Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan-BNK.Win32.Keylogger


  • Please log in to reply
3 replies to this topic

#1 Christo23

Christo23

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 18 December 2011 - 03:36 PM

I've been following the threads for topic #30253 to remove this from my computer and I saw that the removal log was requested. Here is my log, can you help me get rid of this difficult virus?

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 8393

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

12/18/2011 2:10:34 PM
mbam-log-2011-12-18 (14-10-34).txt

Scan type: Quick scan
Objects scanned: 191589
Time elapsed: 3 minute(s), 28 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 2
Registry Keys Infected: 146
Registry Values Infected: 11
Registry Data Items Infected: 0
Folders Infected: 17
Files Infected: 73

Memory Processes Infected:
c:\program files (x86)\mywebsearch\bar\2.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> 4552 -> Unloaded process successfully.

Memory Modules Infected:
c:\program files (x86)\mywebsearch\bar\2.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Delete on reboot.
c:\program files (x86)\livingplay\lplaytl.dll (PUP.LivingPlay) -> Delete on reboot.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MyWebSearchService (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearchToolBar.SettingsPlugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearchToolBar.SettingsPlugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.IECookiesManager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.IECookiesManager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.DataControl.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.DataControl (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterSettingsControl.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterSettingsControl (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterBarButton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterBarButton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverInstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverInstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.OutlookAddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.KillerObjManager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.KillerObjManager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.HistoryKillerScheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.HistoryKillerScheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.HistorySwatterControlBar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\FunWebProducts.HistorySwatterControlBar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{D9291F9E-7010-4D7A-8DF6-455DEEF8EF51} (PUP.LivingPlay) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8006F89E-63A1-402A-8DB7-08A4C58F95AA} (PUP.LivingPlay) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{D4256C66-8177-4E19-8A13-2D43B2282D0D} (PUP.LivingPlay) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\lptlIE.TextLinks.1 (PUP.LivingPlay) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\lptlIE.TextLinks (PUP.LivingPlay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D9291F9E-7010-4D7A-8DF6-455DEEF8EF51} (PUP.LivingPlay) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{D9291F9E-7010-4D7A-8DF6-455DEEF8EF51} (PUP.LivingPlay) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D9291F9E-7010-4D7A-8DF6-455DEEF8EF51} (PUP.LivingPlay) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.ChatSessionPlugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.ChatSessionPlugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.MultipleButton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.MultipleButton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.ThirdPartyInstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.ThirdPartyInstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.UrlAlertButton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\MyWebSearch.UrlAlertButton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{01947140-417F-46B6-8751-A3A2B8345E1A} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{799391D3-EB86-4bac-9BD3-CBFEA58A0E15} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MyWebSearch Email Plugin (Adware.MyWebSearch) -> Value: MyWebSearch Email Plugin -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MyWebSearch Email Plugin (Adware.MyWebSearch) -> Value: MyWebSearch Email Plugin -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00A6FAF6-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Value: {00A6FAF6-072E-44CF-8957-5838F569A31D} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Value: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Value: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Value: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00A6FAF6-072E-44cf-8957-5838F569A31D} (Adware.MyWebSearch) -> Value: {00A6FAF6-072E-44cf-8957-5838F569A31D} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Value: {07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Value: f3PopularScreensavers -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Value: FunWebProducts -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\My Web Search Bar Search Scope Monitor (Adware.MyWebSearch) -> Value: My Web Search Bar Search Scope Monitor -> Quarantined and deleted successfully.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
c:\program files (x86)\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\funwebproducts\screensaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\funwebproducts\screensaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch (Adware.MyWebSearch) -> Delete on reboot.
c:\program files (x86)\mywebsearch\bar (Adware.MyWebSearch) -> Delete on reboot.
c:\program files (x86)\mywebsearch\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\1.bin\chrome (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin (Adware.MyWebSearch) -> Delete on reboot.
c:\program files (x86)\mywebsearch\bar\2.bin\chrome (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Avatar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\icons (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Notifier (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Overlay (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Files Infected:
c:\Program Files (x86)\MyWebSearch\bar\2.bin\MWSSVC.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\MWSOEMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\M3HTML.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\M3SKIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\livingplay\lplaytl.dll (PUP.LivingPlay) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\M3MSG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\$Recycle.Bin\s-1-5-21-1740520190-3921911657-4237395440-1000\$r5h79h9.v7030-ahcu\dbghelp.dll (Trojan.FakeMS) -> Quarantined and deleted successfully.
c:\Windows\System32\f3PSSavr.scr (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\Windows\SysWOW64\f3PSSavr.scr (PUP.FunWebProducts) -> Quarantined and deleted successfully.
c:\Users\lou bradford\local settings\fhv.exe (Rootkit.0Access) -> Quarantined and deleted successfully.
c:\Users\lou bradford\local settings\application data\fhv.exe (Rootkit.0Access) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\1.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\chrome.manifest (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\F3HKSTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\F3REGHK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\INSTALL.RDF (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\M3HIGHIN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\M3IDLE.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\M3MEDINT.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\M3TPINST.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\MWSMLBTN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\MWSUABTN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\2.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Overlay\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:06:42 PM

Posted 18 December 2011 - 04:28 PM

Hello Christo23
I split you to your own topic here,
You needed to reboot if you did not.

