1efe0797a3b} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{38a7c9da-8db7-4d0f-a7b1-c4b1a305bddb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{8d292ec0-6792-4a38-82ed-73a087e41ba6} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{a6573479-9075-4a65-98a6-19fd29cf7374} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d778513b-1c40-4819-b0c5-49e40b39afd0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlaybarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlayembed (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.browseroverlayembed.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8e6f1832-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{621feacd-8857-43a6-ae26-451d670d5370} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2763e333-b168-41a0-a112-d35f96f410c0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{2eff3cf7-99c1-4c29-bc2b-68e057e22340} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.shellviewcontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2b96d5cc-c5b5-49a5-a69d-cc0a30f9028c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea3-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWebSearch) -> Quarantined and deleted successfully
 
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\rxresult.rxresultfilter (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\rxresult.rxresultfilter.1 (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{2ab289ae-4b90-4281-b2ae-1f4bb034b647} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MIME\Database\Content Type\application/x-f3embed (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59879fa4-4790-461c-a1cc-4ec4de4ca483} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{59879fa4-4790-461c-a1cc-4ec4de4ca483} (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3popularscreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\my web search bar search scope monitor (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\PopSwatr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\PopSwatr\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\Avatar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\F3BROVLY.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SHLLVW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll (Adware.Minibug) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\PopSwatr\History\allowed (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\PopSwatr\History\notallow (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images\00325A9B.urr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\AvatarSmallBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\FunBuddyIconBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MailStampBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MyStationeryBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0030FF81 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00311306 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00311F6D.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00317627.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00318CCD.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0031D4EF.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0031F3D7.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00320264.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00321390.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0032373E.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00323D44 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00E152BF.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00E1587F.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00E16482.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\019FAD8F.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\019FC0A6.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\019FE4B8.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\019FF1BE.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History\search2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\setting2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\settings.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f3PSSavr.scr (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\smdat32a.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
 
then this is the SUPERantispyware log

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/31/2010 at 03:14 PM

Application Version : 4.33.1000

Core Rules Database Version : 4541
Trace Rules Database Version: 2353

Scan type : Quick Scan
Total Scan Time : 00:32:58

Memory items scanned : 385
Memory threats detected : 1
Registry items scanned : 346
Registry threats detected : 4
File items scanned : 8615
File threats detected : 153

TimeSink (TSAdBot)
C:\PROGRAM FILES\TIMESINK\ADGATEWAY\TSADBOT.EXE
C:\PROGRAM FILES\TIMESINK\ADGATEWAY\TSADBOT.EXE
[TimeSink Ad Client] C:\PROGRAM FILES\TIMESINK\ADGATEWAY\TSADBOT.EXE
D:\PROGRAM FILES\TIMESINK\ADGATEWAY\TSADBOT.EXE
C:\WINDOWS\Prefetch\TSADBOT.EXE-2E69DB52.pf

Adware.RX Toolbar
HKU\S-1-5-21-602162358-1993962763-1202660629-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59879FA4-4790-461C-A1CC-4EC4DE4CA483}

Unclassified.Unknown Origin
HKCR\PROTOCOLS\Filter\text/html
HKCR\PROTOCOLS\Filter\text/html#CLSID

