TechSpot

[Closed] Background app constantly using bandwidth

By HKW
May 3, 2011
  1. Using XP SP3, I'm on a 384kb/sec connection and something is constantly downloading at approx. 30 to 50 kb/sec. 1GB monthly data cap, so naturally this is a problem. Hoping someone can give additional feedback on this.

    I've attacked a hijackthis log.
     
  2. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Welcome to TechSpot! We do not 'screen' for malware using HijackThis.

    If you would like us to check the system for malware, please follow the steps in the Preliminary Virus and Malware Removal thread HERE.

    When you have finished, leave the logs for review in your next reply .
    NOTE: Logs must be pasted in the replies. Attached logs will not be reviewed.

    Please do not use any other cleaning programs or scans while I'm helping you, unless I direct you to. Do not use a Registry cleaner or make any changes in the Registry.
     
  3. HKW

    HKW TS Rookie Topic Starter

    I don't see what's wrong with using a hijackthis log, I've seen other users on this forum using it.

    I don't have much time to access the computer in question, it is a friend's computer, not my own. I've installed Avast and set it to do a full scan but I had to leave directly after setting it to scan. I can take care of the other viruses and junk later, but the critical issue is the constant bandwidth being used for no reason.

    I've estimated that I have between 5 to 7 days (it being midnight of the 3rd already my time is almost up) before the 1GB monthly cap runs out and if that happens I won't be able to access the internet from my friend's house, and obviously that will make it much harder to clean up the computer. If this happens I'd have to wait until next month before I can do anything to help.

    I've removed the hijackthis log because I just realized it contained personal data. I'll try to get more info up later.
     
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    There is nothing 'wrong' with running HijackThis. I have you do that at the end. We have found that it doesn't not give us sufficient information to use in the preliminary steps. If others use it as you did, they are given the same message you got if they are in this forum.

    The preliminary removal thread was updated to reflect that. If you do not want to continue, please let me know and I'll close the thread.
     
  5. HKW

    HKW TS Rookie Topic Starter

    First post:
    Malwarebytes Anti-Malware log
    GMER log

    Second post:
    DDS logs: both DDS and Attach






    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Database version: 6511

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 6.0.2900.5512

    2011/05/05 05:20:32 PM
    mbam-log-2011-05-05 (17-20-32).txt

    Scan type: Quick scan
    Objects scanned: 218760
    Time elapsed: 4 minute(s), 12 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 2
    Registry Keys Infected: 143
    Registry Values Infected: 14
    Registry Data Items Infected: 6
    Folders Infected: 22
    Files Infected: 124

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    c:\program files\mywebsearch\bar\2.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Delete on reboot.
    c:\program files\mywebsearch\bar\2.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> Delete on reboot.

    Registry Keys Infected:
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MyWebSearchService (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\MyWebSearchToolBar.SettingsPlugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\MyWebSearchToolBar.SettingsPlugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{1093995A-BA37-41D2-836E-091067C4AD17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\FunWebProducts.IECookiesManager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\FunWebProducts.IECookiesManager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{1D4DB7D2-6EC9-47a3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{1D4DB7D0-6EC9-47a3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{1D4DB7D1-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\FunWebProductsInstaller.Start.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\FunWebProductsInstaller.Start (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\FunWebProducts.DataControl.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\FunWebProducts.DataControl (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{3E720452-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{3E720451-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\MyWebSearch.HTMLPanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\MyWebSearchToolBar.ToolbarPlugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterSettingsControl.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterSettingsControl (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\MyWebSearch.PseudoTransparentPlugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterBarButton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\FunWebProducts.PopSwatterBarButton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\FunWebProducts.HTMLMenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverInstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\ScreenSaverControl.ScreenSaverInstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{A9571378-68A1-443d-B082-284F960C6D17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\MyWebSearch.OutlookAddin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{B813095C-81C0-4E40-AA14-67520372B987} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\FunWebProducts.KillerObjManager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\FunWebProducts.KillerObjManager (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{BB4C402F-882A-4526-8C08-51278EA437C1} (Spyware.OnlineGames) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\FunWebProducts.HistoryKillerScheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\FunWebProducts.HistoryKillerScheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\FunWebProducts.HistorySwatterControlBar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\FunWebProducts.HistorySwatterControlBar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\MyWebSearch.ChatSessionPlugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\MyWebSearch.ChatSessionPlugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{D518921A-4A03-425E-9873-B9A71756821E} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{F42228FB-E84E-479E-B922-FBBD096E792C} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45dd-9B68-D6A12C30E5D7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48dd-9B6D-7A13A3E42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40fd-8DAE-FF14757F60C7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DAW-BG6W (Adware.LoudMo) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\MyWebSearch.MultipleButton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\MyWebSearch.MultipleButton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\MyWebSearch.UrlAlertButton (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\MyWebSearch.UrlAlertButton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\MADOWN (Worm.Magania) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\NOD32KVBIT (Trojan.Frethog) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\ROUA3O12PW (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\TOY5KNQ8OC (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Handle (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DRM\amty (Worm.Autorun) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FLV Direct Player (Adware.FLVPlayer) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SSHNAS (Trojan.Renos) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{819FFE22-35C7-4925-8CDA-4E0E2DB94302} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{819FFE21-35C7-4925-8CDA-4E0E2DB94302} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{799391D3-EB86-4bac-9BD3-CBFEA58A0E15} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

