Sorry but another log

Nelski · 17 March 2009 at 6:38PM

Hi everyone

Have a very slow pc at the moment so have read some of the threads with advise and am now at the limit of my ability (didnt take long really

)

Have done the malwarebyes scan and got rid of what it said I should and now this is the hiijack this log. Anything I can do to speed it up please it takes about 15 mins to boot now.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:23:26, on 17/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\gsicon.exe
C:\WINDOWS\system32\dslagent.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Common Files\AOL\1206973453\ee\AOLSoftware.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\BullGuard Software\BullGuard\bullguard.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\BullGuard Software\BullGuard\BullGuardUpdate.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_L18382.EXE
C:\Program Files\Apple Software Update\SoftwareUpdate.exe
C:\WINDOWS\system32\DllHost.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\MsiExec.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aol.co.uk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENGB/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: Adobe PDF Reader Link Helper - !!06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AOL Toolbar Launcher - !!7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O2 - BHO: (no name) - !!7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - !!9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: &Google Toolbar - !!2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [BullGuard] "C:\Program Files\BullGuard Software\BullGuard\bullguard.exe" -boot
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1206973453\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BVRPLiveUpdate] C:\Program Files\Avanquest update\Engine\Setup.exe -s /PATCH,/SRCUPDATEC:\DOCUME~1\ALLUSE~1\APPLIC~1\SONYER~1\SONYER~1\LIVEUP~1\LISTOF~1.DAT
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BullGuard] "C:\Program Files\BullGuard Software\BullGuard\bullguard.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: EPSON Status Monitor 3 Environment Check(2).lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 5.0\resources\en-GB\local\search.html
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Blog This - !!219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - !!219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: AOL Toolbar - !!3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O9 - Extra button: Research - !!92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: !!4E62C4DE-627D-4604-B157-4B7D6B09F02E} (Egg Money Manager Digital Safe) - https://moneymanager.egg.com/Pinsafe/accounttracking.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: BullGuard LiveUpdate (BGLiveSvc) - BullGuard Software - C:\Program Files\BullGuard Software\BullGuard\BullGuardUpdate.exe
O23 - Service: BGRaSvc - BullGuard - C:\Program Files\BullGuard Software\BullGuard\support\bgrasvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
--
End of file - 10748 bytes

thanks in anticipation

aliEnRIK · 17 March 2009 at 6:47PM

Please open Malwarebytes
Goto LOGS and post the FULL log please

aliEnRIK · 17 March 2009 at 6:54PM

FIX these ~
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - !!7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

Download SUPERANTISPYWARE (Make sure you click 'DOWNLOAD LATEST VERSION')
http://www.filehippo.com/download_superantispyware/
UPDATE and PERFORM COMPLETE SCAN

Upto you but id also suggest uninstalling BULLGUARD and replacing it with AVIRA
http://download.cnet.com/Avira-AntiVir-Personal-Free-Antivirus/3000-2239_4-10322935.html?part=dl-10322935&subj=dl&!!!!!button&cdlPid=11012914

(And switching on 'windows firewall' if you need to)

Nelski · 17 March 2009 at 6:58PM

sorry

I have 3 in the log section so I will do them all

Malwarebytes' Anti-Malware 1.34
Database version: 1857
Windows 5.1.2600 Service Pack 3
17/03/2009 11:52:21
mbam-log-2009-03-17 (11-52-21).txt
Scan type: Full Scan (C:\|G:\|)
Objects scanned: 132841
Time elapsed: 1 hour(s), 8 minute(s), 24 second(s)
Memory Processes Infected: 1
Memory Modules Infected: 7
Registry Keys Infected: 160
Registry Values Infected: 11
Registry Data Items Infected: 0
Folders Infected: 18
Files Infected: 99
Memory Processes Infected:
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Unloaded process successfully.
Memory Modules Infected:
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Delete on reboot.
Registry Keys Infected:
HKEY_CLASSES_ROOT\TypeLib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\!!07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\!!07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\!!07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\!!07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\!!07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\!!07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\!!00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\!!00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\cpbrkpie.coupon6ctrl.1 (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!9522b3fb-7a2b-4646-8af6-36e7f593073c} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\!!9522b3fb-7a2b-4646-8af6-36e7f593073c} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\!!87255c51-cd7d-4506-b9ad-97606daf53f3} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!6e780f0b-bcd6-40cb-b2db-7af47ab4d4a4} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a138be8b-f051-4802-9a3f-a750a6d862d4} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\!!25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\!!25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\!!8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\!!3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\!!3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\!!98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\!!8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\!!63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!8e6f1832-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\!!3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\!!3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\!!7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\!!7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\!!29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\!!9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\!!9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a85a5e6a-de2c-4f4e-99dc-f469df5a0eec} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\!!7819bded-4ab8-4b4b-83da-f2823b146ddd} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\!!38be0c64-3fd2-44b2-a94b-ba16bf860e01} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b2c002ef-dba8-4b96-ac9d-7d231aa2fb56} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!3b5e9b23-7537-4601-a9e8-fa0d956dea16} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\!!84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\!!0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Nelski · 17 March 2009 at 6:58PM