Please run these next



Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.




Reboot into Safe Mode with Networking
How to enter safe mode(XP/Vista)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode with Networking using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode
.



Next run Superantisypware (SAS):

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.


Now reboot to Normal and run MBAM (MalwareBytes):
Open MBAM in normal mode and click Update tab, select Check for Updates,when done
click Scanner tab,select FULL scan and scan (normal mode).
After scan click Remove Selected, Post new scan log and Reboot into normal mode.

Please ask any needed questions,post logs and Let us know how the PC is running now.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Christo23

Christo23
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 18 December 2011 - 05:51 PM

Hello Boopme,
Thank you so much for your help. Here are the result logs for the MiniToolbox and the SUPERAntiSpyware runs. These logs appear to be considerably longer than other's I've seen with this issue (previous posts). Do you have any insight into that reason?

MiniToolBox by Farbar
Ran by Lou Bradford (administrator) on 18-12-2011 at 15:48:12
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X64)

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.



SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/18/2011 at 04:14 PM

Application Version : 5.0.1142

Core Rules Database Version : 8064
Trace Rules Database Version: 5876

Scan type : Quick Scan
Total Scan Time : 00:03:45

Operating System Information
Windows Vista Home Premium 64-bit, Service Pack 2 (Build 6.00.6002)
UAC Off - Administrator

Memory items scanned : 329
Memory threats detected : 0
Registry items scanned : 59901
Registry threats detected : 137
File items scanned : 11022
File threats detected : 47

Adware.ShopAtHomeSelect
(x86) HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
(x86) HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\InprocServer32
(x86) HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\InprocServer32#ThreadingModel
(x86) HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\ProgID
(x86) HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\Programmable
(x86) HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\TypeLib
(x86) HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\VersionIndependentProgID
(x86) HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8DAAA30-6CAA-4b58-9603-8E54238219E2}
(x86) HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
(x86) HKCR\ToolBand.ShopAtHomeIEHelper.1
(x86) HKCR\ToolBand.ShopAtHomeIEHelper.1\CLSID
(x86) HKCR\ToolBand.ShopAtHomeIEHelper
(x86) HKCR\ToolBand.ShopAtHomeIEHelper\CLSID
(x86) HKCR\ToolBand.ShopAtHomeIEHelper\CurVer
(x86) HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}
(x86) HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0
(x86) HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0\0
(x86) HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0\0\win32
(x86) HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0\FLAGS
(x86) HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0\HELPDIR
(x86) HKU\S-1-5-21-1740520190-3921911657-4237395440-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}

Adware.MyWebSearch/FunWebProducts
(x86) HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
(x86) HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid
(x86) HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid32
(x86) HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\TypeLib
(x86) HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\TypeLib#Version
(x86) HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
(x86) HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\ProxyStubClsid
(x86) HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\ProxyStubClsid32
(x86) HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\TypeLib
(x86) HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\TypeLib#Version
(x86) HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
(x86) HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\ProxyStubClsid
(x86) HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\ProxyStubClsid32
(x86) HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\TypeLib
(x86) HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\TypeLib#Version
(x86) HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
(x86) HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\ProxyStubClsid
(x86) HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\ProxyStubClsid32
(x86) HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\TypeLib
(x86) HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\TypeLib#Version
(x86) HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
(x86) HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid
(x86) HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32
(x86) HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib
(x86) HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib#Version
(x86) HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
(x86) HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\ProxyStubClsid
(x86) HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\ProxyStubClsid32
(x86) HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\TypeLib
(x86) HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\TypeLib#Version
(x86) HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
(x86) HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\ProxyStubClsid
(x86) HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\ProxyStubClsid32
(x86) HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\TypeLib
(x86) HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\TypeLib#Version
(x86) HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
(x86) HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid
(x86) HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid32
(x86) HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\TypeLib
(x86) HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\TypeLib#Version
(x86) HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
(x86) HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid
(x86) HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid32
(x86) HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib
(x86) HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib#Version
(x86) HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
(x86) HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid
(x86) HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
(x86) HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
(x86) HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
(x86) HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
(x86) HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid
(x86) HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
(x86) HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
(x86) HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
(x86) HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
(x86) HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid
(x86) HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
(x86) HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
(x86) HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
(x86) HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
(x86) HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\ProxyStubClsid
(x86) HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\ProxyStubClsid32
(x86) HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\TypeLib
(x86) HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\TypeLib#Version
(x86) HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
(x86) HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\ProxyStubClsid
(x86) HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\ProxyStubClsid32
(x86) HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\TypeLib
(x86) HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\TypeLib#Version
(x86) HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
(x86) HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\ProxyStubClsid
(x86) HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\ProxyStubClsid32
(x86) HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\TypeLib
(x86) HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\TypeLib#Version
(x86) HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
(x86) HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\ProxyStubClsid
(x86) HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\ProxyStubClsid32
(x86) HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\TypeLib
(x86) HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\TypeLib#Version
(x86) HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
(x86) HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\ProxyStubClsid
(x86) HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\ProxyStubClsid32
(x86) HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\TypeLib
(x86) HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\TypeLib#Version
(x86) HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
(x86) HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\ProxyStubClsid
(x86) HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\ProxyStubClsid32
(x86) HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\TypeLib
(x86) HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\TypeLib#Version
(x86) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
(x86) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\ProxyStubClsid
(x86) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\ProxyStubClsid32
(x86) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\TypeLib
(x86) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\TypeLib#Version
(x86) HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
(x86) HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid
(x86) HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid32
(x86) HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib
(x86) HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib#Version
(x86) HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
(x86) HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid
(x86) HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid32
(x86) HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib
(x86) HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib#Version
(x86) HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
(x86) HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\ProxyStubClsid
(x86) HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\ProxyStubClsid32
(x86) HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\TypeLib
(x86) HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\TypeLib#Version
(x86) HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
(x86) HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\ProxyStubClsid
(x86) HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\ProxyStubClsid32
(x86) HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\TypeLib
(x86) HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\TypeLib#Version