    Registry Values Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00A6FAF6-072E-44CF-8957-5838F569A31D} (Adware.MyWebSearch) -> Value: {00A6FAF6-072E-44CF-8957-5838F569A31D} -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{BB4C402F-882A-4526-8C08-51278EA437C1} (Spyware.OnlineGames) -> Value: {BB4C402F-882A-4526-8C08-51278EA437C1} -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00A6FAF6-072E-44cf-8957-5838F569A31D} (Adware.MyWebSearch) -> Value: {00A6FAF6-072E-44cf-8957-5838F569A31D} -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{BB4C402F-882A-4526-8C08-51278EA437C1} (Spyware.OnlineGames) -> Value: {BB4C402F-882A-4526-8C08-51278EA437C1} -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> Value: (default) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cdoosoft (Spyware.OnlineGames) -> Value: cdoosoft -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\TOY5KNQ8OC (Trojan.FakeAlert) -> Value: TOY5KNQ8OC -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\nod32 (Spyware.OnlineGames) -> Value: nod32 -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\dso32 (Spyware.OnlineGames) -> Value: dso32 -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Value: f3PopularScreensavers -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Value: FunWebProducts -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\csrcs (Trojan.Agent) -> Value: csrcs -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\My Web Search Bar (Adware.MyWebSearch) -> Value: My Web Search Bar -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\csrcs (Trojan.Agent) -> Value: csrcs -> Quarantined and deleted successfully.

    Registry Data Items Infected:
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage) -> Bad: (http://flvdirect.iamwired.net/) Good: (http://www.google.com) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe csrcs.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL\CheckedValue (PUM.Hijack.System.Hidden) -> Bad: (0) Good: (1) -> Quarantined and deleted successfully.

    Folders Infected:
    c:\program files\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\funwebproducts\Installr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\funwebproducts\Installr\4.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\funwebproducts\screensaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\funwebproducts\screensaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\funwebproducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\funwebproducts\Shared\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch (Adware.MyWebSearch) -> Delete on reboot.
    c:\program files\mywebsearch\bar (Adware.MyWebSearch) -> Delete on reboot.
    c:\program files\mywebsearch\bar\2.bin (Adware.MyWebSearch) -> Delete on reboot.
    c:\program files\mywebsearch\bar\2.bin\chrome (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Avatar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\icons (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Notifier (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Overlay (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\setups (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\documents and settings\all users\start menu\Programs\flv direct player (Adware.FLVPlayer) -> Quarantined and deleted successfully.

    Files Infected:
    c:\program files\mywebsearch\bar\2.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> Delete on reboot.
    c:\program files\mywebsearch\bar\2.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> Delete on reboot.
    c:\program files\mywebsearch\bar\2.bin\MWSSVC.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\funwebproducts\Installr\4.bin\F3EZSETP.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\M3HTML.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\M3SKIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\M3MSG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\documents and settings\--jacci--\Desktop\cursormania.exe (Adware.FunWeb) -> Quarantined and deleted successfully.
    c:\WINDOWS\system32\DAW-BG6W.exe (Adware.LoudMo) -> Quarantined and deleted successfully.
    c:\WINDOWS\AhnRpta.exe (Trojan.Backdoor) -> Quarantined and deleted successfully.
    c:\WINDOWS\Tasks\{35dc3473-a719-4d14-b7c1-fd326ca84a0c}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
    c:\WINDOWS\Tasks\{66ba574b-1e11-49b8-909c-8cc9e0e8e015}.job (Trojan.Downloader) -> Quarantined and deleted successfully.
    c:\program files\funwebproducts\Installr\4.bin\F3PLUGIN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\funwebproducts\Installr\4.bin\NPFUNWEB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\funwebproducts\screensaver\Images\012F226A.urr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\funwebproducts\Shared\0090DEBB.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\funwebproducts\Shared\01312EF4.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\funwebproducts\Shared\Cache\cursormaniabtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\funwebproducts\Shared\Cache\smileycentralbtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\chrome.manifest (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\F3HKSTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\F3REGHK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\INSTALL.RDF (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\M3AUXSTB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\M3DLGHK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\M3HIGHIN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\M3IDLE.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\M3MEDINT.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\M3SRCHMN.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\MWSMLBTN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\MWSUABTN.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\2.bin\chrome\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\0006C75A (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\0001BC07 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\0001CA5F (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\0001D4A0 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\0001DF2F (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\0001EE62.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\0001EEA1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\0001F7E8.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\0001FA39 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\0001FC1E.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\00020C1B.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\00021080.bmp (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\00023AEC (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\000292C0 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\000297E1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\00034A0A (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\0003B97D (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\0004BA53.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\0006C566 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\00094B93 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\00111D2A (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\0014ACC9 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\00181047 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\001E7BF4 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\0040CDC8 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\004581C3 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\005C638C (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\005FD032 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\0060D500 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\006EAA62 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\00708396 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\0098DEF2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\00A029D4 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\00A068A2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\01072C21 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\01161DB1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\015323F2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\0171A380 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\01CECAF9 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\01DB39B7 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\0205C428 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\History\search3 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Overlay\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\program files\mywebsearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    c:\documents and settings\all users\start menu\Programs\flv direct player\flv direct player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully.
    c:\documents and settings\all users\start menu\Programs\flv direct player\uninstall flv direct player.lnk (Adware.FLVPlayer) -> Quarantined and deleted successfully.










