We’d like to remind Forumites to please avoid political debate on the Forum.

This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.

📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

OMG 334 infected files found

toejumper
toejumper Posts: 2,441 Forumite
Part of the Furniture Photogenic Combo Breaker Mortgage-free Glee!
in Techie Stuff
Hi, have done a hijack log can someone take a look and tell me how bad they are, have done the instructions from this post. http://forums.moneysavingexpert.com/showthread.html?t=1536111
will do another scan later today to see if they have cleared,
Thank you
sorry have to do this in 2 parts as theres 2 many words


Memory Processes Infected: 1
Memory Modules Infected: 4
Registry Keys Infected: 146
Registry Values Infected: 11
Registry Data Items Infected: 0
Folders Infected: 46
Files Infected: 127
Memory Processes Infected:
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> No action taken.
Memory Modules Infected:
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWeb) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWeb) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> No action taken.
Registry Keys Infected:
HKEY_CLASSES_ROOT\TypeLib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWeb) -> No action taken.
HKEY_CLASSES_ROOT\Interface\!!6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWeb) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWeb) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\!!07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> No action taken.
HKEY_CLASSES_ROOT\Interface\!!07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> No action taken.
HKEY_CLASSES_ROOT\Interface\!!07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWeb) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\!!07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\!!07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\!!07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\!!07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\!!07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\!!07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\!!07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\!!07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\!!53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWeb) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\!!17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\!!1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\!!25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\!!25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\!!8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\!!1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\!!120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\!!247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\!!3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\!!90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\!!991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\!!0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\!!3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\!!741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\!!3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\!!3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\!!3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\!!98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\!!98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\!!8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\!!63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\!!63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\!!63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\!!63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\!!8e6f1832-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\!!72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\!!3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\!!3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\!!3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\!!3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\!!3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\!!7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\!!7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\!!7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\!!7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\!!7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\!!7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\!!7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\!!7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\!!7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\!!29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\!!2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\!!2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\!!938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\!!9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\!!9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\!!9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\!!00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\!!00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\!!00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\!!00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\!!147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\!!1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\!!84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\!!0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\!!56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{d49e9d35-254c-4c6a-9d17-95018d228ff5} (Adware.Starware) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\!!56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\!!59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\!!68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\!!9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mywebsearchservice (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\mywebsearchservice (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mywebsearchservice (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Screensavers.com (Adware.Comet) -> No action taken.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\my web search bar search scope monitor (Adware.MyWeb) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWeb) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWeb) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\!!07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\!!07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch plugin (Adware.MyWeb) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\!!00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\ (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Search\searchassistant (Adware.Starware) -> No action taken.
Registry Data Items Infected:
(No malicious items detected)
«13456717

Comments

  • toejumper
    toejumper Posts: 2,441 Forumite
    Part of the Furniture Photogenic Combo Breaker Mortgage-free Glee!
    second part

