Window security Alert Virus

[mecka]

I am looking for some help as my Computer has been taken over by a Virus.I am using the computer downstairs.I am not by no means a expert so i will require step by step directions.My Computer keeps poping up with following message:

Window Security Alert application cannot be executed the file wltuser.exe is infected.

I currently do not have a anti-virus on the computer because last time we installed it the computer slowed down to where you could barely use it.

The virus will not let me run anything,but if i restart there is about a 2 min window before the virus takes over.I have been successful in running Hijack this and have a log available.

Please help!!!

[SuperDave]

Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer. I am working under the guidance of one of the specialist of this forum so it may take a bit longer to process your logs.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

Let's try this.

Please download and run the below tool named Rkill (courtesy of BleepingComputer.com) which may help allow other programs to run.
Save Rkill to your desktop.

There are 4 different versions. If one of them won't run then download and try to run the other one.
 
Vista and Win7 users need to right click Rkill and choose Run as Administrator
 

You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

Rkill.exe
Rkill.com
Rkill.scr
Rkill.pif

Once you've gotten one of them to run then try to immediately run the following.
 
Now download and Run exeHelper.

Please download exeHelper from Raktor to your desktop.

• Double-click on exeHelper.com to run the fix. A black window should pop up, press any key to close once the fix is completed. A log file named log.txt will be created in the directory where you ran exeHelper.com Attach the log.txt file to your next message.
  
  Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).
  

[mecka]

Great thanks for the help,i was successful in running both and below is the exehelper log.

exeHelper by Raktor
Build 20100414
Run at 21:13:23 on 05/04/10
Now searching...
Checking for numerical processes...
Checking for sysguard processes...
Checking for bad processes...
Checking for bad files...
Checking for bad registry entries...
Resetting filetype association for .exe
Resetting filetype association for .com
Resetting userinit and shell values...
Resetting policies...
--Finished--

[SuperDave]

Ok. Let's see if these will run. Please do them in this order.

SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!

Download SuperAntispyware Free Edition (SAS)
* Double-click the icon on your desktop to run the installer.
* When asked to Update the program definitions, click Yes
* If you encounter any problems while downloading the updates, manually download and unzip them from here
* Next click the Preferences button.

•Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
* Click the Scanning Control tab.
* Under Scanner Options make sure only the following are checked:

•Close browsers before scanning
•Scan for tracking cookies
•Terminate memory threats before quarantining
•Please leave the others unchecked

•Click the Close button to leave the control center screen.

* On the main screen click Scan your computer
* On the left check the box for the drive you are scanning.
* On the right choose Perform Complete Scan
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK
* Make sure everything in the white box has a check next to it, then click Next
* It will quarantine what it found and if it asks if you want to reboot, click Yes

•To retrieve the removal information please do the following:
•After reboot, double-click the SUPERAntiSpyware icon on your desktop.
•Click Preferences. Click the Statistics/Logs tab.

•Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

•It will open in your default text editor (preferably Notepad).
•Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
*Copy and Paste the log in your post
====================================
Please download Malwarebytes Anti-Malware from here.

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Full Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
• Please save the log to a location you will remember.
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
========================================
Please download ComboFix from BleepingComputer.com

Alternate link: GeeksToGo.com

Rename ComboFix.exe to commy.exe before you save it to your Desktop
Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found here
Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\commy.exe" /stepdel
As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console[/list]

Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you.  Please include the contents of C:\ComboFix.txt in your next reply.

If you have problems with ComboFix usage, see How to use ComboFix

[mecka]

Alright everything ran ok,here is the Super Antispyware log

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 05/08/2010 at 04:04 AM

Application Version : 4.37.1000

Core Rules Database Version : 4900
Trace Rules Database Version: 2712

Scan type       : Complete Scan
Total Scan Time : 05:32:20

Memory items scanned      : 573
Memory threats detected   : 0
Registry items scanned    : 6690
Registry threats detected : 785
File items scanned        : 165010
File threats detected     : 316