    GMER 1.0.15.15627 - http://www.gmer.net
    Rootkit quick scan 2011-05-05 17:40:22
    Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T1L0-5 SAMSUNG_HD252HJ rev.1AC01113
    Running: o5nynpbi.exe; Driver: C:\DOCUME~1\Owner\LOCALS~1\Temp\agqdqaob.sys


    ---- System - GMER 1.0.15 ----

    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateKey [0xA846B026]
    SSDT \SystemRoot\System32\Drivers\aswSnx.SYS (avast! Virtualization Driver/AVAST Software) ZwEnumerateValueKey [0xA846AE91]

    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ZwCreateProcessEx [0xA85048DE]
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObInsertObject
    Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/AVAST Software) ObMakeTemporaryObject

    ---- Devices - GMER 1.0.15 ----

    Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/AVAST Software)

    AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/AVAST Software)
    AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
    AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
    AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)
    AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/AVAST Software)

    ---- EOF - GMER 1.0.15 ----
     
  6. HKW

    HKW TS Rookie Topic Starter

    .
    DDS (Ver_11-03-05.01) - NTFSx86
    Run by Owner at 17:43:55.32 on 2011/05/05
    Internet Explorer: 6.0.2900.5512 BrowserJavaVersion: 1.6.0_20
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1013.409 [GMT 7:00]
    .
    AV: Avira AntiVir PersonalEdition *Enabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7}
    AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
    .
    ============== Running Processes ===============
    .
    C:\WINDOWS\system32\svchost -k DcomLaunch
    svchost.exe
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    svchost.exe
    svchost.exe
    C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Intel\AMT\atchksrv.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\Intel\AMT\LMS.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
    C:\WINDOWS\system32\svchost.exe -k imgsvc
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\system32\igfxpers.exe
    C:\Program Files\Intel\AMT\atchk.exe
    C:\WINDOWS\system32\igfxsrvc.exe
    C:\WINDOWS\system32\cfpsys.exe
    C:\Program Files\TurboHddUsb\TurboHddUsb.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\real\realplayer\update\realsched.exe
    C:\Program Files\AVAST Software\Avast\avastUI.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\yorkhigh\d6\yorkh.exe
    C:\Documents and Settings\Owner\Application Data\Transcend\SJelite3\SJelite3Launch.exe
    C:\Program Files\BandwidthMonitor\BWMonitor.exe
    C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    C:\Program Files\Apple Computer\DVD@ccess\DVDAccess.exe
    C:\Program Files\FinePixViewer\QuickDCF2.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Owner\My Documents\Downloads\dds.scr
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com
    uSearch Page = hxxp://www.google.com
    uSearch Bar = hxxp://www.google.com/ie
    mDefault_Search_URL = hxxp://www.google.com/ie
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    mSearchAssistant = hxxp://www.google.com/ie
    mURLSearchHooks: H - No File
    BHO: ToggleEN Toolbar: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - c:\program files\toggleen\prxtbTog2.dll
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
    BHO: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
    BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.3.3.2.dll
    BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
    BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
    BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - c:\program files\windows live\toolbar\wltcore.dll
    TB: ToggleEN Toolbar: {038cb5c7-48ea-4af9-94e0-a1646542e62b} - c:\program files\toggleen\prxtbTog2.dll
    TB: WeFiBar Toolbar: {0b876028-b388-4f6d-922f-f52faec8535f} - c:\program files\wefibar\tbWeF0.dll
    TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll
    TB: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
    TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\avast software\avast\aswWebRepIE.dll
    TB: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No File
    uRun: [MSMSGS] "c:\program files\messenger\msmsgs.exe" /background
    uRun: [Skype] "c:\program files\skype\\phone\Skype.exe" /nosplash /minimized
    uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    uRun: [yorkh] c:\program files\yorkhigh\d6\yorkh.exe
    uRun: [SJelite3Launch] c:\documents and settings\owner\application data\transcend\sjelite3\SJelite3Launch.exe
    uRun: [BandwidthMonitor] c:\program files\bandwidthmonitor\BWMonitor.exe
    mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
    mRun: [RTHDCPL] RTHDCPL.EXE
    mRun: [Alcmtr] ALCMTR.EXE
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [atchk] "c:\program files\intel\amt\atchk.exe"
    mRun: [FOX DogWard] c:\progra~1\foxconn\dogwar~1\DogLoader.exe -AutoRun
    mRun: [PCSuiteTrayApplication] c:\program files\nokia\nokia pc suite 6\LaunchApplication.exe -startup
    mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe
    mRun: [Easy-PrintToolBox] c:\program files\canon\easy-printtoolbox\BJPSMAIN.EXE /logon
    mRun: [Warning: do not remove it! (system)] cfpsys.exe
    mRun: [TurboHddUsb] c:\program files\turbohddusb\TurboHddUsb.exe
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe" -osboot
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
    dRun: [Nokia.PCSync] c:\program files\nokia\nokia pc suite 6\PcSync2.exe /NoDialog
    dRun: [nod32] c:\windows\temp\nodqq.exe
    StartupFolder: c:\docume~1\owner\startm~1\programs\startup\openof~1.lnk - c:\program files\openoffice.org 2.3\program\quickstart.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueso~1.lnk - c:\program files\ivt corporation\bluesoleil\gprs.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\dvd@cc~1.lnk - c:\program files\apple computer\dvd@ccess\DVDAccess.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\exifla~1.lnk - c:\program files\finepixviewer\QuickDCF2.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\kodake~1.lnk - c:\program files\kodak\kodak easyshare software\bin\EasyShare.exe
    IE: &Search