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\!!1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\!!56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\!!56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\!!1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\!!59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\!!68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\!!9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\mywebsearchservice (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\mywebsearchservice (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\mywebsearchservice (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\my web search bar search scope monitor (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch email plugin (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\!!07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\!!07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\!!00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mywebsearch plugin (Adware.MyWeb) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\CouponPrinter.ocx (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\ (Adware.Hotbar) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\Avatar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\SrchAstt\1.bin (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Files Infected:
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\Program Files\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (Adware.MyWeb) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\WINDOWS\CouponPrinter.ocx (Adware.Coupons) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\WINDOWS\csauie1.ocx (Adware.Coupons) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Delete on reboot.
C:\Program Files\Internet Explorer\msimg32.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\Program Files\Windows Live\Messenger\riched20.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll (Adware.MyWeb) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\cpnprt2.cid (Adware.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00046EA4 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\009431AE.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\00943364.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\009436BF.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0A66B5EE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0A66BB0E.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0A66BFA2.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0A66C2AF.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0A66C475.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0A89C3EE.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0A89C8B0.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0A89CB6F.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0A89CE7D.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0A89D217.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\0A89D3EB (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\History\search3 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\setting2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\settings.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\ScreenSaver\Images\0A780081.urr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\AvatarSmallBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\FunBuddyIconBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MailStampBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\MyStationeryBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Nelski · 17 March 2009 at 6:59PM

Malwarebytes' Anti-Malware 1.34
Database version: 1857
Windows 5.1.2600 Service Pack 3
17/03/2009 16:05:57
mbam-log-2009-03-17 (16-05-57).txt
Scan type: Full Scan (C:\|G:\|)
Objects scanned: 132846
Time elapsed: 1 hour(s), 6 minute(s), 30 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)

aliEnRIK · 17 March 2009 at 7:13PM

Make sure you run SAS as id expect that to find some more MYWEBSEARCH

Nelski · 17 March 2009 at 7:20PM

aliEnRIK wrote: »

FIX these ~
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - !!7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

Download SUPERANTISPYWARE (Make sure you click 'DOWNLOAD LATEST VERSION')
http://www.filehippo.com/download_superantispyware/
UPDATE and PERFORM COMPLETE SCAN

Upto you but id also suggest uninstalling BULLGUARD and replacing it with AVIRA
http://download.cnet.com/Avira-AntiVir-Personal-Free-Antivirus/3000-2239_4-10322935.html?part=dl-10322935&subj=dl&!!!!!button&cdlPid=11012914

(And switching on 'windows firewall' if you need to)

Running SAS now (switched to my lappy for this) Sorry to be really really dumb but how do I fix the above?