    Folders Infected:
    C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Avatar (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Game (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\icons (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Message (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Notifier (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\SrchAstt\1.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\FunWebProducts\Shared\Cache (Adware.MyWebSearch) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316 (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\BrowserSearch (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Configurator (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\ErrorSearch (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Games (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Layouts (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Manager (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Movies (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Reference (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\RelatedSearch (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Screensavers (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\ScreensaversMarketingSitePager (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\SearchAssistPlus (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\SearchMatch (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Toolbar (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\ToolbarLogo (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\ToolbarSearch (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\TravelSearch (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Weather (Adware.Starware) -> No action taken.
    C:\Program Files\Screensavers.com (Adware.Comet) -> No action taken.
    C:\Program Files\Screensavers.com\SSSInst (Adware.Comet) -> No action taken.
    C:\Program Files\Screensavers.com\SSSInst\bin (Adware.Comet) -> No action taken.
    C:\Program Files\Screensavers.com\SSSInst\Ready (Adware.Comet) -> No action taken.
    C:\Program Files\Screensavers.com\SSSInst\temp (Adware.Comet) -> No action taken.
    C:\Program Files\Screensavers.com\SSSInst\Upload (Adware.Comet) -> No action taken.
    D:\Documents and Settings\Steph\Application Data\FunWebProducts (Adware.MyWay) -> No action taken.
    D:\Documents and Settings\Steph\Application Data\FunWebProducts\Data (Adware.MyWay) -> No action taken.
    D:\Documents and Settings\Steph\Application Data\FunWebProducts\Data\Steph (Adware.MyWay) -> No action taken.
    Files Infected:
    C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWeb) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (Adware.MyWeb) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWeb) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWeb) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWeb) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWeb) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> No action taken.
    C:\WINDOWS\system32\f3PSSavr.scr (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll (Adware.MyWeb) -> No action taken.
    C:\Program Files\Internet Explorer\msimg32.dll (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\007FCF3D.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\007FD8C2.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\007FDC1D.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\007FE11F.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\007FE42C.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\007FE768 (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\00804382.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\008046FD.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\00804BC0.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\00804F1B.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\00DED420 (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\016BEC5E (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\files.ini (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\History\search2 (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\FunWebProducts\ScreenSaver\Images\0011B63D.urr (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\FunWebProducts\Shared\006BE9EA.dat (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\FunWebProducts\Shared\Cache\MailStampBtn.html (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\FunWebProducts\Shared\Cache\MyStationeryBtn.html (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Configurator\Configurator.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Configurator\Configurator.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Games\GamesOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Games\GamesOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Layouts\ToolbarLayout.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Manager\ManagerOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Manager\ManagerOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Movies\MoviesOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Movies\MoviesOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Reference\ReferenceOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Reference\ReferenceOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Screensavers\ScreensaversOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Screensavers\ScreensaversOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\SearchAssistPlus\SearchAssistPlusOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\SearchAssistPlus\SearchAssistPlusOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\SearchMatch\SearchMatchOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\SearchMatch\SearchMatchOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Toolbar\TBProductsOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Weather\AlertArchive.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Weather\WeatherOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Weather\WeatherOptions.xml.backup (Adware.Starware) -> No action taken.
    C:\Program Files\Screensavers.com\SSSInst\bin\iebyterange.xml (Adware.Comet) -> No action taken.
    C:\Program Files\Screensavers.com\SSSInst\bin\iebyterange.xml.backup (Adware.Comet) -> No action taken.
    C:\Program Files\Screensavers.com\SSSInst\bin\SSSUninst.exe (Adware.Comet) -> No action taken.
  • toejumper
    toejumper Posts: 2,441 Forumite
    Part of the Furniture Photogenic Combo Breaker Mortgage-free Glee!
    second part
    Files Infected:
    C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWeb) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (Adware.MyWeb) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWeb) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWeb) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWeb) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWeb) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> No action taken.
    C:\WINDOWS\system32\f3PSSavr.scr (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll (Adware.MyWeb) -> No action taken.
    C:\Program Files\Internet Explorer\msimg32.dll (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\007FCF3D.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\007FD8C2.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\007FDC1D.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\007FE11F.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\007FE42C.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\007FE768 (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\00804382.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\008046FD.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\00804BC0.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\00804F1B.bin (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\00DED420 (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\016BEC5E (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Cache\files.ini (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\History\search2 (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\FunWebProducts\ScreenSaver\Images\0011B63D.urr (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\FunWebProducts\Shared\006BE9EA.dat (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\FunWebProducts\Shared\Cache\MailStampBtn.html (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\FunWebProducts\Shared\Cache\MyStationeryBtn.html (Adware.MyWebSearch) -> No action taken.
    C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\BrowserSearch\BrowserSearch.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\BrowserSearch\BrowserSearch.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Configurator\Configurator.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Configurator\Configurator.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\ErrorSearch\ErrorSearchOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\ErrorSearch\ErrorSearchOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Games\GamesOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Games\GamesOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Layouts\ToolbarLayout.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Layouts\ToolbarLayout.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Manager\ManagerOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Manager\ManagerOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Movies\MoviesOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Movies\MoviesOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Reference\ReferenceOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Reference\ReferenceOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\RelatedSearch\RelatedSearchOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\RelatedSearch\RelatedSearchOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Screensavers\ScreensaversOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Screensavers\ScreensaversOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\ScreensaversMarketingSitePager\ScreensaversMarketingSitePagerOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\SearchAssistPlus\SearchAssistPlusOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\SearchAssistPlus\SearchAssistPlusOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\SearchMatch\SearchMatchOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\SearchMatch\SearchMatchOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Toolbar\TBProductsOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Toolbar\TBProductsOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\ToolbarLogo\ToolbarLogoOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\ToolbarLogo\ToolbarLogoOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\ToolbarSearch\ToolbarSearchOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\ToolbarSearch\ToolbarSearchOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\TravelSearch\TravelSearchOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\TravelSearch\TravelSearchOptions.xml.backup (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Weather\AlertArchive.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Weather\WeatherOptions.xml (Adware.Starware) -> No action taken.
    D:\Documents and Settings\David\Application Data\Starware316\Weather\WeatherOptions.xml.backup (Adware.Starware) -> No action taken.
    C:\Program Files\Screensavers.com\SSSInst\bin\iebyterange.xml (Adware.Comet) -> No action taken.
    C:\Program Files\Screensavers.com\SSSInst\bin\iebyterange.xml.backup (Adware.Comet) -> No action taken.
    C:\Program Files\Screensavers.com\SSSInst\bin\SSSUninst.exe (Adware.Comet) -> No action taken.
  • Woofles
    Woofles Posts: 1,249 Forumite
    This may help