Adware.SelectRebates
C:\Program Files (x86)\SELECTREBATES\FFToolbar\chrome\sahtoolbar.jar
C:\Program Files (x86)\SELECTREBATES\FFToolbar\chrome
C:\Program Files (x86)\SELECTREBATES\FFToolbar\chrome.manifest
C:\Program Files (x86)\SELECTREBATES\FFToolbar\defaults\preferences\sahtoolbar.js
C:\Program Files (x86)\SELECTREBATES\FFToolbar\defaults\preferences
C:\Program Files (x86)\SELECTREBATES\FFToolbar\defaults
C:\Program Files (x86)\SELECTREBATES\FFToolbar\install.rdf
C:\Program Files (x86)\SELECTREBATES\FFToolbar
C:\Program Files (x86)\SELECTREBATES\SahImages\alert.png
C:\Program Files (x86)\SELECTREBATES\SahImages\check.png
C:\Program Files (x86)\SELECTREBATES\SahImages\close.png
C:\Program Files (x86)\SELECTREBATES\SahImages
C:\Program Files (x86)\SELECTREBATES\SelectAlerts.dat
C:\Program Files (x86)\SELECTREBATES\SelectRebates.exe
C:\Program Files (x86)\SELECTREBATES\SelectRebates.ini
C:\Program Files (x86)\SELECTREBATES\SelectRebatesA.dat
C:\Program Files (x86)\SELECTREBATES\SelectRebatesApi.exe
C:\Program Files (x86)\SELECTREBATES\SelectRebatesB.dat
C:\Program Files (x86)\SELECTREBATES\SelectRebatesBT.dat
C:\Program Files (x86)\SELECTREBATES\SelectRebatesDownload.exe
C:\Program Files (x86)\SELECTREBATES\SelectRebatesH.dat
C:\Program Files (x86)\SELECTREBATES\SelectRebatesUninstall.exe
C:\Program Files (x86)\SELECTREBATES\SRebates.dll
C:\Program Files (x86)\SELECTREBATES\SRFF3.dll
C:\Program Files (x86)\SELECTREBATES\Toolbar\AddtoList.bmp
C:\Program Files (x86)\SELECTREBATES\Toolbar\basis.xml
C:\Program Files (x86)\SELECTREBATES\Toolbar\Basis.xml.dym
C:\Program Files (x86)\SELECTREBATES\Toolbar\Blank.bmp
C:\Program Files (x86)\SELECTREBATES\Toolbar\Cache
C:\Program Files (x86)\SELECTREBATES\Toolbar\CashBack.bmp
C:\Program Files (x86)\SELECTREBATES\Toolbar\Coupons.bmp
C:\Program Files (x86)\SELECTREBATES\Toolbar\GroceryCoupon.bmp
C:\Program Files (x86)\SELECTREBATES\Toolbar\icons.bmp
C:\Program Files (x86)\SELECTREBATES\Toolbar\ImageCache
C:\Program Files (x86)\SELECTREBATES\Toolbar\i_magnifying.bmp
C:\Program Files (x86)\SELECTREBATES\Toolbar\logo.bmp
C:\Program Files (x86)\SELECTREBATES\Toolbar\logo_24.bmp
C:\Program Files (x86)\SELECTREBATES\Toolbar\logo_HotSpots.bmp
C:\Program Files (x86)\SELECTREBATES\Toolbar\ReviewSite.bmp
C:\Program Files (x86)\SELECTREBATES\Toolbar\RightControls.dym
C:\Program Files (x86)\SELECTREBATES\Toolbar\Scissors.bmp
C:\Program Files (x86)\SELECTREBATES\Toolbar\ShopAtHomeToolbar.dll
C:\Program Files (x86)\SELECTREBATES\Toolbar
C:\Program Files (x86)\SELECTREBATES
C:\Windows\Prefetch\SELECTREBATESAPI.EXE-86CAFEB2.pf
C:\Windows\Prefetch\SELECTREBATESDOWNLOAD.EXE-AEB610D8.pf

Adware.ShopAtHome/SelectRebates
(x86) [SelectRebates] C:\PROGRAM FILES (X86)\SELECTREBATES\SELECTREBATES.EXE