thanks so much for all this effort btw

Nels x

aliEnRIK · 17 March 2009 at 8:07PM

sorry

Open Hijack and scan again. TICK them then FIX them

Nelski · 17 March 2009 at 8:22PM

SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 03/17/2009 at 07:05 PM
Application Version : 4.25.1014
Core Rules Database Version : 3799
Trace Rules Database Version: 1754
Scan type : Complete Scan
Total Scan Time : 00:49:04
Memory items scanned : 693
Memory threats detected : 0
Registry items scanned : 5169
Registry threats detected : 12
File items scanned : 19758
File threats detected : 336
Adware.Tracking Cookie
C:\Documents and Settings\User\Cookies\user@statcounter[1].txt
C:\Documents and Settings\User\Cookies\user@ads.statonly[1].txt
C:\Documents and Settings\User\Cookies\user@lulu.112.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@propertyfinderltd.122.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@countryside-properties[1].txt
C:\Documents and Settings\User\Cookies\user@adverticum[1].txt
C:\Documents and Settings\User\Cookies\user@msnaccountservices.112.2o7[2].txt
C:\Documents and Settings\User\Cookies\user@amazonms.122.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@indextools[1].txt
C:\Documents and Settings\User\Cookies\user@imrworldwide[1].txt
C:\Documents and Settings\User\Cookies\user@server.iad.liveperson[3].txt
C:\Documents and Settings\User\Cookies\user@insightexpressai[1].txt
C:\Documents and Settings\User\Cookies\user@serving-sys[3].txt
C:\Documents and Settings\User\Cookies\user@ehg-debenhams.hitbox[2].txt
C:\Documents and Settings\User\Cookies\user@stats.cdrinfo[1].txt
C:\Documents and Settings\User\Cookies\user@argon.switchmedia.co[2].txt
C:\Documents and Settings\User\Cookies\user@webstats.plus[2].txt
C:\Documents and Settings\User\Cookies\user@adbrite[2].txt
C:\Documents and Settings\User\Cookies\user@fastclick[2].txt
C:\Documents and Settings\User\Cookies\user@uk.sitestat[8].txt
C:\Documents and Settings\User\Cookies\user@ehg-lhw.hitbox[2].txt
C:\Documents and Settings\User\Cookies\user@ufindus[2].txt
C:\Documents and Settings\User\Cookies\user@valueclick[2].txt
C:\Documents and Settings\User\Cookies\user@aoluk.122.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@122.2o7[2].txt
C:\Documents and Settings\User\Cookies\user@counter.surfcounters[1].txt
C:\Documents and Settings\User\Cookies\user@ad.zanox[2].txt
C:\Documents and Settings\User\Cookies\user@paypal.112.2o7[2].txt
C:\Documents and Settings\User\Cookies\user@metacafe.122.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@uk.sitestat[1].txt
C:\Documents and Settings\User\Cookies\user@www.burstnet[2].txt
C:\Documents and Settings\User\Cookies\user@msnbc.112.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@2o7[2].txt
C:\Documents and Settings\User\Cookies\user@itxt.vibrantmedia[1].txt
C:\Documents and Settings\User\Cookies\user@adtech[1].txt
C:\Documents and Settings\User\Cookies\user@adrevolver[1].txt
C:\Documents and Settings\User\Cookies\user@carphonewarehouse.112.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@media.adrevolver[2].txt
C:\Documents and Settings\User\Cookies\user@uk.sitestat[6].txt
C:\Documents and Settings\User\Cookies\user@int.sitestat[1].txt
C:\Documents and Settings\User\Cookies\user@roiservice[1].txt
C:\Documents and Settings\User\Cookies\user@ads.aol.co[1].txt
C:\Documents and Settings\User\Cookies\user@ehg-gatehousemedia.hitbox[2].txt
C:\Documents and Settings\User\Cookies\user@apmebf[2].txt
C:\Documents and Settings\User\Cookies\user@dennis.cerosmedia[2].txt
C:\Documents and Settings\User\Cookies\user@test.coremetrics[1].txt
C:\Documents and Settings\User\Cookies\user@aimfar.solution.weborama[1].txt
C:\Documents and Settings\User\Cookies\user@ad.yieldmanager[2].txt
C:\Documents and Settings\User\Cookies\user@atwola[2].txt
C:\Documents and Settings\User\Cookies\user@clickbank[1].txt
C:\Documents and Settings\User\Cookies\user@adopt.specificclick[2].txt
C:\Documents and Settings\User\Cookies\user@tribalfusion[2].txt
C:\Documents and Settings\User\Cookies\user@revsci[1].txt