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
    IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
    IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.3.3.2.dll/206
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
    DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - c:\program files\yahoo!\common\Yinsthelper.dll
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\windows\system32\Skype4COM.dll
    Notify: igfxcui - igfxdev.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\docume~1\owner\applic~1\mozilla\firefox\profiles\trpxklc8.default\
    FF - prefs.js: browser.search.defaulturl - hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search=
    FF - prefs.js: browser.search.selectedEngine - Google
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.co.za/
    FF - prefs.js: keyword.URL - hxxp://flvdirect.iamwired.net/websearch.php?src=tops&search=
    FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordext.dll
    FF - component: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\firefox\ext\components\nprpffbrowserrecordlegacyext.dll
    FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\trpxklc8.default\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b}\components\FFExternalAlert.dll
    FF - component: c:\documents and settings\owner\application data\mozilla\firefox\profiles\trpxklc8.default\extensions\{038cb5c7-48ea-4af9-94e0-a1646542e62b}\components\RadioWMPCore.dll
    FF - plugin: c:\documents and settings\--jacci--\desktop\divx\divx player\npDivxPlayerPlugin.dll
    FF - plugin: c:\documents and settings\--jacci--\desktop\divx\divx web player\npdivx32.dll
    FF - plugin: c:\documents and settings\all users\application data\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    .
    ---- FIREFOX POLICIES ----
    FF - user.js: google.toolbar.linkdoctor.enabled - false
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-5-1 371544]
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-5-1 301528]
    R1 FNETURPX;FNETURPX;c:\windows\system32\drivers\FNETURPX.SYS [2010-10-23 7936]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-5-1 19544]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2011-5-1 42184]
    R2 DVDAccss;DVDAccss;c:\windows\system32\drivers\DVDAccss.sys [2009-7-4 29156]
    R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [2009-5-17 55152]
    R2 Start BT in service;Start BT in service;c:\program files\ivt corporation\bluesoleil\StartSkysolSvc.exe [2007-12-27 51816]
    S2 gupdate1caf7ff11061394;Google Update Service (gupdate1caf7ff11061394);"c:\program files\google\update\googleupdate.exe" /svc --> c:\program files\google\update\GoogleUpdate.exe [?]
    S3 __FOX__FOXONE_DRIVER__;__FOX__FOXONE_DRIVER__;\??\c:\docume~1\--jacc~1\locals~1\temp\foxdriver.sys --> c:\docume~1\--jacc~1\locals~1\temp\FoxDriver.sys [?]
    S3 __FOX__UNIDRIVER__;__FOX__UNIDRIVER__;\??\c:\progra~1\foxconn\dogwar~1\foxg1driver.sys --> c:\progra~1\foxconn\dogwar~1\FoxG1Driver.sys [?]
    S3 AVPsys;AVPsys;\??\c:\windows\system32\drivers\cdaudio.sys --> c:\windows\system32\drivers\cdaudio.sys [?]
    S3 FNETTBOH_120;FNETTBOH_120;c:\windows\system32\drivers\FNETTBOH_120.SYS [2010-10-23 24192]
    S3 FoxAwdWINFLASH;FoxAwdWINFLASH;\??\c:\program files\foxconn\fox logo\foxawdwinflash.sys --> c:\program files\foxconn\fox logo\FoxAwdWINFLASH.SYS [?]
    S3 FXDrv32;FXDrv32;\??\d:\fxdrv32.sys --> d:\FXDrv32.sys [?]
    S3 WefiEngSvc;WeFi Engine Service;"c:\documents and settings\--jacci--\my documents\downloads\wefi\wefiengsvc.exe" --> c:\documents and settings\--jacci--\my documents\downloads\wefi\WefiEngSvc.exe [?]
    S4 fsssvc;Windows Live Family Safety;"c:\program files\windows live\family safety\fsssvc.exe" --> c:\program files\windows live\family safety\fsssvc.exe [?]
    .
    =============== Created Last 30 ================
    .
    2011-05-05 10:09:37 -------- d-----w- c:\docume~1\owner\applic~1\Malwarebytes
    2011-05-05 10:09:34 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-05-05 10:09:33 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes
    2011-05-05 10:09:30 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-05-05 10:09:30 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-05-05 09:41:43 -------- d-----w- c:\docume~1\alluse~1\applic~1\SecTaskMan
    2011-05-05 09:41:38 -------- d-----w- c:\program files\Security Task Manager
    2011-05-03 14:24:51 -------- d-----w- c:\program files\IVT Corporation
    2011-05-03 10:22:07 -------- d-----w- c:\program files\Trend Micro
    2011-05-03 09:56:41 -------- d-----w- c:\docume~1\owner\applic~1\PriceGong
    2011-05-01 16:56:13 -------- d-----w- c:\docume~1\owner\applic~1\BWMonitor
    2011-05-01 16:49:08 -------- d-----w- c:\program files\BandwidthMonitor
    2011-05-01 16:34:42 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    2011-05-01 16:34:41 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll
    2011-05-01 16:34:40 89048 ----a-w- c:\program files\mozilla firefox\libEGL.dll
    2011-05-01 16:34:40 465880 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll
    2011-05-01 16:34:40 1974616 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll
    2011-05-01 16:34:40 1892184 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll
    2011-05-01 16:34:40 1874904 ----a-w- c:\program files\mozilla firefox\mozjs.dll
    2011-05-01 16:34:40 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll
    2011-05-01 16:26:06 371544 ----a-w- c:\windows\system32\drivers\aswSnx.sys
    2011-05-01 16:25:49 40648 ----a-w- c:\windows\avastSS.scr
    2011-05-01 16:25:42 -------- d-----w- c:\program files\AVAST Software
    2011-04-13 20:39:02 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll
    2011-04-13 20:39:02 103864 ----a-w- c:\program files\internet explorer\plugins\nppdf32.dll
    2011-04-07 16:46:27 -------- d-----w- c:\program files\Fantasy Moon 3D Screensaver
    2011-04-07 16:43:59 -------- d-----w- c:\windows\system32\3Planesoft
    2011-04-07 16:43:59 -------- d-----w- c:\program files\3Planesoft Screensaver Manager
    2011-04-07 16:43:55 -------- d-----w- c:\program files\Lantern 3D Screensaver
    .
    ==================== Find3M ====================
    .
    2003-10-01 11:04:08 121856 --sha-w- c:\windows\system32\cfpsys.exe
    .
    ============= FINISH: 17:44:30.78 ===============