Adware.Tracking Cookie
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\jean@adbrite[1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\jean@revsci[2].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\jean@insightexpressai[2].txt
C:\Documents and Settings\Jean\Cookies\jean@tribalfusion[2].txt
C:\Documents and Settings\Jean\Cookies\jean@screensavers[1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][2].txt
C:\Documents and Settings\Jean\Cookies\[email protected][2].txt
C:\Documents and Settings\Jean\Cookies\[email protected][2].txt
C:\Documents and Settings\Jean\Cookies\[email protected][2].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\jean@serving-sys[2].txt
C:\Documents and Settings\Jean\Cookies\[email protected][2].txt
C:\Documents and Settings\Jean\Cookies\jean@hitbox[2].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\jean@atdmt[2].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\jean@commission-junction[2].txt
C:\Documents and Settings\Jean\Cookies\[email protected][2].txt
C:\Documents and Settings\Jean\Cookies\[email protected][2].txt
C:\Documents and Settings\Jean\Cookies\[email protected][2].txt
C:\Documents and Settings\Jean\Cookies\[email protected][2].txt
C:\Documents and Settings\Jean\Cookies\[email protected][2].txt
C:\Documents and Settings\Jean\Cookies\jean@zedo[2].txt
C:\Documents and Settings\Jean\Cookies\jean@advertising[1].txt
C:\Documents and Settings\Jean\Cookies\jean@bfast[1].txt
C:\Documents and Settings\Jean\Cookies\jean@azjmp[1].txt
C:\Documents and Settings\Jean\Cookies\jean@maxserving[2].txt
C:\Documents and Settings\Jean\Cookies\jean@fastclick[1].txt
C:\Documents and Settings\Jean\Cookies\jean@realmedia[1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\jean@partner2profit[1].txt
C:\Documents and Settings\Jean\Cookies\jean@mywebsearch[1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\jean@tripod[1].txt
C:\Documents and Settings\Jean\Cookies\jean@apmebf[2].txt
C:\Documents and Settings\Jean\Cookies\[email protected][2].txt
C:\Documents and Settings\Jean\Cookies\jean@pro-market[2].txt
C:\Documents and Settings\Jean\Cookies\[email protected][2].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][2].txt
C:\Documents and Settings\Jean\Cookies\[email protected][2].txt
C:\Documents and Settings\Jean\Cookies\jean@statcounter[1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][2].txt
C:\Documents and Settings\Jean\Cookies\jean@trafficmp[2].txt
C:\Documents and Settings\Jean\Cookies\jean@atwola[1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][2].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\jean@247realmedia[1].txt
C:\Documents and Settings\Jean\Cookies\jean@2o7[2].txt
C:\Documents and Settings\Jean\Cookies\jean@adlegend[1].txt
C:\Documents and Settings\Jean\Cookies\jean@adrevolver[2].txt
C:\Documents and Settings\Jean\Cookies\jean@adrevolver[3].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\jean@adserver[1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][2].txt
C:\Documents and Settings\Jean\Cookies\jean@belnk[1].txt
C:\Documents and Settings\Jean\Cookies\jean@bluestreak[2].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\jean@burstnet[1].txt
C:\Documents and Settings\Jean\Cookies\jean@casalemedia[2].txt
C:\Documents and Settings\Jean\Cookies\[email protected][2].txt
C:\Documents and Settings\Jean\Cookies\jean@doubleclick[1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][2].txt
C:\Documents and Settings\Jean\Cookies\[email protected][2].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\jean@insightfirst[1].txt
C:\Documents and Settings\Jean\Cookies\jean@keywordmax[1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\jean@linksynergy[1].txt