C:\Documents and Settings\User\Cookies\user@192com.112.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@kontera[2].txt
C:\Documents and Settings\User\Cookies\user@burstnet[1].txt
C:\Documents and Settings\User\Cookies\user@ad.uk.tangozebra[1].txt
C:\Documents and Settings\User\Cookies\user@questionmarket[1].txt
C:\Documents and Settings\User\Cookies\user@rocku.adbureau[2].txt
C:\Documents and Settings\User\Cookies\user@hotelscom.122.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@audit.median[1].txt
C:\Documents and Settings\User\Cookies\user@casalemedia[1].txt
C:\Documents and Settings\User\Cookies\user@atdmt[2].txt
C:\Documents and Settings\User\Cookies\user@006.free-counters.co[1].txt
C:\Documents and Settings\User\Cookies\user@s2.shinystat[1].txt
C:\Documents and Settings\User\Cookies\user@aoleusearch.122.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@realmedia[2].txt
C:\Documents and Settings\User\Cookies\user@bluestreak[2].txt
C:\Documents and Settings\User\Cookies\user@webstats.plus[1].txt
C:\Documents and Settings\User\Cookies\user@www.clash-media[2].txt
C:\Documents and Settings\User\Cookies\user@tracking.summitmedia.co[1].txt
C:\Documents and Settings\User\Cookies\user@112.2o7[2].txt
C:\Documents and Settings\User\Cookies\user@track.affilibid[1].txt
C:\Documents and Settings\User\Cookies\user@tacoda[1].txt
C:\Documents and Settings\User\Cookies\user@track.webgains[1].txt
C:\Documents and Settings\User\Cookies\user@overture[2].txt
C:\Documents and Settings\User\Cookies\user@e-2dj6wcliomdjaho.stats.esomniture[2].txt
C:\Documents and Settings\User\Cookies\user@media.adrevolver[1].txt
C:\Documents and Settings\User\Cookies\user@anad.tacoda[1].txt
C:\Documents and Settings\User\Cookies\user@uk.sitestat[4].txt
C:\Documents and Settings\User\Cookies\user@windowsmedia[1].txt
C:\Documents and Settings\User\Cookies\user@maxporn[1].txt
C:\Documents and Settings\User\Cookies\user@ads.pointroll[2].txt
C:\Documents and Settings\User\Cookies\user@tradedoubler[1].txt
C:\Documents and Settings\User\Cookies\user@ehg-wssuk.hitbox[2].txt
C:\Documents and Settings\User\Cookies\user@tracking.bluebarracuda[1].txt
C:\Documents and Settings\User\Cookies\user@bs.serving-sys[1].txt
C:\Documents and Settings\User\Cookies\user@zedo[1].txt
C:\Documents and Settings\User\Cookies\user@www.sewingmachinediscount.co[2].txt
C:\Documents and Settings\User\Cookies\user@doubleclick[2].txt
C:\Documents and Settings\User\Cookies\user@bravenet[2].txt
C:\Documents and Settings\User\Cookies\user@mediaplex[2].txt
C:\Documents and Settings\User\Cookies\user@track.adform[1].txt
C:\Documents and Settings\User\Cookies\user@trinitymirror.112.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@adopt.euroclick[1].txt
C:\Documents and Settings\User\Cookies\user@rotator.adjuggler[2].txt
C:\Documents and Settings\User\Cookies\user@msnportal.112.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@specificclick[2].txt
C:\Documents and Settings\User\Cookies\user@socialmedia[1].txt
C:\Documents and Settings\User\Cookies\user@uk.sitestat[2].txt
C:\Documents and Settings\User\Cookies\user@e-2dj6wflieodpsfq.stats.esomniture[2].txt
C:\Documents and Settings\User\Cookies\user@myroitracking[1].txt
C:\Documents and Settings\User\Cookies\user@statse.webtrendslive[2].txt
C:\Documents and Settings\User\Cookies\user@hitbox[2].txt
C:\Documents and Settings\User\Cookies\user@247realmedia[1].txt
C:\Documents and Settings\User\Cookies\user@edge.ru4[1].txt
C:\Documents and Settings\User\Cookies\user@counter2.hitslink[1].txt
C:\Documents and Settings\User\Cookies\user@advertising[2].txt
C:\Documents and Settings\User\Cookies\user@ads.telegraph.co[1].txt
C:\Documents and Settings\User\Cookies\user@account.live[1].txt
C:\Documents and Settings\User\Cookies\user@adultadworld[1].txt
C:\Documents and Settings\User\Cookies\user@CAZMG2U5.txt
C:\Documents and Settings\User\Cookies\user@adecn[1].txt
C:\Documents and Settings\User\Cookies\user@uk.sitestat[11].txt
C:\Documents and Settings\User\Cookies\user@ad2.clickhype[1].txt
C:\Documents and Settings\User\Cookies\user@stat.dealtime[2].txt
