Jump to content

loss of internet after malwarebytes scan


Recommended Posts

I should probably start by saying that all of my problems began after a trojan removal by malwarebytes. I had 2 trojans found and removed by malwarebytes and subsequently I lost my internet access through internet explorer. Internet explorer however does work in safe mode. I've been using malwarebytes for years and have never had a problem with it before, so I'm not inclinded to believe that it has caused the problem. What is strange is that my computer shows that I have full access to the internet, and this is validated because I have a remote access program that is working like a champ. Norton has access and those are the only two programs that do have access. Oh and internet explorer, turbo tax, google chrome etc all work just fine and have access in safe mode with networking. The log for the malwarebytes scan is right below the list of things I have tried. It says that all of the trojans have been removed successfully so I'd say that my computer is clean of spyware that might stop my computer from access. Right after malwarebytes is hijack this. I know it shows there are a lot of things running but keep in mind I've already done a clean boot and turned all of it off, still...no internet.

ipconfig /release and reset

dns flushed

winsock and tcp/ip set back to defaults (i'm sure there's a technical term for all of this but I don't know it)

clean boot (all the services etc turned off...although for some reason I can't turn the norton service off)

Malwarebytes Anti-Malware 1.65.1.1000

www.malwarebytes.org

Database version: v2012.12.26.05

Windows 7 Service Pack 1 x86 NTFS

Internet Explorer 9.0.8112.16421

Jay :: D12CQBC1 [administrator]

12/25/2012 11:44:06 PM

mbam-log-2012-12-25 (23-44-06).txt

Scan type: Quick scan

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 320930

Time elapsed: 21 minute(s), 59 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 142

HKCR\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\MyWebSearch bar Uninstall (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MyWebSearchToolBar.SettingsPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MyWebSearchToolBar.SettingsPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\FunWebProducts.IECookiesManager.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\FunWebProducts.IECookiesManager (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\FunWebProducts.DataControl.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\FunWebProducts.DataControl (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \Stats\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{2EFF3CF7-99C1-4c29-BC2B-68E057E22340} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\TypeLib\{621FEACD-8857-43A6-AE26-451D670D5370} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\Interface\{2763E333-B168-41A0-A112-D35F96F410C0} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\FunWebProducts.ShellViewControl.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\FunWebProducts.ShellViewControl (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{2EFF3CF7-99C1-4C29-BC2B-68E057E22340} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\FunWebProducts.HTMLMenu.2 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\FunWebProducts.HTMLMenu (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MyWebSearch.HTMLPanel.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MyWebSearch.HTMLPanel (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MyWebSearchToolBar.ToolbarPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MyWebSearchToolBar.ToolbarPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\FunWebProducts.PopSwatterSettingsControl.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\FunWebProducts.PopSwatterSettingsControl (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \Stats\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MyWebSearch.PseudoTransparentPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MyWebSearch.PseudoTransparentPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\FunWebProducts.PopSwatterBarButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\FunWebProducts.PopSwatterBarButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\FunWebProducts.HTMLMenu.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\ScreenSaverControl.ScreenSaverInstaller.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\ScreenSaverControl.ScreenSaverInstaller (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{A6573479-9075-4A65-98A6-19FD29CF7374} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\TypeLib\{98635087-3F5D-418F-990C-B1EFE0797A3B} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\Interface\{38A7C9DA-8DB7-4D0F-A7B1-C4B1A305BDDB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\FunWebProducts.BrowserOverlayEmbed.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\FunWebProducts.BrowserOverlayEmbed (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{A6573479-9075-4A65-98A6-19FD29CF7374} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MyWebSearch.OutlookAddin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\FunWebProducts.KillerObjManager.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\FunWebProducts.KillerObjManager (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\FunWebProducts.HistoryKillerScheduler.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\FunWebProducts.HistoryKillerScheduler (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\FunWebProducts.HistorySwatterControlBar.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\FunWebProducts.HistorySwatterControlBar (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{D778513B-1C40-4819-B0C5-49E40B39AFD0} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\FunWebProducts.BrowserOverlayBarButton.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\FunWebProducts.BrowserOverlayBarButton (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MyWebSearch.ChatSessionPlugin.1 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\MyWebSearch.ChatSessionPlugin (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\FunWebProducts (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWe bSearch.OutlookAddin (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSe arch.OutlookAddin (PUP.MyWebSearch) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCR\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uni nstall\MyWebSearch bar Uninstall (Trojan.BHO) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext \Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Detected: 8

HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks|{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: ©Ž±#¥aI¶»

äG\Ê -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00A6FAF6-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search| (Adware.Hotbar) -> Data: http://edits.mywebsearch.com/toolbar...p=ZJxdm088LEUS -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings\User Agent\Post Platform|FunWebProducts (PUP.MyWebSearch) -> Data: -> Quarantined and deleted successfully.