Adware.MyWebSearch
   HKLM\Software\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}
   HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}
   HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}
   HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\InprocServer32
   HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\InprocServer32#ThreadingModel
   HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\Programmable
   C:\PROGRAM FILES\MYWEBSEARCH\SRCHASTT\1.BIN\MWSSRCAS.DLL
   HKLM\Software\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}
   HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}
   HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}
   HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\InprocServer32
   HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\InprocServer32#ThreadingModel
   HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\Programmable
   HKLM\Software\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
   HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
   HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
   HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\InprocServer32
   HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\InprocServer32#ThreadingModel
   C:\PROGRAM FILES\MYWEBSEARCH\BAR\1.BIN\MWSBAR.DLL
   HKLM\Software\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
   HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
   HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
   HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\InprocServer32
   HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\InprocServer32#ThreadingModel
   HKU\S-1-5-21-4214450793-2204253846-1464747219-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
   HKU\S-1-5-21-4214450793-2204253846-1464747219-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF6-072E-44CF-8957-5838F569A31D}
   HKU\S-1-5-21-4214450793-2204253846-1464747219-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
   HKU\S-1-5-21-4214450793-2204253846-1464747219-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
   HKU\S-1-5-21-4214450793-2204253846-1464747219-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
   HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
   HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
   HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\Control
   HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\InprocServer32
   HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\InprocServer32#ThreadingModel
   HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\MiscStatus
   HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\MiscStatus\1
   HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\ProgID
   HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\Programmable
   HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\TypeLib
   HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\Version
   HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\VersionIndependentProgID
   HKCR\MyWebSearchToolBar.SettingsPlugin.1
   HKCR\MyWebSearchToolBar.SettingsPlugin.1\CLSID
   HKCR\MyWebSearchToolBar.SettingsPlugin
   HKCR\MyWebSearchToolBar.SettingsPlugin\CLSID
   HKCR\MyWebSearchToolBar.SettingsPlugin\CurVer
   HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}
   HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}\1.0
   HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}\1.0\0
   HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}\1.0\0\win32
   HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}\1.0\FLAGS
   HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}\1.0\HELPDIR
   HKU\S-1-5-21-4214450793-2204253846-1464747219-1009\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{07B18EA9-A523-4961-B6BB-170DE4475CCA}