C:\Documents and Settings\User\Cookies\user@CA7EUJP8.txt
C:\Documents and Settings\User\Cookies\user@xiti[1].txt
C:\Documents and Settings\User\Cookies\user@tracker.roitesting[1].txt
C:\Documents and Settings\User\Cookies\user@CAPMKCSI.txt
C:\Documents and Settings\User\Cookies\user@femalefirst.co[2].txt
C:\Documents and Settings\User\Cookies\user@adviva[2].txt
C:\Documents and Settings\User\Cookies\user@CAE0Z4NP.txt
C:\Documents and Settings\User\Cookies\user@hornymatches[1].txt
C:\Documents and Settings\User\Cookies\user@pro-market[2].txt
C:\Documents and Settings\User\Cookies\user@uk.sitestat[5].txt
C:\Documents and Settings\User\Cookies\user@richmedia.yahoo[1].txt
C:\Documents and Settings\User\Cookies\user@ads.adgoto[2].txt
C:\Documents and Settings\User\Cookies\user@videoegg.adbureau[2].txt
C:\Documents and Settings\User\Cookies\user@server.lon.liveperson[1].txt
C:\Documents and Settings\User\Cookies\user@ehg-travelintelligence.hitbox[2].txt
C:\Documents and Settings\User\Cookies\user@weborama[2].txt
C:\Documents and Settings\User\Cookies\user@sales.liveperson[2].txt
C:\Documents and Settings\User\Cookies\user@sales.liveperson[1].txt
C:\Documents and Settings\User\Cookies\user@teenstryanal[1].txt
C:\Documents and Settings\User\Cookies\user@uk.sitestat[10].txt
C:\Documents and Settings\User\Cookies\user@ehg-reed.hitbox[1].txt
C:\Documents and Settings\User\Cookies\user@keywordmax[1].txt
C:\Documents and Settings\User\Cookies\user@tripod[2].txt
C:\Documents and Settings\User\Cookies\user@int.sitestat[4].txt
C:\Documents and Settings\User\Cookies\user@!!!!!!.naughtyfiles[1].txt
C:\Documents and Settings\User\Cookies\user@ads.emailjokes.co[1].txt
C:\Documents and Settings\User\Cookies\user@web-stat[1].txt
C:\Documents and Settings\User\Cookies\user@CAC7R8RK.txt
C:\Documents and Settings\User\Cookies\user@ehg-rodale.hitbox[1].txt
C:\Documents and Settings\User\Cookies\user@uk.sitestat[7].txt
C:\Documents and Settings\User\Cookies\user@dynamic.media.adrevolver[2].txt
C:\Documents and Settings\User\Cookies\user@ads.expedia[2].txt
C:\Documents and Settings\User\Cookies\user@data.coremetrics[1].txt
C:\Documents and Settings\User\Cookies\user@ads.uknetguide.co[2].txt
C:\Documents and Settings\User\Cookies\user@partner2profit[1].txt
C:\Documents and Settings\User\Cookies\user@indexstats[2].txt
C:\Documents and Settings\User\Cookies\user@dmtracker[1].txt
C:\Documents and Settings\User\Cookies\user@saletrack.co[2].txt
C:\Documents and Settings\User\Cookies\user@uk.sitestat[3].txt
C:\Documents and Settings\User\Cookies\user@stat.onestat[1].txt
C:\Documents and Settings\User\Cookies\user@armstrong.112.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@harpo.122.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@thomascook.122.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@msnlivefavorites.112.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@stats.manticoretechnology[1].txt
C:\Documents and Settings\User\Cookies\user@ehg-bbc.hitbox[1].txt
C:\Documents and Settings\User\Cookies\user@uk.sitestat[9].txt
C:\Documents and Settings\User\Cookies\user@propertyfinder[1].txt
C:\Documents and Settings\User\Cookies\user@int.sitestat[2].txt
C:\Documents and Settings\User\Cookies\user@mywebsearch[1].txt
C:\Documents and Settings\User\Cookies\user@CAA9Y5ND.txt
C:\Documents and Settings\User\Cookies\user@as1.falkag[1].txt
C:\Documents and Settings\User\Cookies\user@linksynergy[2].txt
C:\Documents and Settings\User\Cookies\user@server.lon.liveperson[3].txt
C:\Documents and Settings\User\Cookies\user@www.virginmedia[2].txt
C:\Documents and Settings\User\Cookies\user@webtracking.touchclarity[1].txt
C:\Documents and Settings\User\Cookies\user@ad2.doublepimp[1].txt
C:\Documents and Settings\User\Cookies\user@web4.realtracker[1].txt
C:\Documents and Settings\User\Cookies\user@server.lon.liveperson[4].txt
C:\Documents and Settings\User\Cookies\user@counter.hitslink[1].txt
C:\Documents and Settings\User\Cookies\user@www.freepornsite[2].txt
C:\Documents and Settings\User\Cookies\user@iacas.adbureau[2].txt