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 25

C:\Users\Jay\AppData\Roaming\FunWebProducts (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Users\Jay\AppData\Roaming\FunWebProducts\Data (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Users\Jay\AppData\Roaming\FunWebProducts\Data\J ay (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Users\Kaitlin\AppData\Roaming\FunWebProducts (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Users\Kaitlin\AppData\Roaming\FunWebProducts\Da ta (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Users\Kaitlin\AppData\Roaming\FunWebProducts\Da ta\Kaitlin (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\ScreenSaver (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\ScreenSaver\Images (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\Shared (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\Shared\Cache (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Game (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\History (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Search (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Search\COMMON (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Settings (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\SrchAstt (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\SrchAstt\1.bin (PUP.MyWebSearch) -> Quarantined and deleted successfully.

Files Detected: 118

C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3SHLLVW.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3BROVLY.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Windows\System32\f3PSSavr.scr (PUP.FunWebProducts) -> Quarantined and deleted successfully.

C:\Users\Nicole\Downloads\Guffins.exe (PUP.FunWebProducts) -> Quarantined and deleted successfully.

C:\Users\Nicole\Downloads\SetupGamevance.exe (Adware.Gamevance) -> Quarantined and deleted successfully.

C:\Windows\System32\f3PSSavr.scr (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Users\Jay\AppData\Roaming\FunWebProducts\Data\J ay\avatar.dat (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Users\Kaitlin\AppData\Roaming\FunWebProducts\Da ta\Kaitlin\avatar.dat (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Users\Kaitlin\AppData\Roaming\FunWebProducts\Da ta\Kaitlin\register.dat (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\ScreenSaver\Images\00A16A44.u rr (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.h tml (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\Shared\Cache\MailStampBtn.htm l (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\Shared\Cache\MyStationeryBtn. html (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn .html (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON\avatar.htm (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON\bgfadel.gif (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON\bgfader.gif (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON\close.gif (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON\common-x.css (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON\common.css (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON\cornerbl.gif (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON\cornerbr.gif (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON\htmlctrl.js (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON\include.js (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON\index.htm (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON\loading.gif (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON\login.htm (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON\logo.gif (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON\max.gif (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON\min.gif (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON\noflash.htm (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON\spacer.gif (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON\spacer.swf (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON\unmax.gif (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON\wardrobe.htm (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON\window.ico (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\000B00F4 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\002800B9.bin (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\00280646.bin (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\00280702.bin (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\0028077F.bin (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\005F513E (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\005F5D06.bin (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\005F6226.bin (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\005F6DFE.bin (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\005F6F84.bin (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\005F707E.bin (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\005F7C84.bin (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\files.ini (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\History\search2 (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Search\COMMON.F3S (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Search\COMMON\bd_grad.gif (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Search\COMMON\center.htm (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Search\COMMON\index.htm (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Search\COMMON\mid_dots.gif (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Search\COMMON\stop.gif (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Search\COMMON\systray.htm (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Search\COMMON\systrayp.htm (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Search\COMMON\tp_grad.gif (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Search\COMMON\warn.gif (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Settings\setting2.htm (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Settings\setting2.htm.bak (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Settings\settings.dat (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Settings\settings.dat.bak (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (PUP.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (Trojan.BHO) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Trojan.BHO) -> Quarantined and deleted successfully.