C:\Documents and Settings\Jean\Cookies\jean@mediaplex[2].txt
C:\Documents and Settings\Jean\Cookies\jean@overture[2].txt
C:\Documents and Settings\Jean\Cookies\jean@need2find[1].txt
C:\Documents and Settings\Jean\Cookies\jean@nextag[2].txt
C:\Documents and Settings\Jean\Cookies\jean@pathfinder[1].txt
C:\Documents and Settings\Jean\Cookies\jean@questionmarket[1].txt
C:\Documents and Settings\Jean\Cookies\jean@revenue[1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\jean@tacoda[1].txt
C:\Documents and Settings\Jean\Cookies\jean@teenpeople[1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jean\Cookies\[email protected][2].txt
C:\Documents and Settings\Jean\Cookies\[email protected][1].txt
C:\Documents and Settings\Jillian\Local Settings\Temp\Cookies\jillian@2o7[1].txt
C:\Documents and Settings\Melanie\Local Settings\Temp\Cookies\melanie@2o7[2].txt
C:\Documents and Settings\Steve\Cookies\steve@need2find[2].txt
C:\Documents and Settings\Steve\Cookies\[email protected][2].txt
C:\Documents and Settings\Steve\Cookies\steve@mediaplex[1].txt
C:\Documents and Settings\Steve\Cookies\steve@atdmt[1].txt
C:\Documents and Settings\Steve\Cookies\steve@atwola[2].txt
C:\Documents and Settings\Steve\Cookies\steve@2o7[1].txt
C:\Documents and Settings\Steve\Cookies\[email protected][2].txt
C:\Documents and Settings\Steve\Cookies\steve@advertising[1].txt
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg13\Cookies\anderson01@questionmarket[2].txt
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg13\Cookies\anderson01@tribalfusion[1].txt
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg13\Cookies\anderson01@hitbox[1].txt
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg13\Cookies\anderson01@adknowledge[1].txt
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg13\Cookies\anderson01@advertising[1].txt
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg13\Cookies\anderson01@maxserving[1].txt
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg13\Cookies\anderson01@doubleclick[2].txt
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg13\Cookies\anderson01@realmedia[1].txt
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg13\Cookies\anderson01@atdmt[2].txt
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg13\Cookies\anderson01@fastclick[2].txt
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg13\Cookies\[email protected][2].txt
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg13\Cookies\anderson01@atwola[2].txt
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg13\Cookies\anderson01@trafficmp[2].txt
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg13\Cookies\[email protected][2].txt
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg13\Cookies\anderson01@2o7[1].txt
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg13\Cookies\[email protected][1].txt
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg13\Cookies\anderson01@need2find[2].txt
D:\WINDOWS\Cookies\anyuser@mediaplex[1].txt
D:\WINDOWS\Cookies\jillian anderson@2o7[1].txt
D:\WINDOWS\Cookies\anyuser@advertising[1].txt
D:\WINDOWS\Cookies\jillian [email protected][1].txt
D:\WINDOWS\Cookies\[email protected][1].txt
D:\WINDOWS\Cookies\[email protected][2].txt
D:\WINDOWS\Cookies\jillian [email protected][1].txt
D:\WINDOWS\Cookies\jillian anderson@trafficmp[2].txt
D:\WINDOWS\Cookies\jillian anderson@doubleclick[1].txt
D:\WINDOWS\Cookies\jillian [email protected][1].txt
D:\WINDOWS\Cookies\jillian anderson@atdmt[2].txt
D:\WINDOWS\Cookies\jillian anderson@seventeen[2].txt
D:\WINDOWS\Cookies\jillian [email protected][2].txt
D:\WINDOWS\Cookies\[email protected][1].txt
D:\WINDOWS\Cookies\[email protected][2].txt
D:\WINDOWS\Cookies\default@pennyweb[2].txt