C:\Documents and Settings\User\Cookies\user@CAB6L7B7.txt
C:\Documents and Settings\User\Cookies\user@ehg-mgnlimited.hitbox[1].txt
C:\Documents and Settings\User\Cookies\user@CAJOVPUG.txt
C:\Documents and Settings\User\Cookies\user@stats.ifslearning[1].txt
C:\Documents and Settings\User\Cookies\user@phillyburbscom.112.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@www.femalefirst.co[2].txt
C:\Documents and Settings\User\Cookies\user@int.sitestat[5].txt
C:\Documents and Settings\User\Cookies\user@CAN3NYPQ.txt
C:\Documents and Settings\User\Cookies\user@ehg-futurepub.hitbox[2].txt
C:\Documents and Settings\User\Cookies\user@www.findacourse[2].txt
C:\Documents and Settings\User\Cookies\user@www.dontpanicmedia[2].txt
C:\Documents and Settings\User\Cookies\user@youngentrepreneur[2].txt
C:\Documents and Settings\User\Cookies\user@www.w3counter[1].txt
C:\Documents and Settings\User\Cookies\user@adserver.bizhelp24[1].txt
C:\Documents and Settings\User\Cookies\user@w00tpublishers.wootmedia[1].txt
C:\Documents and Settings\User\Cookies\user@trackingx[1].txt
C:\Documents and Settings\User\Cookies\user@ehg-systemax.hitbox[1].txt
C:\Documents and Settings\User\Cookies\user@questionpro[2].txt
C:\Documents and Settings\User\Cookies\user@mortgagescountrywide.co[1].txt
C:\Documents and Settings\User\Cookies\user@giftscom.122.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@tribalddb.122.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@CAC1C9V1.txt
C:\Documents and Settings\User\Cookies\user@ads.anm.co[2].txt
C:\Documents and Settings\User\Cookies\user@marieclaire.ipcmediasecure[2].txt
C:\Documents and Settings\User\Cookies\user@te.kontera[2].txt
C:\Documents and Settings\User\Cookies\user@pornhub[1].txt
C:\Documents and Settings\User\Cookies\user@CA0CE0TE.txt
C:\Documents and Settings\User\Cookies\user@CAGZJWPU.txt
C:\Documents and Settings\User\Cookies\user@CAVUGMDJ.txt
C:\Documents and Settings\User\Cookies\user@nedstat.192[1].txt
C:\Documents and Settings\User\Cookies\user@eas.apm.emediate[1].txt
C:\Documents and Settings\User\Cookies\user@postclicktracking[1].txt
C:\Documents and Settings\User\Cookies\user@www.googleadservices[3].txt
C:\Documents and Settings\User\Cookies\user@adultfriendfinder[1].txt
C:\Documents and Settings\User\Cookies\user@ad1.emediate[2].txt
C:\Documents and Settings\User\Cookies\user@bannersng.yell[1].txt
C:\Documents and Settings\User\Cookies\user@CAXHVKNQ.txt
C:\Documents and Settings\User\Cookies\user@CAK7RQ5M.txt
C:\Documents and Settings\User\Cookies\user@freepornsite[2].txt
C:\Documents and Settings\User\Cookies\user@banner.poker.blackpoolclub.co[2].txt
C:\Documents and Settings\User\Cookies\user@enhance[1].txt
C:\Documents and Settings\User\Cookies\user@clickshift[1].txt
C:\Documents and Settings\User\Cookies\user@dontpanicmedia[2].txt
C:\Documents and Settings\User\Cookies\user@ehg-autotrader.hitbox[1].txt
C:\Documents and Settings\User\Cookies\user@fullporn[2].txt
C:\Documents and Settings\User\Cookies\user@CATBE6H5.txt
C:\Documents and Settings\User\Cookies\user@ads.holidays-uncovered.co[2].txt
C:\Documents and Settings\User\Cookies\user@www.googleadservices[2].txt
C:\Documents and Settings\User\Cookies\user@atoc.112.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@umstreet.adbureau[2].txt
C:\Documents and Settings\User\Cookies\user@talksport.cerosmedia[2].txt
C:\Documents and Settings\User\Cookies\user@banner.bingo.blackpoolclub.co[2].txt
C:\Documents and Settings\User\Cookies\user@ads.clicksor[1].txt
C:\Documents and Settings\User\Cookies\user@int.sitestat[3].txt
C:\Documents and Settings\User\Cookies\user@pacificpoker[1].txt
C:\Documents and Settings\User\Cookies\user@haynet.adbureau[2].txt
C:\Documents and Settings\User\Cookies\user@lotsofads.smilingtraffic[1].txt
C:\Documents and Settings\User\Cookies\user@adserver.aol[1].txt
C:\Documents and Settings\User\Cookies\user@www.fullporn[1].txt
C:\Documents and Settings\User\Cookies\user@tremor.adbureau[1].txt
C:\Documents and Settings\User\Cookies\user@banner.casino.blackpoolclub.co[2].txt