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 8:47:14 PM, on 1/5/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v8.00 (8.00.7601.17514)

Boot mode: Normal

Running processes:

C:\Program Files\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe

C:\Program Files\Norton Family\Engine\2.6.0.43\ccSvcHst.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\System32\WDBtnMgr.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Windows\sttray.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE

C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

C:\Program Files\TeamViewer\Version8\TeamViewer.exe

C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe

C:\Garmin\gStart.exe

C:\Program Files\Eye-Fi\Helper\EyeFiHelper.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe

C:\Users\Jay\AppData\Local\Akamai\netsession_win.e xe

C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe

C:\Program Files\My Book\WD Backup\uBBMonitor.exe

C:\Program Files\FingerPrint\FingerPrint.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe

C:\Users\Jay\AppData\Local\Akamai\netsession_win.e xe

C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

C:\Users\Jay\Desktop\IE9-Windows7-x86-enu.exe

C:\Windows\system32\msconfig.exe

C:\Windows\system32\notepad.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskeng.exe

C:\Users\Jay\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=6070104

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.cnn.com/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=6070104

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local;<local>

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\yt.dll

O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll

O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\IPSBHO.DLL

O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: Norton Family BHO - {B8E07826-0971-4f16-B133-047B88034E89} - C:\Program Files\Norton Family\Engine\2.6.0.43\coIEPlg.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll

O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)

O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\YTSING~1. DLL

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\COMPAN~1\Installs\cpn\yt.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\coIEPlg.dll

O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" (file missing)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [WD Button Manager] WDBtnMgr.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe

O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.e xe"

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe"

O4 - HKCU\..\Run: [gStart] C:\Garmin\gStart.exe

O4 - HKCU\..\Run: [Eye-Fi] "C:\Program Files\Eye-Fi\Helper\EyeFiHelper.exe"

O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup

O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Jay\AppData\Local\Akamai\netsession_win. exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Startup: My Program.lnk = C:\Program Files\FingerPrint\FingerPrint.exe

O4 - Global Startup: CineForm Status.lnk = C:\Program Files\CineForm\Tools\GoProCineFormStatusViewer.exe

O4 - Global Startup: WD Backup Monitor.lnk = C:\Program Files\My Book\WD Backup\uBBMonitor.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000

O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe

O9 - Extra 'Tools' menuitem: SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files\Hewlett-Packard\SmartPrint\smartprintsetup.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\Windows\Network Diagnostic\xpnetdiag.exe

O15 - Trusted Zone: *.dell.com

O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/...Control_32.CAB

O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://oas.support.microsoft.com/ActiveX/MSDcode.cab

O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} (WMI Class) - http://support.dell.com/systemprofiler/SysProExe.CAB

O16 - DPF: {9600F64D-755F-11D4-A47F-0001023E6D5A} (Shutterfly Picture Upload Plugin) - http://web1.shutterfly.com/downloads/Uploader.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O23 - Service: Adobe Active File Monitor V10 (AdobeActiveFileMonitor10.0) - Adobe Systems Incorporated - C:\Program Files\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpda teService.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe

O23 - Service: Juniper Network Connect Service (dsNcService) - Juniper Networks - C:\Program Files\Juniper Networks\Common Files\dsNcService.exe

O23 - Service: FingerPrint Service (FingerPrint) - Collobos Software - C:\Program Files\FingerPrint\FingerPrintService.exe

O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktopManager.exe

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HP Port Resolver - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBPRO. EXE

O23 - Service: HP Status Server - Hewlett-Packard Company - C:\WINDOWS\system32\spool\drivers\w32x86\3\HPBOID. EXE

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe

O23 - Service: Intuit Update Service v4 (IntuitUpdateServiceV4) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.9.0.12\ccSvcHst.exe

O23 - Service: Norton Family (NSM) - Symantec Corporation - C:\Program Files\Norton Family\Engine\2.6.0.43\ccSvcHst.exe

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\System32\STacSV.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe user_online.gifreport.gif progress.gif

Link to post
Share on other sites

Hello and welcome, phatfarm747: :)

The loss of internet access may be a consequence of the system damage by the infection, as is pretty common these days.

We can't review scan logs or work on malware diagnostics and removal in this sub-section of the forum.

So, for expert help, please follow the recommendations in this sticky topic: Available Assistance For Possibly Infected Computers.

(The experts rarely use HijackThis these days, so, if you can, please follow the steps in that sticky topic for a more suitable scanning tool. Also, your version of the MBAM program and the database version are both out of date; but I understand that you might have trouble updating with the internet access issues.)

Thanks,

daledoc1

Link to post
Share on other sites

  • Staff

I would follow the directions above but i have seen this a lot do to norton getting confused and blocking internet explorer. Which would explain why it works in safe mode cause norton is inactive. Try disabling norton to see or even uninstalling and reinstalling norton may be worth a try. Most of the stuff malwarebytes removed in your logs would never cause this situation.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.