We'd like to remind Forumites to please avoid political debate on the Forum... Read More »
We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Hijack this help
Options
tranmererovers
Posts: 2,313 Forumite
in Techie Stuff
My brother has managed to get some trojans and other nasties on his computer. I have run virus checks in safe mode and also ran malwarebytes which appear to have cleared most stuff.
There are a couple of entries in hijack this that I am unsure about (02 BHO entries and 04 HKUS entries) and would welcome advice re deleting them or otherwise..
Log will follow on next post
Thank you
There are a couple of entries in hijack this that I am unsure about (02 BHO entries and 04 HKUS entries) and would welcome advice re deleting them or otherwise..
Log will follow on next post
Thank you
It's easier to get forgiveness than to ask permission 
0
Comments
-
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:10:27, on 27/09/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\VM_STI.EXE
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Windows\sttray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\McAfee\MSK\mskagent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/webhp?sourceid=navclient&ie=UTF-8
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - !!06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: QXK Olive - !!3396B97E-39F0-49FA-834F-14E7E771D44B} - C:\Windows\dfmlxbpkqma.dll
O2 - BHO: SSVHelper Class - !!761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: scriptproxy - !!7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: (no name) - !!7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - !!9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - !!2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: peltodgx - {CA5DF1DA-5181-4190-B40B-E3FD8FB1EAED} - C:\Windows\peltodgx.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [BigDogPath] C:\Windows\VM_STI.EXE Philips SPC210NC Webcam
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\RunOnce: [*WerKernelReporting] %SYSTEMROOT%\SYSTEM32\WerFault.exe -k -rq
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [] C:\Users\another\AppData\Roaming\Adobe\Player.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURA091.exe] C:\Windows\system32\YURA091.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURA237.exe] C:\Windows\system32\YURA237.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURA64E.exe] C:\Windows\system32\YURA64E.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURA9B9.exe] C:\Windows\system32\YURA9B9.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [ANTIVIRUS] C:\Program Files\MicroAV\MicroAV.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURF3D2.exe] C:\Windows\system32\YURF3D2.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR161F.exe] C:\Windows\system32\YUR161F.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR3E29.exe] C:\Windows\system32\YUR3E29.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR6CBB.exe] C:\Windows\system32\YUR6CBB.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURB216.exe] C:\Windows\system32\YURB216.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURD369.exe] C:\Windows\system32\YURD369.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURF78B.exe] C:\Windows\system32\YURF78B.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR166D.exe] C:\Windows\system32\YUR166D.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR8C2F.exe] C:\Windows\system32\YUR8C2F.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR6A30.exe] C:\Windows\system32\YUR6A30.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURCF81.exe] C:\Windows\system32\YURCF81.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR2E89.exe] C:\Windows\system32\YUR2E89.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURA593.exe] C:\Windows\system32\YURA593.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURDD6C.exe] C:\Windows\system32\YURDD6C.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURDD7B.exe] C:\Windows\system32\YURDD7B.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURE674.exe] C:\Windows\system32\YURE674.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURCEE5.exe] C:\Windows\system32\YURCEE5.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR168D.exe] C:\Windows\system32\YUR168D.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR65CB.exe] C:\Windows\system32\YUR65CB.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR879B.exe] C:\Windows\system32\YUR879B.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURB3BC.exe] C:\Windows\system32\YURB3BC.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURCAED.exe] C:\Windows\system32\YURCAED.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURC7B1.exe] C:\Windows\system32\YURC7B1.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUREC8F.exe] C:\Windows\system32\YUREC8F.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURB32.exe] C:\Windows\system32\YURB32.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR73E4.exe] C:\Windows\system32\YUR73E4.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURA93C.exe] C:\Windows\system32\YURA93C.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURBC76.exe] C:\Windows\system32\YURBC76.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURDF60.exe] C:\Windows\system32\YURDF60.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR12E8.exe] C:\Windows\system32\YUR12E8.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR2BCF.exe] C:\Windows\system32\YUR2BCF.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR4F35.exe] C:\Windows\system32\YUR4F35.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR6DD9.exe] C:\Windows\system32\YUR6DD9.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR3FB5.exe] C:\Windows\system32\YUR3FB5.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR6974.exe] C:\Windows\system32\YUR6974.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURA4F7.exe] C:\Windows\system32\YURA4F7.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURC07D.exe] C:\Windows\system32\YURC07D.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR6E66.exe] C:\Windows\system32\YUR6E66.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR8FD8.exe] C:\Windows\system32\YUR8FD8.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURBB5D.exe] C:\Windows\system32\YURBB5D.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURD667.exe] C:\Windows\system32\YURD667.