Adware.PointsManager-Uninstaller
C:\DOCUMENTS AND SETTINGS\JILLIAN\LOCAL SETTINGS\TEMP\__UNIN__.EXE

Application.PowerReg Scheduler
C:\DOCUMENTS AND SETTINGS\MELANIE\START MENU\PROGRAMS\STARTUP\POWERREG SCHEDULER V3.EXE
D:\MY DOCUMENTS\CREATIVE WONDERS\STARTUP\POWERREG SCHEDULER V3.EXE

Application.Broderbund/Background Agent
C:\WINDOWS\BBSTORE\DSS\DSSAGENT.EXE

Adware.eZula
D:\WINDOWS\EZINSTALL.EXE

Trojan.Agent/Gen-FSG
D:\WINDOWS\1.DAT

Parasite.WareOut
D:\PROGRAM FILES\WAREOUT\WAREOUT.EXE
 
Lastly was the avira log (split into 2 posts)



Avira AntiVir Personal
Report file date: Sunday, January 31, 2010 17:35

Scanning for 1712557 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows XP
Windows version : (Service Pack 3) [5.1.2600]
Boot mode : Normally booted
Username : SYSTEM
Computer name : ANDERSON

Version information:
BUILD.DAT : 9.0.0.419 21701 Bytes 1/22/2010 18:29:00
AVSCAN.EXE : 9.0.3.10 466689 Bytes 10/13/2009 16:26:33
AVSCAN.DLL : 9.0.3.0 40705 Bytes 2/27/2009 15:58:24
LUKE.DLL : 9.0.3.2 209665 Bytes 2/20/2009 16:35:49
LUKERES.DLL : 9.0.2.0 12033 Bytes 2/27/2009 15:58:52
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 12:35:52
VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 22:20:56
VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 22:21:12
VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 22:21:17
VBASE004.VDF : 7.10.3.76 2048 Bytes 1/26/2010 22:21:17
VBASE005.VDF : 7.10.3.77 2048 Bytes 1/26/2010 22:21:17
VBASE006.VDF : 7.10.3.78 2048 Bytes 1/26/2010 22:21:17
VBASE007.VDF : 7.10.3.79 2048 Bytes 1/26/2010 22:21:17
VBASE008.VDF : 7.10.3.80 2048 Bytes 1/26/2010 22:21:17
VBASE009.VDF : 7.10.3.81 2048 Bytes 1/26/2010 22:21:18
VBASE010.VDF : 7.10.3.82 2048 Bytes 1/26/2010 22:21:18
VBASE011.VDF : 7.10.3.83 2048 Bytes 1/26/2010 22:21:18
VBASE012.VDF : 7.10.3.84 2048 Bytes 1/26/2010 22:21:18
VBASE013.VDF : 7.10.3.85 2048 Bytes 1/26/2010 22:21:18
VBASE014.VDF : 7.10.3.122 172544 Bytes 1/29/2010 22:21:21
VBASE015.VDF : 7.10.3.123 2048 Bytes 1/29/2010 22:21:21
VBASE016.VDF : 7.10.3.124 2048 Bytes 1/29/2010 22:21:21
VBASE017.VDF : 7.10.3.125 2048 Bytes 1/29/2010 22:21:22
VBASE018.VDF : 7.10.3.126 2048 Bytes 1/29/2010 22:21:22
VBASE019.VDF : 7.10.3.127 2048 Bytes 1/29/2010 22:21:22
VBASE020.VDF : 7.10.3.128 2048 Bytes 1/29/2010 22:21:22
VBASE021.VDF : 7.10.3.129 2048 Bytes 1/29/2010 22:21:22
VBASE022.VDF : 7.10.3.130 2048 Bytes 1/29/2010 22:21:22
VBASE023.VDF : 7.10.3.131 2048 Bytes 1/29/2010 22:21:23
VBASE024.VDF : 7.10.3.132 2048 Bytes 1/29/2010 22:21:23
VBASE025.VDF : 7.10.3.133 2048 Bytes 1/29/2010 22:21:23
VBASE026.VDF : 7.10.3.134 2048 Bytes 1/29/2010 22:21:23
VBASE027.VDF : 7.10.3.135 2048 Bytes 1/29/2010 22:21:23
VBASE028.VDF : 7.10.3.136 2048 Bytes 1/29/2010 22:21:23
VBASE029.VDF : 7.10.3.137 2048 Bytes 1/29/2010 22:21:23
VBASE030.VDF : 7.10.3.138 2048 Bytes 1/29/2010 22:21:24
VBASE031.VDF : 7.10.3.140 12800 Bytes 1/31/2010 22:21:24
Engineversion : 8.2.1.154
AEVDF.DLL : 8.1.1.3 106868 Bytes 1/31/2010 22:21:41
AESCRIPT.DLL : 8.1.3.12 823675 Bytes 1/31/2010 22:21:41
AESCN.DLL : 8.1.4.0 127348 Bytes 1/31/2010 22:21:39
AESBX.DLL : 8.1.1.1 246132 Bytes 11/8/2009 12:38:44
AERDL.DLL : 8.1.3.4 479605 Bytes 1/31/2010 22:21:38
AEPACK.DLL : 8.2.0.5 422262 Bytes 1/31/2010 22:21:35
AEOFFICE.DLL : 8.1.0.38 196987 Bytes 11/8/2009 12:38:38
AEHEUR.DLL : 8.1.1.1 2322805 Bytes 1/31/2010 22:21:34
AEHELP.DLL : 8.1.10.0 237942 Bytes 1/31/2010 22:21:27
AEGEN.DLL : 8.1.1.85 369012 Bytes 1/31/2010 22:21:26
AEEMU.DLL : 8.1.1.0 393587 Bytes 11/8/2009 12:38:26
AECORE.DLL : 8.1.10.0 184695 Bytes 1/31/2010 22:21:25
AEBB.DLL : 8.1.0.3 53618 Bytes 11/8/2009 12:38:20
AVWINLL.DLL : 9.0.0.3 18177 Bytes 12/12/2008 13:47:59
AVPREF.DLL : 9.0.3.0 44289 Bytes 8/26/2009 20:14:02
AVREP.DLL : 8.0.0.3 155905 Bytes 1/20/2009 19:34:28
AVREG.DLL : 9.0.0.0 36609 Bytes 12/5/2008 15:32:09
AVARKT.DLL : 9.0.0.3 292609 Bytes 3/24/2009 20:05:41
AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 1/30/2009 15:37:08
SQLITE3.DLL : 3.6.1.0 326401 Bytes 1/28/2009 20:03:49
SMTPLIB.DLL : 9.2.0.25 28417 Bytes 2/2/2009 13:21:33
NETNT.DLL : 9.0.0.0 11521 Bytes 12/5/2008 15:32:10
RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 5/15/2009 20:39:58
RCTEXT.DLL : 9.0.73.0 86785 Bytes 10/13/2009 17:25:47

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:, D:,
Process scan........................: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium

Start of the scan: Sunday, January 31, 2010 17:35

Starting search for hidden objects.
'44194' objects were checked, '0' hidden objects were found.