Adware.Tracking Cookie
C:\USERS\LOU BRADFORD\AppData\Roaming\Microsoft\Windows\Cookies\Low\0WH9S78B.txt [ Cookie:lou bradford@accounts.youtube.com/accounts ]


"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

::1 localhost

127.0.0.1 localhost

========================= IP Configuration: ================================

Realtek RTL8168C(P)/8111C(P) Family PCI-E GBE NIC = Local Area Connection (Connected)
Atheros 802.11 a/b/g/n Dualband Wireless Network Module = Wireless Network Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : LouBradford-PC
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Atheros 802.11 a/b/g/n Dualband Wireless Network Module
Physical Address. . . . . . . . . : 00-21-00-F5-48-C3
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::215e:ae64:73cc:7875%11(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.102(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, December 18, 2011 2:19:41 PM
Lease Expires . . . . . . . . . . : Wednesday, December 28, 2011 2:19:41 PM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 184557824
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-E5-73-6C-00-26-18-3E-FB-A9
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Realtek RTL8168C(P)/8111C(P) Family PCI-E GBE NIC
Physical Address. . . . . . . . . : 00-26-18-3E-FB-A9
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::946d:9b58:3efe:4650%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.100(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Sunday, December 18, 2011 2:19:29 PM
Lease Expires . . . . . . . . . . : Wednesday, December 28, 2011 2:19:28 PM
Default Gateway . . . . . . . . . : 192.168.1.254
DHCP Server . . . . . . . . . . . : 192.168.1.254
DHCPv6 IAID . . . . . . . . . . . : 251667596
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-11-E5-73-6C-00-26-18-3E-FB-A9
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter Local Area Connection* 6:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 02-00-54-55-4E-01
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 7:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{E00DCD5F-4C27-4DE4-B775-7639A3BE5DA6}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : isatap.{420F79F8-0B59-4508-8E78-6A64F21EFD5A}
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: UnKnown
Address: 192.168.1.254

Name: google.com
Addresses: 74.125.227.16
74.125.227.20
74.125.227.18
74.125.227.19
74.125.227.17



Pinging google.com [74.125.227.81] with 32 bytes of data:

Reply from 74.125.227.81: bytes=32 time=33ms TTL=55

Reply from 74.125.227.81: bytes=32 time=33ms TTL=55



Ping statistics for 74.125.227.81:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 33ms, Maximum = 33ms, Average = 33ms

Server: UnKnown
Address: 192.168.1.254

Name: yahoo.com
Addresses: 98.137.149.56
98.139.180.149
209.191.122.70
72.30.2.43



Pinging yahoo.com [209.191.122.70] with 32 bytes of data:

Reply from 209.191.122.70: bytes=32 time=35ms TTL=52

Reply from 209.191.122.70: bytes=32 time=35ms TTL=52



Ping statistics for 209.191.122.70:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 35ms, Maximum = 35ms, Average = 35ms

Server: UnKnown
Address: 192.168.1.254

Name: bleepingcomputer.com
Address: 208.43.87.2



Pinging bleepingcomputer.com [208.43.87.2] with 32 bytes of data:

Reply from 208.43.87.2: Destination host unreachable.

Reply from 208.43.87.2: Destination host unreachable.



Ping statistics for 208.43.87.2:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),



Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time=4ms TTL=128

Reply from 127.0.0.1: bytes=32 time=1ms TTL=128



Ping statistics for 127.0.0.1:

Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 1ms, Maximum = 4ms, Average = 2ms

===========================================================================
Interface List
11 ...00 21 00 f5 48 c3 ...... Atheros 802.11 a/b/g/n Dualband Wireless Network Module
10 ...00 26 18 3e fb a9 ...... Realtek RTL8168C(P)/8111C(P) Family PCI-E GBE NIC
1 ........................... Software Loopback Interface 1
12 ...02 00 54 55 4e 01 ...... Teredo Tunneling Pseudo-Interface
13 ...00 00 00 00 00 00 00 e0 isatap.{E00DCD5F-4C27-4DE4-B775-7639A3BE5DA6}
14 ...00 00 00 00 00 00 00 e0 isatap.{420F79F8-0B59-4508-8E78-6A64F21EFD5A}
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.100 20
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.102 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.100 276
192.168.1.0 255.255.255.0 On-link 192.168.1.102 281
192.168.1.100 255.255.255.255 On-link 192.168.1.100 276
192.168.1.102 255.255.255.255 On-link 192.168.1.102 281
192.168.1.255 255.255.255.255 On-link 192.168.1.100 276
192.168.1.255 255.255.255.255 On-link 192.168.1.102 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.100 276
224.0.0.0 240.0.0.0 On-link 192.168.1.102 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.100 276
255.255.255.255 255.255.255.255 On-link 192.168.1.102 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
10 276 fe80::/64 On-link
11 281 fe80::/64 On-link
11 281 fe80::215e:ae64:73cc:7875/128
On-link
10 276 fe80::946d:9b58:3efe:4650/128
On-link
1 306 ff00::/8 On-link
10 276 ff00::/8 On-link
11 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [48128] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [50176] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [62464] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [19968] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [223232] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [61440] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [62976] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [78848] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [27648] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [304128] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (12/18/2011 02:35:13 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (12/18/2011 02:35:13 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (12/18/2011 02:35:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.