    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_11-03-05.01)
    .
    Microsoft Windows XP Home Edition
    Boot Device: \Device\HarddiskVolume1
    Install Date: 2/21/2009 6:15:48 AM
    System Uptime: 5/5/2011 5:22:01 PM (0 hours ago)
    .
    Motherboard: Foxconn | | G31MX Series
    Processor: Intel(R) Pentium(R) Dual CPU E2200 @ 2.20GHz | Socket 775 | 2199/200mhz
    .
    ==== Disk Partitions =========================
    .
    A: is Removable
    C: is FIXED (NTFS) - 233 GiB total, 5.511 GiB free.
    D: is CDROM ()
    .
    ==== Disabled Device Manager Items =============
    .
    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Realtek RTL8139/810x Family Fast Ethernet NIC
    Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_0DF7105B&REV_01\4&2AD917F4&0&00E1
    Manufacturer: Realtek Semiconductor Corp.
    Name: Realtek RTL8139/810x Family Fast Ethernet NIC
    PNP Device ID: PCI\VEN_10EC&DEV_8136&SUBSYS_0DF7105B&REV_01\4&2AD917F4&0&00E1
    Service: RTLE8023xp
    .
    Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
    Description: Bluetooth PAN Network Adapter
    Device ID: ROOT\NET\0000
    Manufacturer: IVT Corporation
    Name: Bluetooth PAN Network Adapter
    PNP Device ID: ROOT\NET\0000
    Service: BT
    .
    ==== System Restore Points ===================
    .
    RP646: 5/1/2011 8:32:02 PM - System Checkpoint
    RP647: 5/1/2011 11:25:42 PM - avast! Free Antivirus Setup
    RP648: 5/1/2011 11:53:13 PM - Removed AVG Free 8.5
    RP649: 5/1/2011 11:54:18 PM - Installed AVG Free 8.5
    RP650: 5/3/2011 3:12:19 PM - System Checkpoint
    RP651: 5/3/2011 9:24:49 PM - Installed Bluesoleil2.7.0.13 VoIP Release 071227
    RP652: 5/5/2011 2:00:23 PM - System Checkpoint
    .
    ==== Installed Programs ======================
    .
    .
    3Planesoft Screensaver Manager 1.0
    4Media DVD Ripper Ultimate 6
    7-Zip 4.65
    AAC Decoder
    Acrobat.com
    Adobe Acrobat 5.0
    Adobe AIR
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 9.4.4
    Algebra Booster 2.5
    AR7 DSL Router USB Driver
    ArcSoft Software Suite
    Auslogics Disk Defrag
    AutoUpdate
    avast! Free Antivirus
    AviSynth 2.5
    Bandwidth Monitor 3.4 build 757
    Bigasoft Total Video Converter 2.5.5.3960
    BitComet 1.12
    Bluesoleil2.7.0.13 VoIP Release 071227
    Canon iP1800 series
    Canon iP1800 series User Registration
    Canon Utilities Easy-LayoutPrint
    Canon Utilities Easy-PhotoPrint
    Canon Utilities Easy-PrintToolBox
    CCleaner
    CCScore
    Chico
    Choice Guard
    Chrome
    CMD 1.1.0.21
    CometBird (3.0.10)
    Conduit Engine
    CyberLink DVD Suite
    DivX Codec
    DivX Converter
    DivX Player
    DivX Plus DirectShow Filters
    DivX Version Checker
    DivX Web Player
    Dog Ward
    Dudley
    DV Studio3
    DVD Decrypter (Remove Only)
    DVD@ccess 2.0.3
    English 4.0
    ESSBrwr
    ESSCDBK
    ESScore
    ESSgui
    ESSini
    ESSPCD
    ESSPDock
    ESSSONIC
    ESSTOOLS
    essvatgt
    Fantasy Moon 3D Screensaver 1.3
    FEAR SP Demo
    fflink
    FinePixViewer Resource
    FinePixViewer Ver.5.5
    FinePixViewer YTUPL
    FOX DMI
    FOX Energy Management
    FOX Kara Player
    FOX LiveUpdate
    FOX LOGO
    FOX ONE
    FretPro V.2.00
    Google Chrome
    Google Toolbar for Internet Explorer
    Google Update Helper
    GST 2.3.6.1
    Guitar FX BOX 2.6
    Guitar FX BOX 2.8
    Guitar Guru Version 2.1.4
    Guitar Pro 5.0
    H.264 Decoder
    Hershey
    HijackThis 2.0.2
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Windows XP (KB954550-v5)
    Hotfix for Windows XP (KB954708)
    ImTOO 3GP Video Converter
    Intel(R) Active Management Technology LMS Service and SOL Driver
    Intel(R) Graphics Media Accelerator Driver
    inTone Guitar Demo 1.2.0
    Java Auto Updater
    Java(TM) 6 Update 2
    Java(TM) 6 Update 20
    Junk Mail filter update
    K-Lite Codec Pack 4.7.5 (Full)
    kgcbaby
    kgcbase
    kgchday
    kgchlwn
    kgcinvt
    kgckids
    kgcmove
    kgcvday
    Kodak EasyShare software
    Lantern 3D Screensaver 1.0
    Last.fm 1.5.4.24567
    Libby
    LimeWire 4.18.8
    Loopie
    Malwarebytes' Anti-Malware
    Math Success High School
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 2.0 Service Pack 2
    Microsoft .NET Framework 3.0 Service Pack 2
    Microsoft .NET Framework 3.5 SP1
    Microsoft Application Error Reporting
    Microsoft Office Access 2003
    Microsoft Office Access 2003 Runtime
    Microsoft Office Access MUI (English) 2007
    Microsoft Office Access Setup Metadata MUI (English) 2007
    Microsoft Office Excel 2003
    Microsoft Office Excel MUI (English) 2007
    Microsoft Office FrontPage 2003
    Microsoft Office InfoPath MUI (English) 2007
    Microsoft Office Live Add-in 1.3
    Microsoft Office Outlook Connector
    Microsoft Office Outlook MUI (English) 2007
    Microsoft Office PowerPoint 2003
    Microsoft Office PowerPoint MUI (English) 2007
    Microsoft Office Professional Plus 2007
    Microsoft Office Proof (English) 2007
    Microsoft Office Proof (French) 2007
    Microsoft Office Proof (Spanish) 2007
    Microsoft Office Proofing (English) 2007
    Microsoft Office Publisher MUI (English) 2007
    Microsoft Office Shared MUI (English) 2007
    Microsoft Office Shared Setup Metadata MUI (English) 2007
    Microsoft Office Word MUI (English) 2007
    Microsoft Search Enhancement Pack
    Microsoft Silverlight
    Microsoft Software Update for Web Folders (English) 12
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Sync Framework Runtime Native v1.0 (x86)
    Microsoft Sync Framework Services Native v1.0 (x86)