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
22 processes with 22 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '51' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\pagefile.sys
[WARNING] The file could not be opened!
[NOTE] This file is a Windows system file.
[NOTE] This file cannot be opened for scanning.
C:\Documents and Settings\Jillian\Local Settings\Temp\asmfiles.cab
[0] Archive type: CAB (Microsoft)
--> asm.exe
[DETECTION] Contains recognition pattern of the ADSPY/Altnet.L adware or spyware
--> asmps.dll
[DETECTION] Contains recognition pattern of the ADSPY/Altnet.B.1 adware or spyware
--> altinst2.dll
[1] Archive type: CAB (Microsoft)
--> altinst2.dll
[DETECTION] Contains recognition pattern of the ADSPY/Agent.1562 adware or spyware
C:\Documents and Settings\Jillian\Local Settings\Temp\p2psetup.exe
[DETECTION] Contains recognition pattern of the ADSPY/P2PNetworki.1 adware or spyware
C:\Program Files\INSTAFINK\instafink.dll
[DETECTION] Contains recognition pattern of the ADSPY/404Search.L adware or spyware
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg13\Local Settings\Temp\MiniBug.exe
[DETECTION] Contains recognition pattern of the ADSPY/SuspectModule.I adware or spyware
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg35\dmfiles.cab
[0] Archive type: CAB (Microsoft)
--> AltnetUninstall.exe
[DETECTION] Contains recognition pattern of the ADSPY/Altnet.G adware or spyware
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg35\mysearch.cab
[0] Archive type: CAB (Microsoft)
--> mySetp.exe
[1] Archive type: RSRC
--> Object
[DETECTION] Contains recognition pattern of the ADSPY/Mywebsearch.L.2 adware or spyware
--> Object
[DETECTION] Contains recognition pattern of the ADSPY/MySearch.E adware or spyware
--> Object
[DETECTION] Contains recognition pattern of the ADSPY/Mywebsearch.O adware or spyware
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg35\pmexe.cab
[0] Archive type: CAB (Microsoft)
--> Points Manager.exe
[DETECTION] Contains recognition pattern of the ADSPY/Altnet.H adware or spyware
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg35\pmfiles.cab
[0] Archive type: CAB (Microsoft)
--> sysdetect.dll
[DETECTION] Contains recognition pattern of the ADSPY/Brilli.1007.1 adware or spyware
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307845.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307846.DLL
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307847.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307848.DLL
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307849.DLL
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307850.DLL
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307851.dll
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307852.DLL
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307853.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307854.DLL
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307855.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307856.DLL
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307857.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307858.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307859.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307860.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307861.DLL
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307862.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307863.SCR
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307864.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307865.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307866.EXE
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307867.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307869.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307870.EXE