    http://www.pchell.com/support/mywebsearch.shtml
    Woofles you need to get out of that house. You are going insane:eek: - colinw

    apologises for spelling mistakes - google toolbar and I have had a hissy fit and I've lost me spell checker.
  • toejumper
    toejumper Posts: 2,441 Forumite
    Part of the Furniture Photogenic Combo Breaker Mortgage-free Glee!
    thank you will take a look tomorow, as it realy late, but all replies will be most
    grateful, after doing this can scan i can tell a big diffrence with pc allready. just hope theres nothing realy nasty on here
  • Browntoa
    Browntoa Posts: 49,612 Forumite
    Part of the Furniture 10,000 Posts Name Dropper Photogenic
    that log shows no action taken , rather than deleted

    did you delete the items when you finished the scan ???
    • When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
    • Click OK to close the message box and continue with the removal process.
    • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
    • Make sure that everything is checked, and click Remove Selected.
    Ex forum ambassador

    Long term forum member
  • aliEnRIK
    aliEnRIK Posts: 17,741 Forumite
    Part of the Furniture Combo Breaker
    I assume with your saying its running better that you DID delete them?

    If not do so first. Then ~

    Download HIJACK THIS (Make sure you click 'DOWNLOAD LATEST VERSION')
    http://www.filehippo.com/download_hijackthis/
    Click DO A SCAN AND SAVE A LOGFILE (Takes seconds) then post the log so we can see whats running
    (do NOT do anything else with Hijack but scan and post the FULL log)
    :idea:
  • toejumper
    toejumper Posts: 2,441 Forumite
    Part of the Furniture Photogenic Combo Breaker Mortgage-free Glee!
    yes i deleted then after i copyed and pasted the log
  • toejumper
    toejumper Posts: 2,441 Forumite
    Part of the Furniture Photogenic Combo Breaker Mortgage-free Glee!
    hi, have done the scan you recommended