C:\Documents and Settings\User\Cookies\user@readersdigest.122.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@quicktime.mediaplayer-stop[1].txt
C:\Documents and Settings\User\Cookies\user@eb.adbureau[2].txt
C:\Documents and Settings\User\Cookies\user@interclick[1].txt
C:\Documents and Settings\User\Cookies\user@chitika[1].txt
C:\Documents and Settings\User\Cookies\user@teletext.112.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@data.coremetrics[2].txt
C:\Documents and Settings\User\Cookies\user@dealtime.co[1].txt
C:\Documents and Settings\User\Cookies\user@trvlnet.adbureau[1].txt
C:\Documents and Settings\User\Cookies\user@24porn7[2].txt
C:\Documents and Settings\User\Cookies\user@freeporn[1].txt
C:\Documents and Settings\User\Cookies\user@CACTRMGI.txt
C:\Documents and Settings\User\Cookies\user@men.122.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@uk.at.atwola[1].txt
C:\Documents and Settings\User\Cookies\user@CATRJLX8.txt
C:\Documents and Settings\User\Cookies\user@e-2dj6whmygkajibp.stats.esomniture[2].txt
C:\Documents and Settings\User\Cookies\user@ads.addynamix[1].txt
C:\Documents and Settings\User\Cookies\user@adserver1.backbeatmedia[1].txt
C:\Documents and Settings\User\Cookies\user@www.smartadserver[2].txt
C:\Documents and Settings\User\Cookies\user@www.googleadservices[10].txt
C:\Documents and Settings\User\Cookies\user@log.seniorstats.co[1].txt
C:\Documents and Settings\User\Cookies\user@trafficmp[2].txt
C:\Documents and Settings\User\Cookies\user@CAV74DHU.txt
C:\Documents and Settings\User\Cookies\user@log.seniorstats.co[2].txt
C:\Documents and Settings\User\Cookies\user@ehg-penguingroupusa.hitbox[1].txt
C:\Documents and Settings\User\Cookies\user@findingoptimism[1].txt
C:\Documents and Settings\User\Cookies\user@gmgmacfs.112.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@www.googleadservices[8].txt
C:\Documents and Settings\User\Cookies\user@CA1DF9JO.txt
C:\Documents and Settings\User\Cookies\user@www.clickmanage[2].txt
C:\Documents and Settings\User\Cookies\user@server.lon.liveperson[2].txt
C:\Documents and Settings\User\Cookies\user@ehg-capitalgroup.hitbox[2].txt
C:\Documents and Settings\User\Cookies\user@smartadserver[2].txt
C:\Documents and Settings\User\Cookies\user@adcentriconline[2].txt
C:\Documents and Settings\User\Cookies\user@CASENYJU.txt
C:\Documents and Settings\User\Cookies\user@CAW2JXR4.txt
C:\Documents and Settings\User\Cookies\user@CA62XY7Q.txt
C:\Documents and Settings\User\Cookies\user@www.googleadservices[11].txt
C:\Documents and Settings\User\Cookies\user@collective-media[2].txt
C:\Documents and Settings\User\Cookies\user@nhhotelessa.112.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@virginmedia[2].txt
C:\Documents and Settings\User\Cookies\user@www.dontpanicmedia[3].txt
C:\Documents and Settings\User\Cookies\user@CAML0PNZ.txt
C:\Documents and Settings\User\Cookies\user@ads.realtechnetwork[2].txt
C:\Documents and Settings\User\Cookies\user@CAWZYU35.txt
C:\Documents and Settings\User\Cookies\user@admanager.trackset[1].txt
C:\Documents and Settings\User\Cookies\user@revsci[3].txt
C:\Documents and Settings\User\Cookies\user@stats.adbrite[1].txt
C:\Documents and Settings\User\Cookies\user@findacourse[1].txt
C:\Documents and Settings\User\Cookies\user@ads.adfero.co[1].txt
C:\Documents and Settings\User\Cookies\user@www.googleadservices[6].txt
C:\Documents and Settings\User\Cookies\user@CAQ4EZM6.txt
C:\Documents and Settings\User\Cookies\user@CA0LTY81.txt
C:\Documents and Settings\User\Cookies\user@CAKOLXCH.txt
C:\Documents and Settings\User\Cookies\user@CAFURFCU.txt
C:\Documents and Settings\User\Cookies\user@fr.sitestat[2].txt
C:\Documents and Settings\User\Cookies\user@fr.sitestat[1].txt
C:\Documents and Settings\User\Cookies\user@passport.menmedia.co[2].txt
C:\Documents and Settings\User\Cookies\user@incisivemedia.112.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@CAYIDS8G.txt
C:\Documents and Settings\User\Cookies\user@ehg-spypublishing.hitbox[2].txt
C:\Documents and Settings\User\Cookies\user@ads.mediamayhemcorp[1].txt