Error: (12/18/2011 02:35:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.

Error: (12/18/2011 02:35:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.

Error: (12/18/2011 02:35:12 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.

Error: (12/18/2011 02:20:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/18/2011 01:24:33 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/18/2011 10:14:20 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/15/2011 09:36:24 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.


System errors:
=============
Error: (12/18/2011 03:06:23 PM) (Source: netbt) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.100.
The computer with the IP address 192.168.1.1 did not allow the name to be claimed by
this computer.

Error: (12/18/2011 03:01:14 PM) (Source: netbt) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.100.
The computer with the IP address 192.168.1.1 did not allow the name to be claimed by
this computer.

Error: (12/18/2011 02:56:04 PM) (Source: netbt) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.100.
The computer with the IP address 192.168.1.1 did not allow the name to be claimed by
this computer.

Error: (12/18/2011 02:50:54 PM) (Source: netbt) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.100.
The computer with the IP address 192.168.1.1 did not allow the name to be claimed by
this computer.

Error: (12/18/2011 02:45:44 PM) (Source: netbt) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.100.
The computer with the IP address 192.168.1.1 did not allow the name to be claimed by
this computer.

Error: (12/18/2011 02:40:34 PM) (Source: netbt) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.100.
The computer with the IP address 192.168.1.1 did not allow the name to be claimed by
this computer.

Error: (12/18/2011 02:40:34 PM) (Source: BROWSER) (User: )
Description: The browser was unable to promote itself to master browser. The computer that currently
believes it is the master browser is LOU-HP.

Error: (12/18/2011 02:35:24 PM) (Source: netbt) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.100.
The computer with the IP address 192.168.1.1 did not allow the name to be claimed by
this computer.

Error: (12/18/2011 02:30:14 PM) (Source: netbt) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.100.
The computer with the IP address 192.168.1.1 did not allow the name to be claimed by
this computer.

Error: (12/18/2011 02:25:03 PM) (Source: netbt) (User: )
Description: The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.1.100.
The computer with the IP address 192.168.1.1 did not allow the name to be claimed by
this computer.