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307872.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307873.EXE
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307874.EXE
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307875.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307877.scr
[DETECTION] Is the TR/Trash.Gen Trojan
C:\System Volume Information\_restore{BF64627E-8F7B-4A3A-8B95-0A36A6B8F7EA}\RP1239\A0072458.exe
[DETECTION] Contains recognition pattern of the ADSPY/Altnet.B.6 adware or spyware
C:\System Volume Information\_restore{BF64627E-8F7B-4A3A-8B95-0A36A6B8F7EA}\RP1239\A0072459.exe
[DETECTION] Contains recognition pattern of the ADSPY/Altnet.A adware or spyware
C:\System Volume Information\_restore{BF64627E-8F7B-4A3A-8B95-0A36A6B8F7EA}\RP1239\A0072460.dll
[DETECTION] Contains recognition pattern of the ADSPY/Altnet.A.4 adware or spyware
C:\System Volume Information\_restore{BF64627E-8F7B-4A3A-8B95-0A36A6B8F7EA}\RP1239\A0072461.dll
[DETECTION] Contains recognition pattern of the ADSPY/Altnet.B.1 adware or spyware
C:\System Volume Information\_restore{BF64627E-8F7B-4A3A-8B95-0A36A6B8F7EA}\RP1239\A0072462.dll
[DETECTION] Contains recognition pattern of the ADSPY/Altnet.B.3 adware or spyware
C:\System Volume Information\_restore{BF64627E-8F7B-4A3A-8B95-0A36A6B8F7EA}\RP1239\A0072463.dll
[DETECTION] Contains recognition pattern of the ADSPY/Altnet.B.5 adware or spyware
C:\System Volume Information\_restore{BF64627E-8F7B-4A3A-8B95-0A36A6B8F7EA}\RP1239\A0072464.dll
[DETECTION] Contains recognition pattern of the ADSPY/Altnet.A.3 adware or spyware
C:\System Volume Information\_restore{BF64627E-8F7B-4A3A-8B95-0A36A6B8F7EA}\RP1239\A0072465.dll
[DETECTION] Contains recognition pattern of the ADSPY/Altnet.A.2 adware or spyware
C:\WINDOWS\VcpDLL.dll
[DETECTION] Contains recognition pattern of the ADSPY/Conducent-Timesink adware or spyware
C:\WINDOWS\BBSTORE\DSS\DSSAGENT.EXE
[DETECTION] Contains recognition pattern of the ADSPY/Background.A adware or spyware
Begin scan in 'D:\' <ANDERSON HD>
D:\WINDOWS\VcpDLL.dll
[DETECTION] Contains recognition pattern of the ADSPY/Conducent-Timesink adware or spyware
D:\Program Files\Eyetide Media\Eyetide Viewer\EyePatch.exe
[DETECTION] Is the TR/Agent.102400.E Trojan
D:\Program Files\eZula\seng.dll
[DETECTION] Contains recognition pattern of the ADSPY/eZula.G.2.4 adware or spyware
D:\Program Files\eZula\CHCON.dll
[DETECTION] Contains recognition pattern of the ADSPY/eZula.AJ adware or spyware
D:\Program Files\eZula\mmod.exe
[DETECTION] Contains recognition pattern of the ADSPY/eZula.AK.2 adware or spyware
D:\Program Files\WareOut\WareOutUpdate.exe
[DETECTION] Contains recognition pattern of the ADSPY/WareOut.1 adware or spyware
D:\Program Files\WareOut\uninstall.exe
[DETECTION] Contains recognition pattern of the ADSPY/WareOut.A adware or spyware
D:\Program Files\The Learning Company\Kid Pix Studio Deluxe\killwin.exe
[DETECTION] Is the TR/ATRAPS.Gen Trojan
D:\Program Files\The Learning Company\Kid Pix Studio Deluxe\picker.exe
[DETECTION] Is the TR/ATRAPS.Gen Trojan
D:\Program Files\AOL Toolbar\toolbar.dll
[DETECTION] Contains recognition pattern of the ADSPY/SearchIt.T.2 adware or spyware
D:\KPSDLUX\picker.exe
[DETECTION] Is the TR/ATRAPS.Gen Trojan
D:\KPSDLUX\killwin.exe
[DETECTION] Is the TR/ATRAPS.Gen Trojan
D:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP195\A0308396.EXE
[DETECTION] Contains recognition pattern of the ADSPY/Timesink.A adware or spyware
D:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP195\A0308397.exe
[DETECTION] Contains recognition pattern of the ADSPY/eZula.1.A adware or spyware
D:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP195\A0308398.exe
[DETECTION] Contains recognition pattern of the ADSPY/WareOut.2 adware or spyware
 