C:\Documents and Settings\User\Cookies\user@advertstream[1].txt
C:\Documents and Settings\User\Cookies\user@marksandspencer.122.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@www.freeporn[1].txt
C:\Documents and Settings\User\Cookies\user@CA1EPPSV.txt
C:\Documents and Settings\User\Cookies\user@millenniumhotels.122.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@emediate[2].txt
C:\Documents and Settings\User\Cookies\user@ehg-tfl.hitbox[2].txt
C:\Documents and Settings\User\Cookies\user@www.googleadservices[5].txt
C:\Documents and Settings\User\Cookies\user@stats.searchtrack[1].txt
C:\Documents and Settings\User\Cookies\user@adverturesnewmediaservices.112.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@www.googleadservices[7].txt
C:\Documents and Settings\User\Cookies\user@server.iad.liveperson[1].txt
C:\Documents and Settings\User\Cookies\user@ehg-bestwestern.hitbox[2].txt
C:\Documents and Settings\User\Cookies\user@cerosmedia[1].txt
C:\Documents and Settings\User\Cookies\user@stats.paypal[2].txt
C:\Documents and Settings\User\Cookies\user@www.googleadservices[1].txt
C:\Documents and Settings\User\Cookies\user@sales.liveperson[4].txt
C:\Documents and Settings\User\Cookies\user@ar.atwola[2].txt
C:\Documents and Settings\User\Cookies\user@at.atwola[1].txt
C:\Documents and Settings\User\Cookies\user@premiumtv.122.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@microsoftwindows.112.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@flairviewtravel.112.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@rezidor.112.2o7[1].txt
C:\Documents and Settings\User\Cookies\user@www.googleadservices[9].txt
C:\Documents and Settings\User\Cookies\user@adfarm1.adition[1].txt
C:\Documents and Settings\User\Cookies\user@content.yieldmanager.edgesuite[1].txt
C:\Documents and Settings\User\Cookies\user@media.expedia[2].txt
C:\Documents and Settings\User\Cookies\user@server.lon.liveperson[5].txt
C:\Documents and Settings\User\Cookies\user@CAX0NBXU.txt
C:\Documents and Settings\User\Cookies\user@CAH8XRHF.txt
C:\Documents and Settings\User\Cookies\user@e-2dj6wfk4cpdjkco.stats.esomniture[2].txt
C:\Documents and Settings\User\Cookies\user@content.yieldmanager[1].txt
C:\Documents and Settings\User\Cookies\user@www.googleadservices[4].txt
C:\Documents and Settings\User\Cookies\user@ar.atwola[1].txt
C:\Documents and Settings\User\Cookies\user@serving-sys[1].txt
Adware.MyWebSearch/FunWebProducts
HKU\S-1-5-21-823518204-1214440339-682003330-1003\SOFTWARE\FunWebProducts
HKCR\CLSID\!!9AFB8248-617F-460d-9366-D71CDEDA3179}
HKCR\CLSID\!!9AFB8248-617F-460d-9366-D71CDEDA3179}\TreatAs
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE#NextInstance
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#Service
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#Legacy
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#ConfigFlags
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#Class
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#ClassGUID
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#DeviceDesc

SAS log just done

aliEnRIK · 17 March 2009 at 8:25PM

Download SPYBOT (Make sure you click 'DOWNLOAD LATEST VERSION' ~ make sure TEA TIMER is UNTICKED on installation)
http://www.filehippo.com/download_spybot_search_destroy/
UPDATE and IMMUNISE (Make sure it reads ZERO unprotected) and SCAN
(Immunising will prevent a lot of those dodgy cookies being stored on your computer)

Then shut down your anti virus

Run COMBOFIX
Post the log here when its finished scanning

Fire up your anti virus again then ~

Download CCLEANER (Make sure you click 'DOWNLOAD LATEST VERSION' ~ make sure YAHOO TOOLBAR is unticked on installation)
http://www.filehippo.com/download_ccleaner/
Run the CLEANER scan (UNTICK 'cookies')
Then run the REGISTRY scan (Backup the registry when it asks)

then id say (log permitting) your good to go

Sorry but another log

Comments

Confirm your email address to Create Threads and Reply

🚀 Getting Started

Categories

Is this how you want to be seen?

Get our FREE Weekly email full of deals & guides - and it’s spam-free