Microsoft Office Sessions:
=========================

=========================== Installed Programs ============================

Update for Microsoft Office 2007 (KB2508958)
64 Bit HP CIO Components Installer (Version: 6.2.1)
Acrobat.com (Version: 1.7.186)
ActiveCheck component for HP Active Support Library (Version: 3.0.0.2)
Adobe AIR (Version: 1.5.1.8210)
Adobe Flash Player 10 ActiveX (Version: 10.3.181.23)
Adobe Reader 9.4.6 (Version: 9.4.6)
Advanced Registry Optimizer (Version: 6.0)
ALOT Toolbar
AnyDVD
Apple Application Support (Version: 2.1.5)
Apple Mobile Device Support (Version: 4.0.0.96)
Apple Software Update (Version: 2.1.3.127)
Ask Toolbar (Version: 1.13.1.0)
Avira AntiVir Personal - Free Antivirus
AVS Screen Capture version 2.0.1
AVS Update Manager 1.0
AVS Video Editor 6
AVS Video Recorder 2.4
AVS4YOU Software Navigator 1.4
Bonjour (Version: 3.0.0.10)
BufferChm (Version: 130.0.331.000)
C4600 (Version: 130.0.425.000)
CarMD (Version: 3.1.0)
CCleaner (Version: 3.07)
CloneDVD2
Codec Pack - All In 1 6.0.3.0
Compatibility Pack for the 2007 Office system (Version: 12.0.6425.1000)
Crawler Toolbar
CyberLink DVD Suite Deluxe (Version: 6.0.2602)
Default Manager (Version: 1.0.105.0)
Design Installer
Designer's Gallery Interactive - Celtic
Designer's Gallery Interactive - Christmas Traditions
Designer's Gallery Interactive - Dining In Lace
Designer's Gallery Interactive - Geometric Embellishment
Designer's Gallery Interactive - Simply Trims
Destinations (Version: 140.0.77.000)
DeviceDiscovery (Version: 130.0.372.000)
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904)
EQ5
Floriani (Version: 4.73.0001)
Floriani Support Files (Version: 1.01.0000)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Toolbar for Internet Explorer (Version: 7.2.2318.1946)
Google Update Helper (Version: 1.3.21.79)
GPBaseService2 (Version: 130.0.371.000)
Hardware Diagnostic Tools (Version: 5.1.5144.16)
HP Active Support Library (Version: 3.1.10.1)
HP Advisor (Version: 3.1.9152.3107)
HP Customer Experience Enhancements (Version: 5.7.0.2945)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Games (Version: 1.0.0.80)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP MediaSmart Demo (Version: 1.0.0.0)
HP MediaSmart DVD (Version: 2.2.2719)
HP MediaSmart Music/Photo/Video (Version: 2.2.2809)
HP MediaSmart SmartMenu (Version: 2.1.12)
HP Odometer (Version: 2.10.0000)
HP Photosmart C4600 All-In-One Driver Software 13.0 Rel .5 (Version: 13.0)
HP Picasso Media Center Add-In (Version: 1.0.0)
HP Print Projects 1.0 (Version: 1.0)
HP Recovery Manager RSS (Version: 92.0.0.11)
HP Remote Software (Version: 1.0.5.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 13.0 (Version: 13.0)
HP Support Information (Version: 10.1.0001)
HP Total Care Setup (Version: 1.2.2854.2975)
HP Update (Version: 5.002.008.001)
HPAsset component for HP Active Support Library (Version: 3.0.0.3)
HPPhotoGadget (Version: 130.0.282.000)
hpPrintProjects (Version: 130.0.303.000)
HPProductAssistant (Version: 130.0.371.000)
HPSSupply (Version: 130.0.371.000)
hpWLPGInstaller (Version: 130.0.303.000)
Inbox Toolbar (Version: 1.0.0)
InstaCodecs (Version: 1.0)
InstallIQ Updater (Version: 1.4.2.0)
Intel® Graphics Media Accelerator Driver
Intel® Matrix Storage Manager
iTunes (Version: 10.5.0.142)
Java Auto Updater (Version: 2.0.3.1)
Java™ 6 Update 24 (Version: 6.0.240)
Jessicas Cupcake Cafe (Version: 2.2.0.82)
LabelPrint (Version: 2.5.1402)
LightScribe Diagnostic Utility (Version: 1.18.8.1)
LightScribe System Software (Version: 1.18.8.1)
LightScribe Template Designs - Life Events Pack 1 (Version: 1.17.146.0)
LightScribe Template Designs - Sports Pack 1 (Version: 1.10.16.1)
LivingPlay
Malwarebytes' Anti-Malware version 1.51.2.1300 (Version: 1.51.2.1300)
MarketResearch (Version: 130.0.374.000)
McAfee Security Scan Plus (Version: 2.0.181.2)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft Live Search Toolbar (Version: 3.0.552.0)
Microsoft Office 2000 Disc 2 (Version: 9.00.2720)
Microsoft Office 2000 Professional (Version: 9.00.2720)
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Home and Student 2007 (Version: 12.0.6425.1000)
Microsoft Office Home and Student 60 day trial
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6425.1000)
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office PowerPoint Viewer 2007 (English) (Version: 12.0.6425.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.6425.1000)
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Office Word MUI (English) 2007 (Version: 12.0.6425.1000)
Microsoft Silverlight (Version: 4.0.60831.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Works (Version: 9.7.0621)
Monogram Wizard Plus (Version: 1.00.0000)
MONOPOLY Build-a-lot Edition (Version: 2.2.0.82)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Music Transfer (Version: 1.2.00.17290)
Nero 8 (Version: 8.3.42)
neroxml (Version: 1.0.0)
Norton Security Suite (Version: 5.1.0.29)
palette Ver.7 (Version: ANY)
Palette Ver.8 (Version: 8.03.0000)
Picasa 3 (Version: 3.8)
PictureMover (Version: 3.3.1.12)
Power2Go (Version: 6.0.2602)
PowerDirector (Version: 7.0.2611)
Primo (Version: 1.00.0000)
PS_AIO_05_C4600_Software_Min (Version: 130.0.425.000)
Pure Hidden (Version: 2.2.0.82)
Python 2.6 pywin32-212 (Version: 2.12)
Python 2.6.1 (Version: 2.6.1150)
QuickTime (Version: 7.66.71.0)
Realtek High Definition Audio Driver (Version: 6.0.1.5789)
RebateInformer (Version: 1.0.0.54)
Scan (Version: 140.0.80.000)
Shop for HP Supplies (Version: 13.0)
ShopAtHome SelectRebates
Simppull Toolbar (Version: 1.0.0.25)
SiteRanker (Version: 1.0.0.20)
SmartWebPrinting (Version: 140.0.186.000)
SolutionCenter (Version: 130.0.373.000)
Sony Picture Utility (Version: 3.2.03.07010)
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0)
Status (Version: 130.0.373.000)
Toolbox (Version: 130.0.648.000)
TrayApp (Version: 130.0.376.000)
Update for 2007 Microsoft Office System (KB2284654)
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
WebReg (Version: 130.0.132.017)
Windows Live Communications Platform (Version: 14.0.8098.930)
Windows Live Essentials (Version: 14.0.8089.0726)
Windows Live Essentials (Version: 14.0.8089.726)
Windows Live Photo Gallery (Version: 14.0.8081.709)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Sync (Version: 14.0.8089.726)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Yahoo! Toolbar
Yontoo Layers 1.10.01 (Version: 1.10.01)

========================= Devices: ================================


========================= Memory info: ===================================

Percentage of memory in use: 32%
Total physical RAM: 8181.33 MB
Available physical RAM: 5560.27 MB
Total Pagefile: 16531.7 MB
Available Pagefile: 13885.98 MB
Total Virtual: 4095.88 MB
Available Virtual: 3993.99 MB

========================= Partitions: =====================================

1 Drive c: (HP) (Fixed) (Total:917.7 GB) (Free:700.15 GB) NTFS
2 Drive d: (FACTORY_IMAGE) (Fixed) (Total:13.81 GB) (Free:1.95 GB) NTFS
8 Drive j: (TOSHIBA) (Removable) (Total:7.44 GB) (Free:7.28 GB) FAT32

========================= Users: ========================================

User accounts for \\LOUBRADFORD-PC

Administrator Guest Lou Bradford

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

#4 Christo23

Christo23
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:42 PM

Posted 18 December 2011 - 07:29 PM

Everything seems to be working fine, other than taking a bit longer than usual for Windows to start.