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURA0D0.exe] C:\Windows\system32\YURA0D0.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURBB7C.exe] C:\Windows\system32\YURBB7C.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURE49F.exe] C:\Windows\system32\YURE49F.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURFB92.exe] C:\Windows\system32\YURFB92.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR5446.exe] C:\Windows\system32\YUR5446.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR6A4F.exe] C:\Windows\system32\YUR6A4F.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR9249.exe] C:\Windows\system32\YUR9249.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURACD6.exe] C:\Windows\system32\YURACD6.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURD860.exe] C:\Windows\system32\YURD860.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURF84B.exe] C:\Windows\system32\YURF84B.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR1D67.exe] C:\Windows\system32\YUR1D67.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR311E.exe] C:\Windows\system32\YUR311E.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR4831.exe] C:\Windows\system32\YUR4831.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURD628.exe] C:\Windows\system32\YURD628.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR1E8C.exe] C:\Windows\system32\YUR1E8C.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR3DFF.exe] C:\Windows\system32\YUR3DFF.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR2B33.exe] C:\Windows\system32\YUR2B33.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR564A.exe] C:\Windows\system32\YUR564A.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR755B.exe] C:\Windows\system32\YUR755B.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR4A34.exe] C:\Windows\system32\YUR4A34.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR6240.exe] C:\Windows\system32\YUR6240.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR9873.exe] C:\Windows\system32\YUR9873.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR684B.exe] C:\Windows\system32\YUR684B.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR775F.exe] C:\Windows\system32\YUR775F.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURA043.exe] C:\Windows\system32\YURA043.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURC000.exe] C:\Windows\system32\YURC000.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR4F74.exe] C:\Windows\system32\YUR4F74.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR4032.exe] C:\Windows\system32\YUR4032.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURA787.exe] C:\Windows\system32\YURA787.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURA796.exe] C:\Windows\system32\YURA796.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR4CC4.exe] C:\Windows\system32\YUR4CC4.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR486F.exe] C:\Windows\system32\YUR486F.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURDFC2.exe] C:\Windows\system32\YURDFC2.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURFEE3.exe] C:\Windows\system32\YURFEE3.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR4C67.exe] C:\Windows\system32\YUR4C67.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR6E08.exe] C:\Windows\system32\YUR6E08.exe (User 'another')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: TrayMin210.exe.lnk = ?
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - !!08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~4.0_0\bin\ssv.dll
O9 - Extra button: Sky - !!08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com (file missing)
O9 - Extra button: Blog This - !!219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - !!219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O13 - Gopher Prefix:
O20 - AppInit_DLLs:
O21 - SSODL: rwlfsdmk - {AA433FDD-AE01-40B1-8EC6-9E1561FD49F6} - C:\Windows\rwlfsdmk.dll
O21 - SSODL: onfwbsak - !!7EC31737-0051-46C4-98D8-B73AA79F6553} - C:\Windows\onfwbsak.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXE
O23 - Service: lxcd_device - Unknown owner - C:\Windows\system32\lxcdcoms.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 22534 bytesIt's easier to get forgiveness than to ask permission
0 -
delete this for a start
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURA091.exe] C:\Windows\system32\YURA091.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURA237.exe] C:\Windows\system32\YURA237.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURA64E.exe] C:\Windows\system32\YURA64E.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURA9B9.exe] C:\Windows\system32\YURA9B9.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [ANTIVIRUS] C:\Program Files\MicroAV\MicroAV.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURF3D2.exe] C:\Windows\system32\YURF3D2.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR161F.exe] C:\Windows\system32\YUR161F.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR3E29.exe] C:\Windows\system32\YUR3E29.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR6CBB.exe] C:\Windows\system32\YUR6CBB.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURB216.exe] C:\Windows\system32\YURB216.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURD369.exe] C:\Windows\system32\YURD369.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURF78B.exe] C:\Windows\system32\YURF78B.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR166D.exe] C:\Windows\system32\YUR166D.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR8C2F.exe] C:\Windows\system32\YUR8C2F.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR6A30.exe] C:\Windows\system32\YUR6A30.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURCF81.exe] C:\Windows\system32\YURCF81.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR2E89.exe] C:\Windows\system32\YUR2E89.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURA593.exe] C:\Windows\system32\YURA593.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURDD6C.exe] C:\Windows\system32\YURDD6C.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURDD7B.exe] C:\Windows\system32\YURDD7B.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURE674.exe] C:\Windows\system32\YURE674.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURCEE5.exe] C:\Windows\system32\YURCEE5.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR168D.exe] C:\Windows\system32\YUR168D.