    Microsoft Text-to-Speech Engine 4.0 (English)
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    MKV Splitter
    MotoGP URT 3 Demo
    Movie Converter v4
    Mozilla Firefox 4.0.1 (x86 en-US)
    MSVCRT
    MXit PC 1.3.0.5 BETA
    Nero 7 Essentials
    neroxml
    netbrdg
    Nidesoft DVD to Nokia Converter v5.6
    Nokia Connectivity Cable Driver
    Nokia PC Suite
    OfotoXMI
    OJOsoft Total Video Converter
    OpenOffice.org 2.3
    PANZERS - Phase II - ModDemo
    ParetoLogic Data Recovery
    Password Protect 3.2
    PC Connectivity Solution
    PC Inspector smart recovery
    Perfect Uninstaller v6.3.3.3
    PIXMA Extended Survey Program
    Power Tab Editor 1.7
    Professor Answers
    Professor Fizzwizzle DEMO
    Professor Teaches Excel 2000
    Professor Teaches Excel 2002
    Professor Teaches FrontPage 2003
    PSP Video 9 5.04
    QuickTime
    ReadManiac 2.5.2
    RealNetworks - Microsoft Visual C++ 2008 Runtime
    RealPlayer
    Realtek AC'97 Audio
    REALTEK GbE & FE Ethernet PCI-E NIC Driver
    Realtek High Definition Audio Driver
    RealUpgrade 1.1
    Recuva
    Ritter
    Science 5.0
    SD Viewer
    Security Task Manager 1.8c
    Segoe UI
    SFR
    SHASTA
    skin0001
    SKINXSDK
    Skype™ 4.2
    Social Studies 3.0
    Spencer
    staticcr
    Stellar Phoenix Photo Recovery v3.5
    Ten Thumbs 4.7
    TeraCopy 2.0 beta 4a
    Tiara
    Tilley
    ToggleEN Toolbar
    tooltips
    TurboHddUsb
    Tyson
    USB Driver for Panasonic DVC
    UseNeXT
    VC80CRTRedist - 8.0.50727.762
    VPRINTOL
    Waldo
    War World - Tactical Combat
    Waves Guitar Tool Rack 2.0
    WebFldrs XP
    WeFi 3.9.3.0
    WeFiBar Toolbar
    Winamp
    Windows Driver Package - Nokia (WUDFRd) WPD (03/19/2007 6.83.31.1)
    Windows Driver Package - Nokia Modem (02/15/2007 3.1)
    Windows Driver Package - Nokia Modem (11/03/2006 6.82.0.1)
    Windows Live Call
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Family Safety
    Windows Live Mail
    Windows Live Messenger
    Windows Live Photo Gallery
    Windows Live Sign-in Assistant
    Windows Live Sync
    Windows Live Toolbar
    Windows Live Upload Tool
    Windows Live Writer
    Windows Media Format Runtime
    WinZip
    WIRELESS
    WordBanker Multilanguage (Evaluation Version)
    Yahoo! Install Manager
    York High School v1
    .
    ==== Event Viewer Messages From Past Week ========
    .
    5/5/2011 4:56:55 PM, error: Service Control Manager [7034] - The Start BT in service service terminated unexpectedly. It has done this 1 time(s).
    5/5/2011 4:56:55 PM, error: Service Control Manager [7034] - The ServiceLayer service terminated unexpectedly. It has done this 1 time(s).
    5/5/2011 4:56:55 PM, error: Service Control Manager [7034] - The SeaPort service terminated unexpectedly. It has done this 1 time(s).
    5/5/2011 4:56:55 PM, error: Service Control Manager [7034] - The Java Quick Starter service terminated unexpectedly. It has done this 1 time(s).
    5/5/2011 4:56:55 PM, error: Service Control Manager [7034] - The Intel(R) AMT System Status Service service terminated unexpectedly. It has done this 1 time(s).
    5/5/2011 4:56:55 PM, error: Service Control Manager [7034] - The Intel(R) Active Management Technology LMS Service service terminated unexpectedly. It has done this 1 time(s).
    5/5/2011 4:56:55 PM, error: Service Control Manager [7034] - The BlueSoleil Hid Service service terminated unexpectedly. It has done this 1 time(s).
    5/5/2011 4:24:18 PM, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service ServiceLayer with arguments "" in order to run the server: {ACF50018-41F8-476D-85FD-CD953DAE4A49}
    5/4/2011 8:40:07 PM, error: Service Control Manager [7023] - The SSHNAS service terminated with the following error: The specified module could not be found.
    5/4/2011 8:40:07 PM, error: Service Control Manager [7000] - The Google Update Service (gupdate1caf7ff11061394) service failed to start due to the following error: The system cannot find the path specified.
    5/4/2011 8:40:07 PM, error: Service Control Manager [7000] - The avast! iAVS4 Control Service service failed to start due to the following error: The system cannot find the path specified.
    5/4/2011 7:57:15 PM, error: DCOM [10005] - DCOM got error "%3" attempting to start the service gusvc with arguments "" in order to run the server: {89DAE4CD-9F17-4980-902A-99BA84A8F5C8}
    5/4/2011 6:43:48 PM, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC90.DebugCRT. Reference error message: The referenced assembly is not installed on your system. .
    5/4/2011 6:43:48 PM, error: SideBySide [59] - Generate Activation Context failed for c:\program files\real\realplayer\plugins\rmxrend.dll. Reference error message: The operation completed successfully. .
    5/4/2011 6:43:48 PM, error: SideBySide [32] - Dependent Assembly Microsoft.VC90.DebugCRT could not be found and Last Error was The referenced assembly is not installed on your system.
    5/4/2011 5:31:29 PM, error: Dhcp [1002] - The IP address lease 192.168.1.100 for the Network Card with network address 002268313B1F has been denied by the DHCP server 192.168.1.254 (The DHCP Server sent a DHCPNACK message).
    5/3/2011 9:09:36 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\real\realplayer\plugins\rmxrend.dll. Reference error message: The operation completed successfully. .
    5/3/2011 10:00:54 PM, error: SideBySide [59] - Generate Activation Context failed for C:\Program Files\Real\RealPlayer\plugins\rmxrend.dll. Reference error message: The operation completed successfully. .
    .
    ==== End Of File ===========================
     
