Jump to content

I don't know what happened, gamevance32.exe stopped working and now internet will not connect


Recommended Posts

So I guess my dad tried to remove a program from the laptop because we kept getting this ad pop up out of nowhere. Anywho now everytime the laptop boots it says gamevance32.exe has stopped responding and even though there's a wireless signal connection the internet will not connect.

Also I saw gamevance on a folder under program files and sent it to the rexycling bin. IE and chrome still don't work so i will try to install firefox from flash drive. Any help is appreciated, thanks!

Link to post
Share on other sites

Hello montclrwrestlr1! My name is Maniac and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Before you start do anything you want, please immunize your flash drive:

http://www.pandasecurity.com/homeusers/downloads/usbvaccine/

Next, follow the instructions here and post the log files from DDS:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

Malwarebytes Anti-Malware (Trial) 1.70.0.1100

www.malwarebytes.org

Database version: v2012.12.14.11

Windows Vista Service Pack 1 x86 NTFS

Internet Explorer 8.0.6001.19088

yenie :: YENIE-PC [administrator]

Protection: Enabled

1/12/2013 8:49:50 AM

mbam-log-2013-01-12 (08-49-50).txt

Scan type: Full scan (C:\|D:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 426309

Time elapsed: 1 hour(s), 37 minute(s), 56 second(s)

Memory Processes Detected: 1

C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (PUP.MyWebSearch) -> 516 -> No action taken.

Memory Modules Detected: 1

C:\Program Files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL (PUP.MyWebSearch) -> No action taken.

Registry Keys Detected: 150

HKCR\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearchToolBar.SettingsPlugin.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearchToolBar.SettingsPlugin (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.IECookiesManager.1 (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.IECookiesManager (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.DataControl.1 (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.DataControl (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.HTMLMenu.2 (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.HTMLMenu (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.HTMLPanel.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.HTMLPanel (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearchToolBar.ToolbarPlugin.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearchToolBar.ToolbarPlugin (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.PopSwatterSettingsControl.1 (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.PopSwatterSettingsControl (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.PseudoTransparentPlugin.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.PseudoTransparentPlugin (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.PopSwatterBarButton.1 (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.PopSwatterBarButton (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.HTMLMenu.1 (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> No action taken.

HKCR\ScreenSaverControl.ScreenSaverInstaller.1 (PUP.MyWebSearch) -> No action taken.

HKCR\ScreenSaverControl.ScreenSaverInstaller (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.OutlookAddin.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.KillerObjManager.1 (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.KillerObjManager (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.HistoryKillerScheduler.1 (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.HistoryKillerScheduler (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.HistorySwatterControlBar.1 (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.HistorySwatterControlBar (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.ChatSessionPlugin.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.ChatSessionPlugin (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.

HKCR\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.MyWebSearch) -> No action taken.

HKCR\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{67FA02C4-AB30-4e77-A640-78EE8EC8673B} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> No action taken.

HKCU\Software\AppDataLow\Software\MyWebSearch (PUP.MyWebsearch) -> No action taken.

HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\FunWebProducts (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{21608B66-026F-4DCB-9244-0DACA328DCED} (Adware.Gamevance) -> Quarantined and deleted successfully.

HKCR\TypeLib\{975BBCC0-19DF-47C2-9AE2-D78EEFA96821} (Adware.Gamevance) -> Quarantined and deleted successfully.

HKCR\Interface\{5272CCD4-4199-4B04-BF68-B28A0DCF0151} (Adware.Gamevance) -> Quarantined and deleted successfully.

HKCR\PlaySushi32.PlaySushi.1 (Adware.Gamevance) -> Quarantined and deleted successfully.

HKCR\PlaySushi32.PlaySushi (Adware.Gamevance) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21608B66-026F-4DCB-9244-0DACA328DCED} (Adware.Gamevance) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{21608B66-026F-4DCB-9244-0DACA328DCED} (Adware.Gamevance) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{21608B66-026F-4DCB-9244-0DACA328DCED} (Adware.Gamevance) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Playsushi (Adware.Gamevance) -> Quarantined and deleted successfully.

HKCR\AppID\GamevanceText.DLL (Adware.GameVance) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\QZAIB7KITK (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKCU\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.

HKCU\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.

HKCU\Software\M5T8QL3YW3 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKCU\Software\AppDataLow\gvtl (Adware.GameVance) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCR\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Trojan.BHO) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Detected: 9

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|My Web Search Bar Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h -> No action taken.

HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: ©Ž±#¥aI¶»

äG\Ê -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> No action taken.

HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources|f3PopularScreensavers (PUP.MyWebSearch) -> Data: C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform|FunWebProducts (PUP.MyWebSearch) -> Data: -> No action taken.

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer (PUM.Bad.Proxy) -> Data: http=127.0.0.1:5555 -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Gamevance (Adware.Gamevance) -> Data: C:\Program Files\Gamevance\gamevance32.exe a -> Quarantined and deleted successfully.

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 6

C:\Program Files\MyWebSearch (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\icons (PUP.MyWebSearch) -> No action taken.

C:\Users\yenie\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com (Adware.GamesVance) -> Quarantined and deleted successfully.

C:\Users\yenie\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com\components (Adware.GamesVance) -> Quarantined and deleted successfully.

Files Detected: 108

C:\Program Files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\Fast Browser Search\IE\SearchGuardPlus.exe (PUP.Fbsearch) -> No action taken.

C:\Program Files\Fast Browser Search\IE\update.exe (PUP.Fbsearch) -> No action taken.

C:\Program Files\MSN Messenger\msimg32.dll (PUP.FunWebProducts) -> No action taken.

C:\Program Files\MSN Messenger\riched20.dll (PUP.FunWebProducts) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (PUP.FunWebProducts) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3REGHK.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL (PUP.FunWebProducts) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE (PUP.FunWebProducts) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3AUXSTB.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3DLGHK.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.EXE (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3PATCH.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\Fast Browser Search\IE\SearchGuardPlus.exe.vir (PUP.Fbsearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\Fast Browser Search\IE\update.exe.vir (PUP.Fbsearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3CJpeg.dll.vir (PUP.FunWebProducts) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL.vir (PUP.FunWebProducts) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL.vir (PUP.FunWebProducts) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3HTmlmu.dll.vir (PUP.FunWebProducts) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL.vir (PUP.FunWebProducts) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL.vir (PUP.FunWebProducts) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR.vir (PUP.FunWebProducts) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3REGHK.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL.vir (PUP.FunWebProducts) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL.vir (PUP.FunWebProducts) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE.vir (PUP.FunWebProducts) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3SCrctr.dll.vir (PUP.FunWebProducts) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3AUXSTB.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3DLGHK.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.EXE.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3MSg.dll.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3OUtlcn.dll.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3PATCH.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Users\yenie\AppData\Local\Temp\Low\PlaySushiUpdateInstaller.exe (PUP.PlaySushi) -> No action taken.

C:\Users\yenie\AppData\LocalLow\MyWebSearch\bar\setups\mwsautSp.exe (PUP.MyWebSearch) -> No action taken.

C:\WINDOWS\System32\f3PSSavr.scr (PUP.FunWebProducts) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\icons\CM.ICO (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\icons\MFC.ICO (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\icons\PSS.ICO (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\icons\WB.ICO (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO (PUP.MyWebSearch) -> No action taken.

C:\Program Files\PlaySushi\PSText.dll (Adware.Gamevance) -> Quarantined and deleted successfully.

C:\Program Files\PlaySushi\psuninst.exe (Adware.Gamevance) -> Quarantined and deleted successfully.

C:\Qoobox\Quarantine\C\Program Files\PlaySushi\PSTExt.dll.vir (Adware.Gamevance) -> Quarantined and deleted successfully.

C:\Users\yenie\AppData\Local\ajyimiccu\jntugsptssd.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\Users\yenie\AppData\Local\Temp\dogpile_sub_installer.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\Users\yenie\AppData\Local\Temp\Wjp.exe (Trojan.TDSS) -> Quarantined and deleted successfully.

C:\Users\yenie\AppData\Local\Temp\Low\ekorbk.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Users\yenie\AppData\Local\Temp\Low\ybdnmb.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.

C:\Users\yenie\AppData\Local\Temp\Temp1_Postal_package_NR624[1].zip\Postal_package_NR624.exe (Trojan.Oficla) -> Quarantined and deleted successfully.

C:\Users\yenie\AppData\Roaming\Thinstall\Settings\1000000e00002h\rundll32.exe (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Users\yenie\Desktop\corel\corelPort CS3\Settings\1000000b00002h\verclsid.exe (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Users\yenie\Desktop\corel\corelPort CS3\Settings\11300002h\splwow64.exe (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Users\yenie\Desktop\corel\corelPort CS3\Settings\400000134e00002h\ImageReady.exe (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Users\yenie\Desktop\corel\corelPort CS3\Settings\4000008200002h\divxsm.exe (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Users\yenie\Music\photoshop\right above it.exe (Adware.Hotbar) -> Quarantined and deleted successfully.

C:\WINDOWS\System32\f3PSSavr.scr (Trojan.Agent) -> Quarantined and deleted successfully.

C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\Users\yenie\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com\chrome.manifest (Adware.GamesVance) -> Quarantined and deleted successfully.

C:\Users\yenie\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com\components\gvtlf.dll (Adware.GamesVance) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (Trojan.BHO) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Trojan.BHO) -> Quarantined and deleted successfully.

(end)

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.19088

Run by yenie at 10:47:11 on 2013-01-12

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.958.333 [GMT -8:00]

.

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Google\Update\GoogleUpdate.exe

C:\Program Files\Panda USB Vaccine\USBVaccine.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\iPod\bin\iPodService.exe

c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

C:\Program Files\Windows Media Player\wmplayer.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Presario&pf=laptop

uSearch Bar = Preserve

uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Presario&pf=laptop

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Presario&pf=laptop

mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Presario&pf=laptop

uProxyOverride = <local>

BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll

BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Freecause Toolbar BHO: {399C60D2-38B1-4E25-B9E7-6498C1BC2DCD} - c:\program files\dogpile toolbar\Toolbar.dll

BHO: NCO 2.0 IE BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\common files\symantec shared\coshared\browser\2.0\CoIEPlg.dll

BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\common files\symantec shared\ids\IPSBHO.dll

BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_02\bin\ssv.dll

BHO: BrowserHelper Class: {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - c:\program files\sgpsa\SearchAssistant.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll

BHO: Search Assistant: {F0626A63-410B-45E2-99A1-3F2475B2D695} - c:\program files\sgpsa\BHO.dll

BHO: Fast Browser Search Toolbar Helper: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - c:\program files\fast browser search\ie\FBStoolbar.dll

BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn1\YTSingleInstance.dll

BHO: HP Print Clips: {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\program files\hp\smart web printing\hpswp_framework.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: Dogpile Toolbar: {C53FE659-316A-4F56-A194-A5BE491BE866} - c:\program files\dogpile toolbar\Toolbar.dll

TB: Fast Browser Search Toolbar: {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - c:\program files\fast browser search\ie\FBStoolbar.dll

TB: My Web Search: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -

TB: My Web Search: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

mRun: [My Web Search Bar Search Scope Monitor] "c:\progra~1\mywebs~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe"

StartupFolder: c:\users\yenie\appdata\roaming\micros~1\windows\startm~1\programs\startup\pmbmed~1.lnk - c:\program files\sony\sony picture utility\pmbcore\SPUVolumeWatcher.exe

StartupFolder: c:\users\yenie\appdata\roaming\micros~1\windows\startm~1\programs\startup\roller~1.lnk - c:\users\yenie\appdata\local\temp\{a6b39bba-caf0-48aa-8b00-7d29bbf8f69e}\{907b4640-266b-4a21-92fb-cd1a86cd0f63}\ATR1.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_02\bin\ssv.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll

IE: {5CFA5B80-01F4-420F-B18B-545712C8A1C8} - http://www.playsushi.com/About.ps?l=6&t=nCGVTOlmC

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/ZwinkyInitialSetup1.0.1.1.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab

DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: Interfaces\{4F46F090-9DD6-4451-AD75-D8EABF31CA21} : DHCPNameServer = 192.168.1.1 192.168.1.1

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\yenie\appdata\roaming\mozilla\firefox\profiles\ebcbvddy.default\

.

============= SERVICES / DRIVERS ===============

.

R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\symantec\defini~1\symcdata\ipsdefs\20081220.001\IDSvix86.sys [2008-12-21 270384]

R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\common files\symantec shared\CCSVCHST.EXE [2007-8-24 149352]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-1-12 398184]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-1-12 682344]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-1-12 21104]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2007-5-29 23888]

S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\microsoft fix it center\Matsvc.exe [2011-6-13 267568]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-1-12 40776]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]

S3 Symantec Core LC;Symantec Core LC;c:\progra~1\common~1\symant~1\ccpd-lc\symlcsvc.exe [2008-2-22 1251720]

S3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\symndisv.sys [2009-2-19 41008]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2013-01-12 16:48:50 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2013-01-12 16:48:49 -------- d-----w- c:\users\yenie\appdata\roaming\Malwarebytes

2013-01-12 16:48:40 -------- d-----w- c:\programdata\Malwarebytes

2013-01-12 16:48:39 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-01-12 16:48:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-01-12 16:46:46 -------- d-----w- c:\programdata\Panda Security

2013-01-12 16:46:41 -------- d-----w- c:\program files\Panda USB Vaccine

2013-01-11 08:22:54 2730536 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{b05fcbb1-fe1f-4dbc-9bf8-7439705411a5}\mpengine.dll

2013-01-11 07:43:14 -------- d-----w- c:\users\yenie\appdata\local\Temp(361)

2013-01-11 05:59:05 -------- d-----w- c:\users\yenie\appdata\local\Mozilla

2013-01-10 04:06:09 -------- d-----w- c:\users\yenie\appdata\local\Smilebox

2013-01-08 23:59:27 -------- d-----w- c:\users\yenie\appdata\roaming\Ybxy

2013-01-08 23:59:27 -------- d-----w- c:\users\yenie\appdata\roaming\Hyul

2013-01-08 21:36:53 -------- d-----w- c:\program files\Microsoft Security Client

2013-01-08 19:25:00 -------- d-----w- C:\$RECYCLE(3).BIN

2013-01-03 23:44:34 -------- d-----w- c:\windows\system32\MpEngineStore

.

==================== Find3M ====================

.

.

============= FINISH: 10:54:36.92 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 3/16/2008 2:10:32 PM

System Uptime: 1/12/2013 10:42:34 AM (0 hours ago)

.

Motherboard: Quanta | | 30EA

Processor: AMD Athlon 64 X2 Dual-Core Processor TK-57 | Socket S1 | 1600/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 138 GiB total, 55.404 GiB free.

D: is FIXED (NTFS) - 12 GiB total, 1.997 GiB free.

E: is CDROM ()

F: is CDROM (CDFS)

G: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

Activation Assistant for the 2007 Microsoft Office suites

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 8.1.0

Adobe Shockwave Player

Adobe Shockwave Player 11.5

AIM 6

AppCore

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Atheros Driver Installation Program

Brother MFC-440CN

Cards_Calendar_OrderGift_DoMorePlugout

ccCommon

Compatibility Pack for the 2007 Office system

Component Framework

Conexant HD Audio

Corel Graphics Suite 11

DIGOpt

Dogpile Toolbar

DVD Suite

EA Link

Fast Browser Search (My Tattoons)

Google Chrome

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

HDAUDIO Soft Data Fax Modem with SmartCP

Hewlett-Packard Active Check

Hewlett-Packard Asset Agent for Health Check

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP Active Support Library

HP Customer Experience Enhancements

HP Doc Viewer

HP DVD Play 3.6

HP Easy Setup - Frontend

HP Help and Support

HP Photosmart Essential 2.5

HP Quick Launch Buttons 6.40 B2

HP Smart Web Printing

HP Total Care Advisor

HP Update

HP User Guides 0091

HP Wireless Assistant

HPNetworkAssistant

HPPhotoSmartDiscLabel_PaperLabel

HPPhotoSmartDiscLabel_PrintOnDisc

HPPhotoSmartDiscLabel_Tattoo

HPPhotoSmartDiscLabelContent1

hpphotosmartdisclabelplugin

HPPhotoSmartPhotobookHolidayPack1

HPPhotoSmartPhotobookModernPack1

HPPhotoSmartPhotobookPlayfulPack1

HPPhotoSmartPhotobookScrapbookPack1

HPPhotoSmartPhotobookWebPack1

Internet Explorer (Enable DEP)

iTunes

Java 6 Update 2

LabelPrint

LeapFrog Connect

LeapFrog My Pals Plugin

LightScribe System Software 1.10.13.1

LiveUpdate (Symantec Corporation)

Malwarebytes Anti-Malware version 1.70.0.1100

McAfee Security Scan Plus

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Fix it Center

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Works

Mozilla Firefox 18.0 (x86 en-US)

Mozilla Maintenance Service

MSN Messenger 7.0

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Music Transfer

muvee autoProducer 6.1

My HP Games

NetWaiting

Norton AntiVirus

Norton AntiVirus Help

Norton Confidential Core

Norton Internet Security

Norton Internet Security (Symantec Corporation)

Norton Protection Center

Norton Security Scan

NVIDIA Drivers

OGA Notifier 2.0.0048.0

Panda USB Vaccine 1.0.1.4

Pocket Tanks v1.3

Power2Go

PowerDirector

Primo

Protección de Yahoo! Búsquedas

PSSWCORE

QuickPlay SlingPlayer 0.4.6

QuickTime

RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01

Runtime

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition

Smilebox

Sony Picture Utility

SPBBC 32bit

Symantec Real Time Storage Protection Component

SymNet

Synaptics Pointing Device Driver

The Sims™ Life Stories

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin)

VideoToolkit01

Viewpoint Media Player

WeatherBug Gadget

Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)

Yahoo! Messenger

Yahoo! Software Update

Yahoo! Toolbar

.

==== End Of File ===========================

These are the three logs, I wasn't sure where to post so I posted it on here anyways. Thanks Maniac and I hope this helps

Link to post
Share on other sites

Malwarebytes Anti-Malware (Trial) 1.70.0.1100

www.malwarebytes.org

Database version: v2012.12.14.11

Windows Vista Service Pack 1 x86 NTFS

Internet Explorer 8.0.6001.19088

yenie :: YENIE-PC [administrator]

Protection: Enabled

1/12/2013 8:49:50 AM

mbam-log-2013-01-12 (08-49-50).txt

Scan type: Full scan (C:\|D:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM

Scan options disabled: P2P

Objects scanned: 426309

Time elapsed: 1 hour(s), 37 minute(s), 56 second(s)

Memory Processes Detected: 1

C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (PUP.MyWebSearch) -> 516 -> No action taken.

Memory Modules Detected: 1

C:\Program Files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL (PUP.MyWebSearch) -> No action taken.

Registry Keys Detected: 150

HKCR\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearchToolBar.SettingsPlugin.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearchToolBar.SettingsPlugin (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.IECookiesManager.1 (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.IECookiesManager (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.DataControl.1 (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.DataControl (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.HTMLMenu.2 (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.HTMLMenu (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.HTMLPanel.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.HTMLPanel (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearchToolBar.ToolbarPlugin.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearchToolBar.ToolbarPlugin (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.PopSwatterSettingsControl.1 (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.PopSwatterSettingsControl (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.PseudoTransparentPlugin.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.PseudoTransparentPlugin (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.PopSwatterBarButton.1 (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.PopSwatterBarButton (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.HTMLMenu.1 (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> No action taken.

HKCR\ScreenSaverControl.ScreenSaverInstaller.1 (PUP.MyWebSearch) -> No action taken.

HKCR\ScreenSaverControl.ScreenSaverInstaller (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.OutlookAddin.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.KillerObjManager.1 (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.KillerObjManager (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.HistoryKillerScheduler.1 (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.HistoryKillerScheduler (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.HistorySwatterControlBar.1 (PUP.MyWebSearch) -> No action taken.

HKCR\FunWebProducts.HistorySwatterControlBar (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.

HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.ChatSessionPlugin.1 (PUP.MyWebSearch) -> No action taken.

HKCR\MyWebSearch.ChatSessionPlugin (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (PUP.MyWebSearch) -> No action taken.

HKCR\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (PUP.MyWebSearch) -> No action taken.

HKCR\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (PUP.MyWebSearch) -> No action taken.

HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{67FA02C4-AB30-4e77-A640-78EE8EC8673B} (PUP.MyWebSearch) -> No action taken.

HKCU\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> No action taken.

HKCU\Software\AppDataLow\Software\MyWebSearch (PUP.MyWebsearch) -> No action taken.

HKLM\SOFTWARE\FocusInteractive (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Fun Web Products (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\FunWebProducts (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\MyWebSearch (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.

HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (PUP.MyWebSearch) -> No action taken.

HKCR\CLSID\{21608B66-026F-4DCB-9244-0DACA328DCED} (Adware.Gamevance) -> Quarantined and deleted successfully.

HKCR\TypeLib\{975BBCC0-19DF-47C2-9AE2-D78EEFA96821} (Adware.Gamevance) -> Quarantined and deleted successfully.

HKCR\Interface\{5272CCD4-4199-4B04-BF68-B28A0DCF0151} (Adware.Gamevance) -> Quarantined and deleted successfully.

HKCR\PlaySushi32.PlaySushi.1 (Adware.Gamevance) -> Quarantined and deleted successfully.

HKCR\PlaySushi32.PlaySushi (Adware.Gamevance) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21608B66-026F-4DCB-9244-0DACA328DCED} (Adware.Gamevance) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{21608B66-026F-4DCB-9244-0DACA328DCED} (Adware.Gamevance) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{21608B66-026F-4DCB-9244-0DACA328DCED} (Adware.Gamevance) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Playsushi (Adware.Gamevance) -> Quarantined and deleted successfully.

HKCR\AppID\GamevanceText.DLL (Adware.GameVance) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\QZAIB7KITK (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKCU\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.

HKCU\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.

HKCU\Software\M5T8QL3YW3 (Trojan.FakeAlert) -> Quarantined and deleted successfully.

HKCU\Software\AppDataLow\gvtl (Adware.GameVance) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCR\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Trojan.BHO) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Trojan.BHO) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Trojan.BHO) -> Quarantined and deleted successfully.

Registry Values Detected: 9

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|My Web Search Bar Search Scope Monitor (PUP.MyWebSearch) -> Data: "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h -> No action taken.

HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: ©Ž±#¥aI¶»

äG\Ê -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> No action taken.

HKCU\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> No action taken.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (PUP.MyWebSearch) -> Data: -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources|f3PopularScreensavers (PUP.MyWebSearch) -> Data: C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL -> No action taken.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform|FunWebProducts (PUP.MyWebSearch) -> Data: -> No action taken.

HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings|ProxyServer (PUM.Bad.Proxy) -> Data: http=127.0.0.1:5555 -> Quarantined and deleted successfully.

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Gamevance (Adware.Gamevance) -> Data: C:\Program Files\Gamevance\gamevance32.exe a -> Quarantined and deleted successfully.

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 6

C:\Program Files\MyWebSearch (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\icons (PUP.MyWebSearch) -> No action taken.

C:\Users\yenie\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com (Adware.GamesVance) -> Quarantined and deleted successfully.

C:\Users\yenie\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com\components (Adware.GamesVance) -> Quarantined and deleted successfully.

Files Detected: 108

C:\Program Files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\Fast Browser Search\IE\SearchGuardPlus.exe (PUP.Fbsearch) -> No action taken.

C:\Program Files\Fast Browser Search\IE\update.exe (PUP.Fbsearch) -> No action taken.

C:\Program Files\MSN Messenger\msimg32.dll (PUP.FunWebProducts) -> No action taken.

C:\Program Files\MSN Messenger\riched20.dll (PUP.FunWebProducts) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (PUP.FunWebProducts) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3REGHK.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL (PUP.FunWebProducts) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE (PUP.FunWebProducts) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3AUXSTB.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3DLGHK.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.EXE (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3PATCH.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\Fast Browser Search\IE\SearchGuardPlus.exe.vir (PUP.Fbsearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\Fast Browser Search\IE\update.exe.vir (PUP.Fbsearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3CJpeg.dll.vir (PUP.FunWebProducts) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL.vir (PUP.FunWebProducts) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL.vir (PUP.FunWebProducts) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3HKSTUB.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3HTmlmu.dll.vir (PUP.FunWebProducts) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL.vir (PUP.FunWebProducts) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL.vir (PUP.FunWebProducts) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR.vir (PUP.FunWebProducts) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3REGHK.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL.vir (PUP.FunWebProducts) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL.vir (PUP.FunWebProducts) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE.vir (PUP.FunWebProducts) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3SCrctr.dll.vir (PUP.FunWebProducts) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3AUXSTB.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3DLGHK.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.EXE.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3MSg.dll.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3OUtlcn.dll.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3PATCH.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Qoobox\Quarantine\C\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL.vir (PUP.MyWebSearch) -> No action taken.

C:\Users\yenie\AppData\Local\Temp\Low\PlaySushiUpdateInstaller.exe (PUP.PlaySushi) -> No action taken.

C:\Users\yenie\AppData\LocalLow\MyWebSearch\bar\setups\mwsautSp.exe (PUP.MyWebSearch) -> No action taken.

C:\WINDOWS\System32\f3PSSavr.scr (PUP.FunWebProducts) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\icons\CM.ICO (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\icons\MFC.ICO (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\icons\PSS.ICO (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\icons\WB.ICO (PUP.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO (PUP.MyWebSearch) -> No action taken.

C:\Program Files\PlaySushi\PSText.dll (Adware.Gamevance) -> Quarantined and deleted successfully.

C:\Program Files\PlaySushi\psuninst.exe (Adware.Gamevance) -> Quarantined and deleted successfully.

C:\Qoobox\Quarantine\C\Program Files\PlaySushi\PSTExt.dll.vir (Adware.Gamevance) -> Quarantined and deleted successfully.

C:\Users\yenie\AppData\Local\ajyimiccu\jntugsptssd.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\Users\yenie\AppData\Local\Temp\dogpile_sub_installer.exe (Trojan.Dropper) -> Quarantined and deleted successfully.

C:\Users\yenie\AppData\Local\Temp\Wjp.exe (Trojan.TDSS) -> Quarantined and deleted successfully.

C:\Users\yenie\AppData\Local\Temp\Low\ekorbk.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.

C:\Users\yenie\AppData\Local\Temp\Low\ybdnmb.exe (Trojan.Hiloti) -> Quarantined and deleted successfully.

C:\Users\yenie\AppData\Local\Temp\Temp1_Postal_package_NR624[1].zip\Postal_package_NR624.exe (Trojan.Oficla) -> Quarantined and deleted successfully.

C:\Users\yenie\AppData\Roaming\Thinstall\Settings\1000000e00002h\rundll32.exe (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Users\yenie\Desktop\corel\corelPort CS3\Settings\1000000b00002h\verclsid.exe (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Users\yenie\Desktop\corel\corelPort CS3\Settings\11300002h\splwow64.exe (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Users\yenie\Desktop\corel\corelPort CS3\Settings\400000134e00002h\ImageReady.exe (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Users\yenie\Desktop\corel\corelPort CS3\Settings\4000008200002h\divxsm.exe (Trojan.Agent) -> Quarantined and deleted successfully.

C:\Users\yenie\Music\photoshop\right above it.exe (Adware.Hotbar) -> Quarantined and deleted successfully.

C:\WINDOWS\System32\f3PSSavr.scr (Trojan.Agent) -> Quarantined and deleted successfully.

C:\WINDOWS\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\Users\yenie\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com\chrome.manifest (Adware.GamesVance) -> Quarantined and deleted successfully.

C:\Users\yenie\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\textlinks@gamevance.com\components\gvtlf.dll (Adware.GamesVance) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL (Trojan.BHO) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Trojan.BHO) -> Quarantined and deleted successfully.

(end)

DDS (Ver_2012-11-20.01) - NTFS_x86

Internet Explorer: 8.0.6001.19088

Run by yenie at 10:47:11 on 2013-01-12

Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.958.333 [GMT -8:00]

.

SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ================

.

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\SLsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Google\Update\GoogleUpdate.exe

C:\Program Files\Panda USB Vaccine\USBVaccine.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Windows\system32\DRIVERS\xaudio.exe

C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

C:\Windows\system32\WUDFHost.exe

C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\Program Files\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\mobsync.exe

C:\Program Files\iPod\bin\iPodService.exe

c:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

C:\Program Files\Windows Media Player\wmplayer.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k rpcss

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\system32\svchost.exe -k imgsvc

C:\Windows\System32\svchost.exe -k WerSvcGroup

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Presario&pf=laptop

uSearch Bar = Preserve

uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Presario&pf=laptop

mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Presario&pf=laptop

mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=81&bd=Presario&pf=laptop

uProxyOverride = <local>

BHO: &Yahoo! Toolbar Helper: {02478D38-C3F9-4efb-9B51-7695ECA05670} - c:\program files\yahoo!\companion\installs\cpn1\yt.dll

BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll

BHO: Freecause Toolbar BHO: {399C60D2-38B1-4E25-B9E7-6498C1BC2DCD} - c:\program files\dogpile toolbar\Toolbar.dll

BHO: NCO 2.0 IE BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - c:\program files\common files\symantec shared\coshared\browser\2.0\CoIEPlg.dll

BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\common files\symantec shared\ids\IPSBHO.dll

BHO: SSVHelper Class: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0_02\bin\ssv.dll

BHO: BrowserHelper Class: {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} - c:\program files\sgpsa\SearchAssistant.dll

BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7529.1424\swg.dll

BHO: Search Assistant: {F0626A63-410B-45E2-99A1-3F2475B2D695} - c:\program files\sgpsa\BHO.dll

BHO: Fast Browser Search Toolbar Helper: {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - c:\program files\fast browser search\ie\FBStoolbar.dll

BHO: SingleInstance Class: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - c:\program files\yahoo!\companion\installs\cpn1\YTSingleInstance.dll

BHO: HP Print Clips: {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\program files\hp\smart web printing\hpswp_framework.dll

TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: Dogpile Toolbar: {C53FE659-316A-4F56-A194-A5BE491BE866} - c:\program files\dogpile toolbar\Toolbar.dll

TB: Fast Browser Search Toolbar: {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - c:\program files\fast browser search\ie\FBStoolbar.dll

TB: My Web Search: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -

TB: My Web Search: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -

TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

uRun: [WMPNSCFG] c:\program files\windows media player\WMPNSCFG.exe

mRun: [My Web Search Bar Search Scope Monitor] "c:\progra~1\mywebs~1\bar\1.bin\m3SrchMn.exe" /m=2 /w /h

mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime

mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"

mRun: [Monitor] "c:\program files\leapfrog\leapfrog connect\Monitor.exe"

StartupFolder: c:\users\yenie\appdata\roaming\micros~1\windows\startm~1\programs\startup\pmbmed~1.lnk - c:\program files\sony\sony picture utility\pmbcore\SPUVolumeWatcher.exe

StartupFolder: c:\users\yenie\appdata\roaming\micros~1\windows\startm~1\programs\startup\roller~1.lnk - c:\users\yenie\appdata\local\temp\{a6b39bba-caf0-48aa-8b00-7d29bbf8f69e}\{907b4640-266b-4a21-92fb-cd1a86cd0f63}\ATR1.exe

StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\mcafee~1.lnk - c:\program files\mcafee security scan\2.0.181\SSScheduler.exe

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_02\bin\ssv.dll

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll

IE: {58ECB495-38F0-49cb-A538-10282ABF65E7} - {A93C41D8-01F8-4F8B-B14C-DE20B117E636} - c:\program files\hp\smart web printing\hpswp_extensions.dll

IE: {5CFA5B80-01F4-420F-B18B-545712C8A1C8} - http://www.playsushi...l=6&t=nCGVTOlmC

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - hxxp://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/ZwinkyInitialSetup1.0.1.1.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab

DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab

DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

TCP: Interfaces\{4F46F090-9DD6-4451-AD75-D8EABF31CA21} : DHCPNameServer = 192.168.1.1 192.168.1.1

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "c:\program files\common files\lightscribe\LSRunOnce.exe"

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\users\yenie\appdata\roaming\mozilla\firefox\profiles\ebcbvddy.default\

.

============= SERVICES / DRIVERS ===============

.

R1 IDSvix86;Symantec Intrusion Prevention Driver;c:\progra~2\symantec\defini~1\symcdata\ipsdefs\20081220.001\IDSvix86.sys [2008-12-21 270384]

R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\common files\symantec shared\CCSVCHST.EXE [2007-8-24 149352]

R2 MBAMScheduler;MBAMScheduler;c:\program files\malwarebytes' anti-malware\mbamscheduler.exe [2013-1-12 398184]

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2013-1-12 682344]

R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2013-1-12 21104]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2007-5-29 23888]

S3 MatSvc;Microsoft Automated Troubleshooting Service;c:\program files\microsoft fix it center\Matsvc.exe [2011-6-13 267568]

S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2013-1-12 40776]

S3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\mcafee security scan\2.0.181\McCHSvc.exe [2010-1-15 227232]

S3 Symantec Core LC;Symantec Core LC;c:\progra~1\common~1\symant~1\ccpd-lc\symlcsvc.exe [2008-2-22 1251720]

S3 SYMNDISV;SYMNDISV;c:\windows\system32\drivers\symndisv.sys [2009-2-19 41008]

S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]

.

=============== Created Last 30 ================

.

2013-01-12 16:48:50 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2013-01-12 16:48:49 -------- d-----w- c:\users\yenie\appdata\roaming\Malwarebytes

2013-01-12 16:48:40 -------- d-----w- c:\programdata\Malwarebytes

2013-01-12 16:48:39 21104 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-01-12 16:48:39 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2013-01-12 16:46:46 -------- d-----w- c:\programdata\Panda Security

2013-01-12 16:46:41 -------- d-----w- c:\program files\Panda USB Vaccine

2013-01-11 08:22:54 2730536 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{b05fcbb1-fe1f-4dbc-9bf8-7439705411a5}\mpengine.dll

2013-01-11 07:43:14 -------- d-----w- c:\users\yenie\appdata\local\Temp(361)

2013-01-11 05:59:05 -------- d-----w- c:\users\yenie\appdata\local\Mozilla

2013-01-10 04:06:09 -------- d-----w- c:\users\yenie\appdata\local\Smilebox

2013-01-08 23:59:27 -------- d-----w- c:\users\yenie\appdata\roaming\Ybxy

2013-01-08 23:59:27 -------- d-----w- c:\users\yenie\appdata\roaming\Hyul

2013-01-08 21:36:53 -------- d-----w- c:\program files\Microsoft Security Client

2013-01-08 19:25:00 -------- d-----w- C:\$RECYCLE(3).BIN

2013-01-03 23:44:34 -------- d-----w- c:\windows\system32\MpEngineStore

.

==================== Find3M ====================

.

.

============= FINISH: 10:54:36.92 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft® Windows Vista™ Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 3/16/2008 2:10:32 PM

System Uptime: 1/12/2013 10:42:34 AM (0 hours ago)

.

Motherboard: Quanta | | 30EA

Processor: AMD Athlon™ 64 X2 Dual-Core Processor TK-57 | Socket S1 | 1600/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 138 GiB total, 55.404 GiB free.

D: is FIXED (NTFS) - 12 GiB total, 1.997 GiB free.

E: is CDROM ()

F: is CDROM (CDFS)

G: is Removable

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

.

==== Installed Programs ======================

.

Update for Microsoft Office 2007 (KB2508958)

Activation Assistant for the 2007 Microsoft Office suites

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Reader 8.1.0

Adobe Shockwave Player

Adobe Shockwave Player 11.5

AIM 6

AppCore

Apple Application Support

Apple Mobile Device Support

Apple Software Update

Atheros Driver Installation Program

Brother MFC-440CN

Cards_Calendar_OrderGift_DoMorePlugout

ccCommon

Compatibility Pack for the 2007 Office system

Component Framework

Conexant HD Audio

Corel Graphics Suite 11

DIGOpt

Dogpile Toolbar

DVD Suite

EA Link

Fast Browser Search (My Tattoons)

Google Chrome

Google Earth

Google Toolbar for Internet Explorer

Google Update Helper

HDAUDIO Soft Data Fax Modem with SmartCP

Hewlett-Packard Active Check

Hewlett-Packard Asset Agent for Health Check

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

HP Active Support Library

HP Customer Experience Enhancements

HP Doc Viewer

HP DVD Play 3.6

HP Easy Setup - Frontend

HP Help and Support

HP Photosmart Essential 2.5

HP Quick Launch Buttons 6.40 B2

HP Smart Web Printing

HP Total Care Advisor

HP Update

HP User Guides 0091

HP Wireless Assistant

HPNetworkAssistant

HPPhotoSmartDiscLabel_PaperLabel

HPPhotoSmartDiscLabel_PrintOnDisc

HPPhotoSmartDiscLabel_Tattoo

HPPhotoSmartDiscLabelContent1

hpphotosmartdisclabelplugin

HPPhotoSmartPhotobookHolidayPack1

HPPhotoSmartPhotobookModernPack1

HPPhotoSmartPhotobookPlayfulPack1

HPPhotoSmartPhotobookScrapbookPack1

HPPhotoSmartPhotobookWebPack1

Internet Explorer (Enable DEP)

iTunes

Java™ 6 Update 2

LabelPrint

LeapFrog Connect

LeapFrog My Pals Plugin

LightScribe System Software 1.10.13.1

LiveUpdate (Symantec Corporation)

Malwarebytes Anti-Malware version 1.70.0.1100

McAfee Security Scan Plus

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft Fix it Center

Microsoft Office 2007 Service Pack 3 (SP3)

Microsoft Office Excel MUI (English) 2007

Microsoft Office Home and Student 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office PowerPoint Viewer 2007 (English)

Microsoft Office Proof (English) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Works

Mozilla Firefox 18.0 (x86 en-US)

Mozilla Maintenance Service

MSN Messenger 7.0

MSXML 4.0 SP2 (KB936181)

MSXML 4.0 SP2 (KB941833)

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

Music Transfer

muvee autoProducer 6.1

My HP Games

NetWaiting

Norton AntiVirus

Norton AntiVirus Help

Norton Confidential Core

Norton Internet Security

Norton Internet Security (Symantec Corporation)

Norton Protection Center

Norton Security Scan

NVIDIA Drivers

OGA Notifier 2.0.0048.0

Panda USB Vaccine 1.0.1.4

Pocket Tanks v1.3

Power2Go

PowerDirector

Primo

Protección de Yahoo! Búsquedas

PSSWCORE

QuickPlay SlingPlayer 0.4.6

QuickTime

RICOH R5C83x/84x Flash Media Controller Driver Ver.3.51.01

Runtime

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596672) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596856) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2596880) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597162) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition

Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition

Security Update for Microsoft Office Excel 2007 (KB2597161) 32-Bit Edition

Security Update for Microsoft Office InfoPath 2007 (KB2596786) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition

Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition

Security Update for Microsoft Office Word 2007 (KB2596917) 32-Bit Edition

Smilebox

Sony Picture Utility

SPBBC 32bit

Symantec Real Time Storage Protection Component

SymNet

Synaptics Pointing Device Driver

The Sims™ Life Stories

Update for 2007 Microsoft Office System (KB967642)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Office 2007 Help for Common Features (KB963673)

Update for Microsoft Office Excel 2007 Help (KB963678)

Update for Microsoft Office OneNote 2007 Help (KB963670)

Update for Microsoft Office Powerpoint 2007 Help (KB963669)

Update for Microsoft Office Script Editor Help (KB963671)

Update for Microsoft Office Word 2007 Help (KB963665)

Use the entry named LeapFrog Connect to uninstall (LeapFrog My Pals Plugin)

VideoToolkit01

Viewpoint Media Player

WeatherBug Gadget

Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net (09/10/2009 02.03.05.012)

Yahoo! Messenger

Yahoo! Software Update

Yahoo! Toolbar

.

==== End Of File ===========================

These are the three logs, I wasn't sure where to post so I posted it on here anyways. Thanks Maniac and I hope this helps

Link to post
Share on other sites

BACKDOOR WARNING

One or more of the identified infections is known to use a backdoor.

This allows hackers to remotely control your computer, steal critical system information and download and execute files.

I would advice you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

Though the infection has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

Help: I Got Hacked. Now What Do I Do?

Help: I Got Hacked. Now What Do I Do? Part II

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

When Should I Format, How Should I Reinstall

We can still clean this machine but I can't guarantee that it will be 100% secure afterwards. Let me know what you decide to do. If you decide to go through with the cleanup, please let me know.

Link to post
Share on other sites

  • 3 weeks later...

Thank you for letting us know. I will mark this as User resolved.

Safer practices & malware prevention

USER resolved issue. This is now Closed.

Link to post
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.