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR65CB.exe] C:\Windows\system32\YUR65CB.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR879B.exe] C:\Windows\system32\YUR879B.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURB3BC.exe] C:\Windows\system32\YURB3BC.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURCAED.exe] C:\Windows\system32\YURCAED.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURC7B1.exe] C:\Windows\system32\YURC7B1.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUREC8F.exe] C:\Windows\system32\YUREC8F.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURB32.exe] C:\Windows\system32\YURB32.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR73E4.exe] C:\Windows\system32\YUR73E4.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURA93C.exe] C:\Windows\system32\YURA93C.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURBC76.exe] C:\Windows\system32\YURBC76.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURDF60.exe] C:\Windows\system32\YURDF60.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR12E8.exe] C:\Windows\system32\YUR12E8.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR2BCF.exe] C:\Windows\system32\YUR2BCF.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR4F35.exe] C:\Windows\system32\YUR4F35.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR6DD9.exe] C:\Windows\system32\YUR6DD9.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR3FB5.exe] C:\Windows\system32\YUR3FB5.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR6974.exe] C:\Windows\system32\YUR6974.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURA4F7.exe] C:\Windows\system32\YURA4F7.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURC07D.exe] C:\Windows\system32\YURC07D.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR6E66.exe] C:\Windows\system32\YUR6E66.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR8FD8.exe] C:\Windows\system32\YUR8FD8.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURBB5D.exe] C:\Windows\system32\YURBB5D.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURD667.exe] C:\Windows\system32\YURD667.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURA0D0.exe] C:\Windows\system32\YURA0D0.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURBB7C.exe] C:\Windows\system32\YURBB7C.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURE49F.exe] C:\Windows\system32\YURE49F.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURFB92.exe] C:\Windows\system32\YURFB92.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR5446.exe] C:\Windows\system32\YUR5446.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR6A4F.exe] C:\Windows\system32\YUR6A4F.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR9249.exe] C:\Windows\system32\YUR9249.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURACD6.exe] C:\Windows\system32\YURACD6.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURD860.exe] C:\Windows\system32\YURD860.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURF84B.exe] C:\Windows\system32\YURF84B.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR1D67.exe] C:\Windows\system32\YUR1D67.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR311E.exe] C:\Windows\system32\YUR311E.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR4831.exe] C:\Windows\system32\YUR4831.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURD628.exe] C:\Windows\system32\YURD628.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR1E8C.exe] C:\Windows\system32\YUR1E8C.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR3DFF.exe] C:\Windows\system32\YUR3DFF.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR2B33.exe] C:\Windows\system32\YUR2B33.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR564A.exe] C:\Windows\system32\YUR564A.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR755B.exe] C:\Windows\system32\YUR755B.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR4A34.exe] C:\Windows\system32\YUR4A34.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR6240.exe] C:\Windows\system32\YUR6240.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR9873.exe] C:\Windows\system32\YUR9873.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR684B.exe] C:\Windows\system32\YUR684B.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR775F.exe] C:\Windows\system32\YUR775F.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURA043.exe] C:\Windows\system32\YURA043.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURC000.exe] C:\Windows\system32\YURC000.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR4F74.exe] C:\Windows\system32\YUR4F74.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR4032.exe] C:\Windows\system32\YUR4032.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURA787.exe] C:\Windows\system32\YURA787.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURA796.exe] C:\Windows\system32\YURA796.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR4CC4.exe] C:\Windows\system32\YUR4CC4.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR486F.exe] C:\Windows\system32\YUR486F.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURDFC2.exe] C:\Windows\system32\YURDFC2.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YURFEE3.exe] C:\Windows\system32\YURFEE3.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR4C67.exe] C:\Windows\system32\YUR4C67.exe (User 'another')
O4 - HKUS\S-1-5-21-3985984071-3618988265-3453324527-1000\..\Run: [\YUR6E08.exe] C:\Windows\system32\YUR6E08.exe (User 'another')Ex forum ambassador
Long term forum member0 -
have you got the Malware bytes log as well
The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Ex forum ambassador
Long term forum member0 -
I would also deleted ALL those files I posted after doing the hijackthis log fixEx forum ambassador
Long term forum member0 -
Here is the malware bytes log
Malwarebytes' Anti-Malware 1.28
Database version: 1134
Windows 6.0.6000
27/09/2008 12:00:53
mbam-log-2008-09-27 (12-00-53).txt
Scan type: Quick Scan
Objects scanned: 43623
Time elapsed: 3 minute(s), 56 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 133
Registry Values Infected: 17
Registry Data Items Infected: 0
Folders Infected: 16
Files Infected: 99