  7. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    You have 2 antivirus program running:
    Avira and Avast
    It appears that Avira is outdated. Please remove it: To uninstall Avira:
    • Start> Settings> Control Panel> Add or Remove Programs (Windows 2000/ XP) or Start - Control Panel - Uninstall a program (Windows Vista / 7)
    • Wait for the list of installed programs to load, then click the name of the Avira program.
    • Click Remove next to the program's name (Windows 2000 / XP) or in the menu above the list (Windows Vista / 7).
    • Press Yes, to confirm the removal and then OK.
    • . Click Next until Finish. The software is removed.
    ==========================================
    The system has been heavily infected.
    (Adware.MyWebSearch): this usually comes from going to FunWebSites or any of it's related sits. The sites are usually accessed to get cursors, Smiley, wallpaper, screen savers, ring tones and a multitude of other 'cosmetic processes.
    Spyware.OnlineGames
    Trojan.Downloader

    etc. etc. etc.
    ======================================
    I see entries for at least 2 worm infections from removable media. That would imply use of a flash drive. It is infected. Either it's yours and you are sharing it between computers or it belongs to someone else and it's being connected it to this system. No Matter- result is the same> flash drive loads infection on to the system it's connected to.
    =====================================
    It does not appears that here have any security running except too many AV programs. As long as you leave the system in this state and continue to use file sharing and torrent sites, you system is going to continue to be infected.
    ============================================
    I see several screen savers running as well as the installation of file sharing programs:
    BitCommet
    LimeWire
    CometBirs