Beginning disinfection:
C:\Documents and Settings\Jillian\Local Settings\Temp\asmfiles.cab
[NOTE] The file was moved to '4bd316b4.qua'!
C:\Documents and Settings\Jillian\Local Settings\Temp\p2psetup.exe
[DETECTION] Contains recognition pattern of the ADSPY/P2PNetworki.1 adware or spyware
[NOTE] The file was moved to '4bd61674.qua'!
C:\Program Files\INSTAFINK\instafink.dll
[DETECTION] Contains recognition pattern of the ADSPY/404Search.L adware or spyware
[NOTE] The file was moved to '4bd916b0.qua'!
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg13\Local Settings\Temp\MiniBug.exe
[DETECTION] Contains recognition pattern of the ADSPY/SuspectModule.I adware or spyware
[NOTE] The file was moved to '4bd416ac.qua'!
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg35\dmfiles.cab
[NOTE] The file was moved to '4bcc16b0.qua'!
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg35\mysearch.cab
[NOTE] The file was moved to '4bd916bc.qua'!
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg35\pmexe.cab
[NOTE] The file was moved to '4bcb16b0.qua'!
C:\RECYCLER\S-1-5-21-774905139-1290938748-1844936127-1040\Dg35\pmfiles.cab
[NOTE] The file was moved to '4ab227e9.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307845.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4b991674.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307846.DLL
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
[NOTE] The file was moved to '4f9a50dd.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307847.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4b991675.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307848.DLL
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
[NOTE] The file was moved to '4f9c404e.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307849.DLL
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
[NOTE] The file was moved to '4a1d767e.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307850.DLL
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
[NOTE] The file was moved to '4f9e487e.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307851.dll
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4f9173a6.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307852.DLL
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
[NOTE] The file was moved to '4f15ee86.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307853.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4f90604e.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307854.DLL
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
[NOTE] The file was moved to '4b991676.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307855.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4f9293bf.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307856.DLL
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
[NOTE] The file was moved to '4f958ab7.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307857.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4f94b2ff.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307858.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4f97ba27.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307859.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4f96a26f.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307860.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4f89ad97.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307861.DLL
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
[NOTE] The file was moved to '4f88d5df.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307862.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4b991677.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307863.SCR
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4f8ac540.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307864.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4f8dcd78.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307865.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4f8cf4b0.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307866.EXE
[DETECTION] Is the TR/Drop.Softomat.AN Trojan
[NOTE] The file was moved to '4f8ffce8.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307867.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4f8ee420.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307869.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4f81ec58.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307870.EXE
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4f831790.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307872.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4f821fc8.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307873.EXE
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4f850700.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307874.EXE
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4f840f38.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307875.DLL
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4f873770.qua'!
C:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP190\A0307877.scr
[DETECTION] Is the TR/Trash.Gen Trojan
[NOTE] The file was moved to '4f863ea8.qua'!
C:\System Volume Information\_restore{BF64627E-8F7B-4A3A-8B95-0A36A6B8F7EA}\RP1239\A0072458.exe
[DETECTION] Contains recognition pattern of the ADSPY/Altnet.B.6 adware or spyware