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\!!25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\!!8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\!!3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\!!98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\!!8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\!!63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!8e6f1832-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\!!3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\!!3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\!!7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\!!7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\!!07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\!!07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\!!07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\!!29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\!!9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\!!00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!9afb8248-617f-460d-9366-d71cdeda3179} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\!!0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\!!56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\!!56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mywebsearchservice (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\mywebsearchservice (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mywebsearchservice (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebVideo (Trojan.FakeAlert) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MicroAV (Rogue.MicroAntivirus) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\!!07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\!!07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\!!00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch plugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\my web search bar search scope monitor (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yura091.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yura237.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yura64e.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yura9b9.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yur7f4e.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yura719.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yurc5dc.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\yurdd3d.exe (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\ (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\antivirus (Rogue.MicroAntivirus) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Avatar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter (Trojan.Fakealert) -> Quarantined and deleted successfully.It's easier to get forgiveness than to ask permission
0 -
Here is the second part as the post was too long!!
Files Infected:
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Windows\System32\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\0.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\0.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\1.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\1.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\1.ico (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\2.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\2.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\2.ico (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\3.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\3.gif (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\4.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\5.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\7.exe (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Program Files\PCHealthCenter\sc.html (Trojan.Fakealert) -> Quarantined and deleted successfully.
C:\Users\another and another\Desktop\QUALITY !!!!!!.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Windows\System32\1.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\Windows\System32\YURA091.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\YURA237.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\YURA64E.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\YURA9B9.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\comsa32.sys (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\tdssadw.dll (Trojan.Agent) -> Delete on reboot.
C:\Windows\System32\tdssl.dll (Trojan.Agent) -> Delete on reboot.
C:\Windows\System32\tdssserf.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\tdssmain.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\tdssinit.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\tdsslog.dll (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\tdssservers.dat (Trojan.Agent) -> Quarantined and deleted successfully.
C:\Windows\System32\drivers\tdssserv.sys (Trojan.Agent) -> Delete on reboot.
C:\Windows\System32\drmgs.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
C:\x (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Windows\System32\MicroAV.cpl (Rogue.MicroAntivirus) -> Quarantined and deleted successfully.
C:\Program Files\MicroAV\MicroAV.exe (Rogue.MicroAntivirus) -> Quarantined and deleted successfully.
C:\Users\another\Desktop\QUALITY !!!!!!.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\Users\another\AppData\Local\Temp\lwpwer.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.It's easier to get forgiveness than to ask permission
0 -
-
also fix these
O2 - BHO: QXK Olive - !!3396B97E-39F0-49FA-834F-14E7E771D44B} - C:\Windows\dfmlxbpkqma.dll
O2 - BHO: (no name) - !!7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: peltodgx - {CA5DF1DA-5181-4190-B40B-E3FD8FB1EAED} - C:\Windows\peltodgx.dll
O9 - Extra button: Sky - !!08E730A4-FB02-45BD-A900-01E4AD8016F6} - http://www.sky.com (file missing)
O21 - SSODL: rwlfsdmk - {AA433FDD-AE01-40B1-8EC6-9E1561FD49F6} - C:\Windows\rwlfsdmk.dll
O21 - SSODL: onfwbsak - !!7EC31737-0051-46C4-98D8-B73AA79F6553} - C:\Windows\onfwbsak.dll
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_3.EXEEx forum ambassador
Long term forum member0 -
then reboot and do a fresh hijackthis log fileEx forum ambassador
Long term forum member0 -
might be worth doing another Malwarebytes scan , a FULL one this time and seeing if it finds anythingEx forum ambassador
Long term forum member0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 350.9K Banking & Borrowing
- 253.1K Reduce Debt & Boost Income
- 453.5K Spending & Discounts
- 243.9K Work, Benefits & Business
- 598.8K Mortgages, Homes & Bills
- 176.9K Life & Family
- 257.2K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.1K Discuss & Feedback
- 37.6K Read-Only Boards