    Frequently, torrent sites are use for the downloads.
    ============================================
    If you would like help, you will need to either uninstall or disable any file sharing programs, including those you're using for photos.
    ============================================
    It's going to take a lot of work to try and clean up th]is system. Since your time is limited, you need to decide if you have the time to see it through. If you do not, then we should stop here.
    =============================================
    Run Eset NOD32 Online AntiVirus scan HERE
    1. Tick the box next to YES, I accept the Terms of Use.
    2. Click Start
    3. When asked, allow the Active X control to install
    4. Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
    5. Click Start
    6. Please Uncheck "Remove found threats" (I will remove them, if any, in a programs that will also remove related files)
    7. Check "Scan unwanted applications"
    8. Click Scan
    9. Wait for the scan to finish
    10. Click on "Copy to Clipboard"> (you won't see the 'clipboard')
    11. Click anywhere in the post where you want the logs to go, the do Ctrl V. The log will be sent from the clipboard and pasted in the post.
    12. Re-enable your Antivirus software.
      NOTE: If you forget to copy to the clipboard you can find the log here:
      C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.
    ===========================================
    Please note: If you have Combofix on the desktop already, please uninstall it. The download the current version and do the scan: If neeeded:
    Uninstall ComboFix
    • Click START> then RUN
    • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
    --------------------------------
    Download Combofix from HERE or HERE and save to the desktop
    • Double click combofix.exe & follow the prompts.
    • ComboFix will check to see if the Microsoft Windows Recovery Console is installed. It is recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode if needed.
      **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
    • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
    • Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
      [​IMG]
    • .Click on Yes, to continue scanning for malware
    • .If Combofix asks you to update the program, allow
    • .Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
    • .Close any open browsers.
    • .Double click combofix.exe[​IMG] & follow the prompts to run.
    • When the scan completes , a report will be generated-it will open a text window. Please paste the C:\ComboFix.txt in next reply..
    Re-enable your Antivirus software.
    Notes:
    1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
    2. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
    3. Combofix prevents autorun of ALL CD, floppy and USB devices to assist with malware removal & increase security. If this is an issue or makes it difficult for you -- please tell your helper.
    4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

    Maybe you can better understand now why using HJT up front isn't much good!!
     
  8. HKW

    HKW TS Rookie Topic Starter

    Already tried uninstalling Avira, but it bugged out and wouldn't let me uninstall. I'm sure that if I'd persisted, I'd have gotten it removed, but it was listed as "disabled" and I had other more important things to cover first.

    I've cleaned up 311 malware/viruses etc. with malwarebytes (some smart-as$ canceled the Avast scan after I left the other day so that evidently did not complete)

    I have disabled all file sharing programs and further blocked them with the firewall so that should put an end to that rubbish. Now as for the flash drive(s) that may be infected, I expect Avast will block any viruses that try to hop off the flash drives so it's not too much of a problem.

    Incidentally I did manage to disable the application that was draining the bandwidth before performing all these scans (I'm not at that computer now and cannot remember which it was) so the largest problem is solved.

    I don't think I'm going to bother doing much more on that system. I tried to instruct the persons using it that to scan a file or folder with Avast all they need to do is right click and scan. I don't think they got it - that's the tech level of end user we're dealing with here. If the system gets infected again, so be it. I'll just have to clean it up again in 6 months or so...

    PS. I can't do online AV scans. The internet speed is 384 kb/sec so I'm guessing it'll take all day to scan and drain the cap in the process.
     
  9. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Doesn't work like that. The flash drive needs to be disinfected. If it were that easy, no one would get malware from a flash drive!

    The system is not clean and there are many processes with high risk. Since you aren't able to continue though, I will close the thread.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...