[NOTE] The file was moved to '4b961677.qua'!
C:\System Volume Information\_restore{BF64627E-8F7B-4A3A-8B95-0A36A6B8F7EA}\RP1239\A0072459.exe
[DETECTION] Contains recognition pattern of the ADSPY/Altnet.A adware or spyware
[NOTE] The file was moved to '4fb72e18.qua'!
C:\System Volume Information\_restore{BF64627E-8F7B-4A3A-8B95-0A36A6B8F7EA}\RP1239\A0072460.dll
[DETECTION] Contains recognition pattern of the ADSPY/Altnet.A.4 adware or spyware
[NOTE] The file was moved to '4fb45650.qua'!
C:\System Volume Information\_restore{BF64627E-8F7B-4A3A-8B95-0A36A6B8F7EA}\RP1239\A0072461.dll
[DETECTION] Contains recognition pattern of the ADSPY/Altnet.B.1 adware or spyware
[NOTE] The file was moved to '4fb55188.qua'!
C:\System Volume Information\_restore{BF64627E-8F7B-4A3A-8B95-0A36A6B8F7EA}\RP1239\A0072462.dll
[DETECTION] Contains recognition pattern of the ADSPY/Altnet.B.3 adware or spyware
[NOTE] The file was moved to '4fb259c0.qua'!
C:\System Volume Information\_restore{BF64627E-8F7B-4A3A-8B95-0A36A6B8F7EA}\RP1239\A0072463.dll
[DETECTION] Contains recognition pattern of the ADSPY/Altnet.B.5 adware or spyware
[NOTE] The file was moved to '4b961678.qua'!
C:\System Volume Information\_restore{BF64627E-8F7B-4A3A-8B95-0A36A6B8F7EA}\RP1239\A0072464.dll
[DETECTION] Contains recognition pattern of the ADSPY/Altnet.A.3 adware or spyware
[NOTE] The file was moved to '4fb04931.qua'!
C:\System Volume Information\_restore{BF64627E-8F7B-4A3A-8B95-0A36A6B8F7EA}\RP1239\A0072465.dll
[DETECTION] Contains recognition pattern of the ADSPY/Altnet.A.2 adware or spyware
[NOTE] The file was moved to '4fb17169.qua'!
C:\WINDOWS\VcpDLL.dll
[DETECTION] Contains recognition pattern of the ADSPY/Conducent-Timesink adware or spyware
[NOTE] The file was moved to '4bd616ab.qua'!
C:\WINDOWS\BBSTORE\DSS\DSSAGENT.EXE
[DETECTION] Contains recognition pattern of the ADSPY/Background.A adware or spyware
[NOTE] The file was moved to '4bb9169b.qua'!
D:\WINDOWS\VcpDLL.dll
[DETECTION] Contains recognition pattern of the ADSPY/Conducent-Timesink adware or spyware
[NOTE] The file was moved to '4a517224.qua'!
D:\Program Files\Eyetide Media\Eyetide Viewer\EyePatch.exe
[DETECTION] Is the TR/Agent.102400.E Trojan
[NOTE] The file was moved to '4bcb16c1.qua'!
D:\Program Files\eZula\seng.dll
[DETECTION] Contains recognition pattern of the ADSPY/eZula.G.2.4 adware or spyware
[NOTE] The file was moved to '4bd416ad.qua'!
D:\Program Files\eZula\CHCON.dll
[DETECTION] Contains recognition pattern of the ADSPY/eZula.AJ adware or spyware
[NOTE] The file was moved to '4ba91690.qua'!
D:\Program Files\eZula\mmod.exe
[DETECTION] Contains recognition pattern of the ADSPY/eZula.AK.2 adware or spyware
[NOTE] The file was moved to '4bd516b5.qua'!
D:\Program Files\WareOut\WareOutUpdate.exe
[DETECTION] Contains recognition pattern of the ADSPY/WareOut.1 adware or spyware
[NOTE] The file was moved to '4bd816aa.qua'!
D:\Program Files\WareOut\uninstall.exe
[DETECTION] Contains recognition pattern of the ADSPY/WareOut.A adware or spyware
[NOTE] The file was moved to '4bcf16b7.qua'!
D:\Program Files\The Learning Company\Kid Pix Studio Deluxe\killwin.exe
[DETECTION] Is the TR/ATRAPS.Gen Trojan
[NOTE] The file was moved to '4bd216b2.qua'!
D:\Program Files\The Learning Company\Kid Pix Studio Deluxe\picker.exe
[DETECTION] Is the TR/ATRAPS.Gen Trojan
[NOTE] The file was moved to '4bc916b2.qua'!
D:\Program Files\AOL Toolbar\toolbar.dll
[DETECTION] Contains recognition pattern of the ADSPY/SearchIt.T.2 adware or spyware
[NOTE] The file was moved to '4bd516b8.qua'!
D:\KPSDLUX\picker.exe
[DETECTION] Is the TR/ATRAPS.Gen Trojan
[NOTE] The file was moved to '4fe4945b.qua'!
D:\KPSDLUX\killwin.exe
[DETECTION] Is the TR/ATRAPS.Gen Trojan
[NOTE] The file was moved to '4feace33.qua'!
D:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP195\A0308396.EXE
[DETECTION] Contains recognition pattern of the ADSPY/Timesink.A adware or spyware
[NOTE] The file was moved to '4b991679.qua'!
D:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP195\A0308397.exe
[DETECTION] Contains recognition pattern of the ADSPY/eZula.1.A adware or spyware
[NOTE] The file was moved to '4fa4163a.qua'!
D:\System Volume Information\_restore{141A2E07-8D77-4AD6-9860-EA6B2144A1A1}\RP195\A0308398.exe
[DETECTION] Contains recognition pattern of the ADSPY/WareOut.2 adware or spyware
[NOTE] The file was moved to '4fa71e72.qua'!


End of the scan: Sunday, January 31, 2010 18:46
Used time: 1:09:48 Hour(s)

The scan has been done completely.

6569 Scanned directories
182728 Files were scanned
67 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
63 Files were moved to quarantine
0 Files were renamed
2 Files cannot be scanned
182659 Files not concerned
1201 Archives were scanned
2 Warnings
65 Notes
44194 Objects were scanned with rootkit scan
0 Hidden objects were found


So i know this is a lot but what do we think lol, thats all i can do is laugh at how messed up this computer seemed to me
 
I would say you should have no problems with your system right now. You mostly had adware issues and a few trojans. Let us know if you have any more issues.
 
ok thank you for your help, im still having a few issues uninstalling some programs, i go to run the uninstaller but it wont run, do you have any ideas how i can uninstall those programs, and with aol how do you completely get rid of it?
 
You must log in or register to reply here.
Back
Top