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:24:23, on 12/03/2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16791)
    Boot mode: Normal
    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\brsvc01a.exe
    C:\WINDOWS\system32\brss01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    C:\PROGRA~1\AVG\AVG8\avgfws8.exe
    C:\WINDOWS\system32\Brmfrmps.exe
    c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
    C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    c:\APPS\HIDSERVICE\HIDSERVICE.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\PROGRA~1\AVG\AVG8\avgam.exe
    C:\PROGRA~1\AVG\AVG8\avgrsx.exe
    C:\WINDOWS\system32\slserv.exe
    C:\PROGRA~1\AVG\AVG8\avgnsx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\WINDOWS\wanmpsvc.exe
    c:\APPS\Powercinema\Kernel\TV\CLSched.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Apps\Powercinema\PCMService.exe
    C:\Program Files\Common Files\AOL\1137441772\ee\AOLSoftware.exe
    C:\Program Files\QuickTime\QTTask.exe
    C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
    C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    C:\Program Files\Brother\ControlCenter2\brctrcen.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe
    C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
    C:\PROGRA~1\AVG\AVG8\avgtray.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Samsung\Digimax Viewer 2.1\STImgBrowser.exe
    C:\WINDOWS\system32\sistray.exe
    C:\Program Files\AOL 9.0\waol.exe
    c:\program files\common files\aol\1137441772\ee\services\antiSpywareApp\ver2_0_12\AOLSP Scheduler.exe
    c:\program files\common files\aol\1137441772\ee\aolsoftware.exe
    C:\Program Files\Common Files\AOL\aoltpspd.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/cgi-bin/redirect/?country=UK&range=AD&phase=6&key=SEARCH
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.moneybackmadness.co.uk/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
    O2 - BHO: Adobe PDF Reader Link Helper - !!06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - !!3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: (no name) - !!724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - !!761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
    O3 - Toolbar: AOL Toolbar - !!4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O3 - Toolbar: &RoboForm - !!724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
    O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
    O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1137441772\ee\AOLSoftware.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
    O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
    O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04a\BrStDvPt.exe
    O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [AOLAspSunset2] D:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\dat\updates\aspapp\sunsetAsp2.exe
    O4 - HKLM\..\Run: [DSLSTATEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslstat.exe icon
    O4 - HKLM\..\Run: [DSLAGENTEXE] C:\Program Files\BT Voyager 105 ADSL Modem\dslagent.exe
    O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
    O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
    O4 - Global Startup: AOL Broadband Assistant.lnk = C:\Program Files\AOL\Broadband Assistant\bin\matcli.exe
    O4 - Global Startup: Digimax Viewer 2.1.lnk = C:\Program Files\Samsung\Digimax Viewer 2.1\STImgBrowser.exe
    O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
    O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
    O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
    O8 - Extra context menu item: Customize Menu - [URL]file://C:\Program[/URL] Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
    O8 - Extra context menu item: Fill Forms - [URL]file://C:\Program[/URL] Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O8 - Extra context menu item: RoboForm Toolbar - [URL]file://C:\Program[/URL] Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O8 - Extra context menu item: Save Forms - [URL]file://C:\Program[/URL] Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: Fill Forms - !!320AF880-6646-11D3-ABEE-C5DBF3571F46} - [URL]file://C:\Program[/URL] Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra 'Tools' menuitem: Fill Forms - !!320AF880-6646-11D3-ABEE-C5DBF3571F46} - [URL]file://C:\Program[/URL] Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
    O9 - Extra button: Save - !!320AF880-6646-11D3-ABEE-C5DBF3571F49} - [URL]file://C:\Program[/URL] Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra 'Tools' menuitem: Save Forms - !!320AF880-6646-11D3-ABEE-C5DBF3571F49} - [URL]file://C:\Program[/URL] Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
    O9 - Extra button: AOL Toolbar - !!4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra 'Tools' menuitem: AOL Toolbar - !!4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
    O9 - Extra button: RoboForm - !!724d43aa-0d85-11d4-9908-00400523e39a} - [URL]file://C:\Program[/URL] Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra 'Tools' menuitem: RoboForm Toolbar - !!724d43aa-0d85-11d4-9908-00400523e39a} - [URL]file://C:\Program[/URL] Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
    O9 - Extra button: (no name) - !!85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - !!85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\uk.htm
    O15 - Trusted Zone: http://*.mcafee.com
    O16 - DPF: !!0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/MSDcode.cab
    O16 - DPF: !!4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.av.aolsvc.co.uk/molbin/shared/mcinsctl/en-us/4,0,0,84/mcinsctl.cab
    O16 - DPF: !!5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
    O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.av.aolsvc.co.uk/molbin/shared/mcgdmgr/en-us/1,0,0,21/mcgdmgr.cab
    O16 - DPF: {BF6BBE9A-0656-4598-A0CD-32DAC03959B5} (Image Uploader 3.0 Control) - http://www.tescophoto.com/wpp/tesco/app/opcuploader.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\!!39FA3956-AD95-4000-A123-571583D87F52}: NameServer = 92.31.242.20 92.31.242.21
    O17 - HKLM\System\CCS\Services\Tcpip\..\!!97D768D9-A8AA-4BA9-A955-3F7BB10CA546}: NameServer = 205.188.146.145
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
    O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
    O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
    O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
    O23 - Service: AVG8 E-mail Scanner (avg8emc) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgemc.exe (file missing)
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
    O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
    O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
    O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
    --
    End of file - 13588 bytes
  • aliEnRIK
    aliEnRIK Posts: 17,741 Forumite
    Part of the Furniture Combo Breaker
    FIX these using hijack ~
    O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
    O15 - Trusted Zone: http://*.mcafee.com
    O17 - HKLM\System\CCS\Services\Tcpip\..\!!97D768D9-A8AA-4BA9-A955-3F7BB10CA546}: NameServer = 205.188.146.145


    AOL ANTI SPYWARE I always say is cr*p ~ and your post proves that


    Download SUPERANTISPYWARE (Make sure you click 'DOWNLOAD LATEST VERSION')
    http://www.filehippo.com/download_superantispyware/
    UPDATE and PERFORM COMPLETE SCAN

    Then run COMBOFIX
    Post the log it creates :)
    :idea:
  • toejumper
    toejumper Posts: 2,441 Forumite
    Part of the Furniture Photogenic Combo Breaker Mortgage-free Glee!
    hi, tryed clicking on Macafee page not found, and the other one page wont load, thanks
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 352K Banking & Borrowing
  • 253.5K Reduce Debt & Boost Income
  • 454.2K Spending & Discounts
  • 245K Work, Benefits & Business
  • 600.6K Mortgages, Homes & Bills
  • 177.4K Life & Family
  • 258.8K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.2K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture