Jump to content

Recommended Posts

I NEEDED SOME HELP BECAUSE I JUST COMPLETED A SCAN WIT MBAM AND I WAS WONDERING IF SOMEONE CAN TELL IF ITS OKAY TO REMOVE THE INFECTED FILES FOR THE SIMPLE FACT THAT I ONCE SCANNED MY COMPUTER AND REMOVED ALL THE INFECTED FILES AND MY COMPUTER CRASHED AND I HAD TO GET IT RESTORED I REALLY DONT WANT TO PAY 120 DOLLARS AGAIN LOL SO CAN SOMEBODY HELP ME? THIS IS THE LOG:

Registry Keys Infected:

HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> No action taken.

HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.

HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.

Folders Infected:

C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> No action taken.

C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> No action taken.

C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> No action taken.

C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> No action taken.

Files Infected:

C:\Program Files\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> No action taken.

C:\Program Files\Windows Live\Messenger\riched20.dll (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP136\A0055028.EXE (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059913.scr (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059915.DLL (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059918.DLL (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059922.SCR (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059923.DLL (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059925.DLL (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059929.DLL (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059930.DLL (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059931.EXE (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059932.DLL (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059933.DLL (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059934.EXE (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059935.EXE (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059936.DLL (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059937.DLL (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059938.DLL (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059939.DLL (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059940.EXE (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059941.EXE (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059942.EXE (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059943.DLL (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059944.DLL (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059945.EXE (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059946.DLL (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059955.DLL (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059956.DLL (Adware.MyWebSearch) -> No action taken.

C:\System Volume Information\_restore{C6A359E8-180D-410A-903C-39C81E4A8D3E}\RP202\A0059991.dll (Adware.MyWebSearch) -> No action taken.

C:\Program Files\FunWebProducts\ScreenSaver\Images\2161C3F1.urr (Adware.MyWebSearch) -> No action taken.

C:\Program Files\FunWebProducts\ScreenSaver\Images\2C6C1D1B.urr (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\History\search3 (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\Settings\setting2.htm (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\Settings\settings.dat (Adware.MyWebSearch) -> No action taken.

C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.

Link to post
Share on other sites

Hello Sann Heaton and welcome back to the forums.

All but one item found by MBAM is MyWebSearch, which is pretty harmless these days and is even pre-installed on many PC's.

http://en.wikipedia.org/wiki/MyWay_Searchbar

I would let MBAM fix all of those items.

There was one Vundo CLSID found and I would let MBAM fix that also. If you believe you're still infected then....

Please follow the instructions at this link.

Then post the logs from MBAM, DDS, and GMER back to this link. Do not start a new topic.

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this Topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

The fixes and advice in this thread are for this machine only. Do not apply the instructions from this thread to your own machine. Please start a new thread describing your issue and someone will be along to assist you.

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.