MBAM results:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/18/2011 at 04:14 PM

Application Version : 5.0.1142

Core Rules Database Version : 8064
Trace Rules Database Version: 5876

Scan type : Quick Scan
Total Scan Time : 00:03:45

Operating System Information
Windows Vista Home Premium 64-bit, Service Pack 2 (Build 6.00.6002)
UAC Off - Administrator

Memory items scanned : 329
Memory threats detected : 0
Registry items scanned : 59901
Registry threats detected : 137
File items scanned : 11022
File threats detected : 47

Adware.ShopAtHomeSelect
(x86) HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
(x86) HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\InprocServer32
(x86) HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\InprocServer32#ThreadingModel
(x86) HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\ProgID
(x86) HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\Programmable
(x86) HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\TypeLib
(x86) HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}\VersionIndependentProgID
(x86) HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E8DAAA30-6CAA-4b58-9603-8E54238219E2}
(x86) HKCR\CLSID\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}
(x86) HKCR\ToolBand.ShopAtHomeIEHelper.1
(x86) HKCR\ToolBand.ShopAtHomeIEHelper.1\CLSID
(x86) HKCR\ToolBand.ShopAtHomeIEHelper
(x86) HKCR\ToolBand.ShopAtHomeIEHelper\CLSID
(x86) HKCR\ToolBand.ShopAtHomeIEHelper\CurVer
(x86) HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}
(x86) HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0
(x86) HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0\0
(x86) HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0\0\win32
(x86) HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0\FLAGS
(x86) HKCR\TypeLib\{462E4AEC-DB3B-4e69-AF61-4F300D76255C}\1.0\HELPDIR
(x86) HKU\S-1-5-21-1740520190-3921911657-4237395440-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E8DAAA30-6CAA-4B58-9603-8E54238219E2}

Adware.MyWebSearch/FunWebProducts
(x86) HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
(x86) HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid
(x86) HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid32
(x86) HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\TypeLib
(x86) HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\TypeLib#Version
(x86) HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
(x86) HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\ProxyStubClsid
(x86) HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\ProxyStubClsid32
(x86) HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\TypeLib
(x86) HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\TypeLib#Version
(x86) HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
(x86) HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\ProxyStubClsid
(x86) HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\ProxyStubClsid32
(x86) HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\TypeLib
(x86) HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\TypeLib#Version
(x86) HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
(x86) HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\ProxyStubClsid
(x86) HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\ProxyStubClsid32
(x86) HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\TypeLib
(x86) HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\TypeLib#Version
(x86) HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
(x86) HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid
(x86) HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32
(x86) HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib
(x86) HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib#Version
(x86) HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
(x86) HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\ProxyStubClsid
(x86) HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\ProxyStubClsid32
(x86) HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\TypeLib
(x86) HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\TypeLib#Version
(x86) HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
(x86) HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\ProxyStubClsid
(x86) HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\ProxyStubClsid32
(x86) HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\TypeLib
(x86) HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\TypeLib#Version
(x86) HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
(x86) HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid
(x86) HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid32
(x86) HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\TypeLib
(x86) HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\TypeLib#Version
(x86) HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
(x86) HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid
(x86) HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid32
(x86) HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib
(x86) HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib#Version
(x86) HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
(x86) HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid
(x86) HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
(x86) HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
(x86) HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
(x86) HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
(x86) HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid
(x86) HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
(x86) HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
(x86) HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
(x86) HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
(x86) HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid
(x86) HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
(x86) HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
(x86) HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
(x86) HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
(x86) HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\ProxyStubClsid
(x86) HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\ProxyStubClsid32
(x86) HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\TypeLib
(x86) HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\TypeLib#Version
(x86) HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
(x86) HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\ProxyStubClsid
(x86) HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\ProxyStubClsid32
(x86) HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\TypeLib
(x86) HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\TypeLib#Version
(x86) HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
(x86) HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\ProxyStubClsid
(x86) HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\ProxyStubClsid32
(x86) HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\TypeLib
(x86) HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\TypeLib#Version
(x86) HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
(x86) HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\ProxyStubClsid
(x86) HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\ProxyStubClsid32
(x86) HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\TypeLib
(x86) HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\TypeLib#Version
(x86) HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
(x86) HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\ProxyStubClsid
(x86) HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\ProxyStubClsid32
(x86) HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\TypeLib
(x86) HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\TypeLib#Version
(x86) HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
(x86) HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\ProxyStubClsid
(x86) HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\ProxyStubClsid32
(x86) HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\TypeLib
(x86) HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\TypeLib#Version
(x86) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
(x86) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\ProxyStubClsid
(x86) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\ProxyStubClsid32
(x86) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\TypeLib
(x86) HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\TypeLib#Version
(x86) HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
(x86) HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid
(x86) HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid32
(x86) HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib
(x86) HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib#Version
(x86) HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
(x86) HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid
(x86) HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid32
(x86) HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib
(x86) HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib#Version
(x86) HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
(x86) HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\ProxyStubClsid
(x86) HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\ProxyStubClsid32
(x86) HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\TypeLib
(x86) HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\TypeLib#Version
(x86) HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
(x86) HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\ProxyStubClsid
(x86) HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\ProxyStubClsid32
(x86) HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\TypeLib
(x86) HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\TypeLib#Version

Adware.SelectRebates
C:\Program Files (x86)\SELECTREBATES\FFToolbar\chrome\sahtoolbar.jar
C:\Program Files (x86)\SELECTREBATES\FFToolbar\chrome
C:\Program Files (x86)\SELECTREBATES\FFToolbar\chrome.manifest
C:\Program Files (x86)\SELECTREBATES\FFToolbar\defaults\preferences\sahtoolbar.js
C:\Program Files (x86)\SELECTREBATES\FFToolbar\defaults\preferences
C:\Program Files (x86)\SELECTREBATES\FFToolbar\defaults
C:\Program Files (x86)\SELECTREBATES\FFToolbar\install.rdf
C:\Program Files (x86)\SELECTREBATES\FFToolbar
C:\Program Files (x86)\SELECTREBATES\SahImages\alert.png
C:\Program Files (x86)\SELECTREBATES\SahImages\check.png
C:\Program Files (x86)\SELECTREBATES\SahImages\close.png
C:\Program Files (x86)\SELECTREBATES\SahImages
C:\Program Files (x86)\SELECTREBATES\SelectAlerts.dat
C:\Program Files (x86)\SELECTREBATES\SelectRebates.exe
C:\Program Files (x86)\SELECTREBATES\SelectRebates.ini
C:\Program Files (x86)\SELECTREBATES\SelectRebatesA.dat
C:\Program Files (x86)\SELECTREBATES\SelectRebatesApi.exe
C:\Program Files (x86)\SELECTREBATES\SelectRebatesB.dat
C:\Program Files (x86)\SELECTREBATES\SelectRebatesBT.dat
C:\Program Files (x86)\SELECTREBATES\SelectRebatesDownload.exe
C:\Program Files (x86)\SELECTREBATES\SelectRebatesH.dat
C:\Program Files (x86)\SELECTREBATES\SelectRebatesUninstall.exe
C:\Program Files (x86)\SELECTREBATES\SRebates.dll
C:\Program Files (x86)\SELECTREBATES\SRFF3.dll
C:\Program Files (x86)\SELECTREBATES\Toolbar\AddtoList.bmp
C:\Program Files (x86)\SELECTREBATES\Toolbar\basis.xml
C:\Program Files (x86)\SELECTREBATES\Toolbar\Basis.xml.dym
C:\Program Files (x86)\SELECTREBATES\Toolbar\Blank.bmp
C:\Program Files (x86)\SELECTREBATES\Toolbar\Cache
C:\Program Files (x86)\SELECTREBATES\Toolbar\CashBack.bmp
C:\Program Files (x86)\SELECTREBATES\Toolbar\Coupons.bmp
C:\Program Files (x86)\SELECTREBATES\Toolbar\GroceryCoupon.bmp
C:\Program Files (x86)\SELECTREBATES\Toolbar\icons.bmp
C:\Program Files (x86)\SELECTREBATES\Toolbar\ImageCache
C:\Program Files (x86)\SELECTREBATES\Toolbar\i_magnifying.bmp
C:\Program Files (x86)\SELECTREBATES\Toolbar\logo.bmp
C:\Program Files (x86)\SELECTREBATES\Toolbar\logo_24.bmp
C:\Program Files (x86)\SELECTREBATES\Toolbar\logo_HotSpots.bmp
C:\Program Files (x86)\SELECTREBATES\Toolbar\ReviewSite.bmp
C:\Program Files (x86)\SELECTREBATES\Toolbar\RightControls.dym
C:\Program Files (x86)\SELECTREBATES\Toolbar\Scissors.bmp
C:\Program Files (x86)\SELECTREBATES\Toolbar\ShopAtHomeToolbar.dll
C:\Program Files (x86)\SELECTREBATES\Toolbar
C:\Program Files (x86)\SELECTREBATES
C:\Windows\Prefetch\SELECTREBATESAPI.EXE-86CAFEB2.pf
C:\Windows\Prefetch\SELECTREBATESDOWNLOAD.EXE-AEB610D8.pf

Adware.ShopAtHome/SelectRebates
(x86) [SelectRebates] C:\PROGRAM FILES (X86)\SELECTREBATES\SELECTREBATES.EXE

Adware.Tracking Cookie
C:\USERS\LOU BRADFORD\AppData\Roaming\Microsoft\Windows\Cookies\Low\0WH9S78B.txt [ Cookie:lou bradford@accounts.youtube.com/accounts ]




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users