Adware.MyWebSearch/FunWebProducts
   HKU\S-1-5-21-4214450793-2204253846-1464747219-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4D7B-9389-0F166788785A}
   HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}
   HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}
   HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\Control
   HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\InprocServer32
   HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\InprocServer32#ThreadingModel
   HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\MiscStatus
   HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\MiscStatus\1
   HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\ProgID
   HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\Programmable
   HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\TypeLib
   HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\Version
   HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\VersionIndependentProgID
   HKCR\FunWebProducts.DataControl.1
   HKCR\FunWebProducts.DataControl.1\CLSID
   HKCR\FunWebProducts.DataControl
   HKCR\FunWebProducts.DataControl\CLSID
   HKCR\FunWebProducts.DataControl\CurVer
   HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}
   HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}\1.0
   HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}\1.0\0
   HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}\1.0\0\win32
   HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}\1.0\FLAGS
   HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}\1.0\HELPDIR
   C:\PROGRAM FILES\MYWEBSEARCH\BAR\1.BIN\F3DTACTL.DLL
   HKU\S-1-5-21-4214450793-2204253846-1464747219-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
   HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
   HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
   HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}\InprocServer32
   HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}\InprocServer32#ThreadingModel
   HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}\ProgID
   HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}\VersionIndependentProgID
   HKCR\FunWebProducts.HTMLMenu.2
   HKCR\FunWebProducts.HTMLMenu.2\CLSID
   HKCR\FunWebProducts.HTMLMenu
   HKCR\FunWebProducts.HTMLMenu\CLSID
   HKCR\FunWebProducts.HTMLMenu\CurVer
   C:\PROGRAM FILES\MYWEBSEARCH\BAR\1.BIN\F3HTMLMU.DLL
   HKU\S-1-5-21-4214450793-2204253846-1464747219-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
   HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
   HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
   HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}\InprocServer32
   HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}\InprocServer32#ThreadingModel
   HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}\ProgID
   HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}\VersionIndependentProgID
   HKCR\FunWebProducts.HTMLMenu.1
   HKCR\FunWebProducts.HTMLMenu.1\CLSID
   HKU\S-1-5-21-4214450793-2204253846-1464747219-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF}
   HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}
   HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}
   HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\InprocServer32
   HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\InprocServer32#ThreadingModel
   HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\MiscStatus
   HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\MiscStatus\1
   HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\ProgID
   HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\Programmable
   HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\TypeLib
   HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\Version
   HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\VersionIndependentProgID
   HKCR\ScreenSaverControl.ScreenSaverInstaller.1
   HKCR\ScreenSaverControl.ScreenSaverInstaller.1\CLSID
   HKCR\ScreenSaverControl.ScreenSaverInstaller
   HKCR\ScreenSaverControl.ScreenSaverInstaller\CLSID
   HKCR\ScreenSaverControl.ScreenSaverInstaller\CurVer
   HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
   HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}\1.0
   HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}\1.0\0
   HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}\1.0\0\win32
   HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}\1.0\FLAGS
   HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}\1.0\HELPDIR
   C:\PROGRAM FILES\MYWEBSEARCH\BAR\1.BIN\F3SCRCTR.DLL
   HKU\S-1-5-21-4214450793-2204253846-1464747219-1009\SOFTWARE\Fun Web Products
   HKLM\SOFTWARE\Fun Web Products
   HKLM\SOFTWARE\Fun Web Products#JpegConversionLib
   HKLM\SOFTWARE\Fun Web Products#CacheDir
   HKLM\SOFTWARE\Fun Web Products\CursorLoader
   HKLM\SOFTWARE\Fun Web Products\CursorLoader#Dir
   HKLM\SOFTWARE\Fun Web Products\MSNMessenger
   HKLM\SOFTWARE\Fun Web Products\MSNMessenger#DLLFile
   HKLM\SOFTWARE\Fun Web Products\MSNMessenger#DLLDir
   HKLM\SOFTWARE\Fun Web Products\ScreenSaver
   HKLM\SOFTWARE\Fun Web Products\ScreenSaver#ImagesDir
   HKLM\SOFTWARE\Fun Web Products\ScreenSaver#PM
   HKLM\SOFTWARE\Fun Web Products\Settings
   HKLM\SOFTWARE\Fun Web Products\Settings\AvatarSmallBtn
   HKLM\SOFTWARE\Fun Web Products\Settings\AvatarSmallBtn#LastHTMLMenuURL
   HKLM\SOFTWARE\Fun Web Products\Settings\AvatarSmallBtn#HTMLMenuRevision
   HKLM\SOFTWARE\Fun Web Products\Settings\AvatarSmallBtn#ETag
   HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn
   HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn#LastHTMLMenuURL
   HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn#HTMLMenuRevision
   HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn#ETag
   HKLM\SOFTWARE\Fun Web Products\Settings\FunBuddyIconBtn
   HKLM\SOFTWARE\Fun Web Products\Settings\FunBuddyIconBtn#LastHTMLMenuURL
   HKLM\SOFTWARE\Fun Web Products\Settings\FunBuddyIconBtn#HTMLMenuRevision
   HKLM\SOFTWARE\Fun Web Products\Settings\FunBuddyIconBtn#ETag
   HKLM\SOFTWARE\Fun Web Products\Settings\MailStampBtn
   HKLM\SOFTWARE\Fun Web Products\Settings\MailStampBtn#LastHTMLMenuURL
   HKLM\SOFTWARE\Fun Web Products\Settings\MailStampBtn#HTMLMenuRevision
   HKLM\SOFTWARE\Fun Web Products\Settings\MailStampBtn#ETag
   HKLM\SOFTWARE\Fun Web Products\Settings\MyFunCardsIMBtn
   HKLM\SOFTWARE\Fun Web Products\Settings\MyFunCardsIMBtn#LastHTMLMenuURL
   HKLM\SOFTWARE\Fun Web Products\Settings\MyFunCardsIMBtn#HTMLMenuRevision
   HKLM\SOFTWARE\Fun Web Products\Settings\MyFunCardsIMBtn#ETag
   HKLM\SOFTWARE\Fun Web Products\Settings\MyFunCardsIMBtn#msnmsgr.exe.pos
   HKLM\SOFTWARE\Fun Web Products\Settings\MySignatureInsertBtn
   HKLM\SOFTWARE\Fun Web Products\Settings\MySignatureInsertBtn#LastHTMLMenuURL
   HKLM\SOFTWARE\Fun Web Products\Settings\MySignatureInsertBtn#HTMLMenuRevision
   HKLM\SOFTWARE\Fun Web Products\Settings\MySignatureInsertBtn#ETag
   HKLM\SOFTWARE\Fun Web Products\Settings\MySignaturePreviewBtn
   HKLM\SOFTWARE\Fun Web Products\Settings\MySignaturePreviewBtn#LastHTMLMenuURL
   HKLM\SOFTWARE\Fun Web Products\Settings\MySignaturePreviewBtn#HTMLMenuRevision
   HKLM\SOFTWARE\Fun Web Products\Settings\MySignaturePreviewBtn#ETag
   HKLM\SOFTWARE\Fun Web Products\Settings\MyStationeryBtn
   HKLM\SOFTWARE\Fun Web Products\Settings\MyStationeryBtn#LastHTMLMenuURL
   HKLM\SOFTWARE\Fun Web Products\Settings\MyStationeryBtn#HTMLMenuRevision
   HKLM\SOFTWARE\Fun Web Products\Settings\MyStationeryBtn#ETag
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextNone.numActive
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextNone.0
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyFreqNone
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextUninstalled.numActive
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextUninstalled.0
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyFreqUninstalled
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.numActive
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.numActive2
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.1
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.2
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.3
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.4
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.5
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.6
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.7
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.8
   HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn
   HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#HTMLMenuPosDeleted
   HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#LastHTMLMenuURL
   HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#HTMLMenuRevision
   HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#ETag
   HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#msnmsgr.exe.pos
   HKU\S-1-5-21-4214450793-2204253846-1464747219-1009\SOFTWARE\FunWebProducts
   HKLM\SOFTWARE\FunWebProducts
   HKLM\SOFTWARE\FunWebProducts\Installer
   HKLM\SOFTWARE\FunWebProducts\Installer#Dir
   HKLM\SOFTWARE\FunWebProducts\Installer#CurInstall
   HKLM\SOFTWARE\FunWebProducts\Installer#sr
   HKLM\SOFTWARE\FunWebProducts\Installer#pl
   HKLM\SOFTWARE\FunWebProducts\Installer#CheckForConnection
   HKLM\SOFTWARE\FunWebProducts\Installer#CacheDir
   HKU\S-1-5-21-4214450793-2204253846-1464747219-1009\SOFTWARE\MyWebSearch
   HKLM\SOFTWARE\MyWebSearch
   HKLM\SOFTWARE\MyWebSearch\bar
   HKLM\SOFTWARE\MyWebSearch\bar#Maximized
   HKLM\SOFTWARE\MyWebSearch\bar#Visible
   HKLM\SOFTWARE\MyWebSearch\bar#UseFWB
   HKLM\SOFTWARE\MyWebSearch\bar#pid
   HKLM\SOFTWARE\MyWebSearch\bar#fwp
   HKLM\SOFTWARE\MyWebSearch\bar#mwsask
   HKLM\SOFTWARE\MyWebSearch\bar#un
   HKLM\SOFTWARE\MyWebSearch\bar#tiec
   HKLM\SOFTWARE\MyWebSearch\bar#Dir
   HKLM\SOFTWARE\MyWebSearch\bar#PluginPath
   HKLM\SOFTWARE\MyWebSearch\bar#UninstallString
   HKLM\SOFTWARE\MyWebSearch\bar#Id
   HKLM\SOFTWARE\MyWebSearch\bar#CurInstall
   HKLM\SOFTWARE\MyWebSearch\bar#SettingsDir
   HKLM\SOFTWARE\MyWebSearch\bar#sr
   HKLM\SOFTWARE\MyWebSearch\bar#pl
   HKLM\SOFTWARE\MyWebSearch\bar#CacheDir
   HKLM\SOFTWARE\MyWebSearch\bar#ConfigRevision
   HKLM\SOFTWARE\MyWebSearch\bar#ConfigRevisionURL
   HKLM\SOFTWARE\MyWebSearch\bar#ConfigDateStamp
   HKLM\SOFTWARE\MyWebSearch\bar#HTMLMenuRevision
   HKLM\SOFTWARE\MyWebSearch\bar#sscSet
   HKLM\SOFTWARE\MyWebSearch\bar#sscLabel
   HKLM\SOFTWARE\MyWebSearch\bar#sscURL
   HKLM\SOFTWARE\MyWebSearch\bar#Flags
   HKLM\SOFTWARE\MyWebSearch\bar#HistoryDir
   HKLM\SOFTWARE\MyWebSearch\bar#ShowEdit
   HKLM\SOFTWARE\MyWebSearch\bar#NextConfigRequest
   HKLM\SOFTWARE\MyWebSearch\bar#LastConfigRequest
   HKLM\SOFTWARE\MyWebSearch\MWSOEMON
   HKLM\SOFTWARE\MyWebSearch\MWSOEMON#Version
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG#Version
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG#Path
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG#StandardSmileyDir.AIM
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#ICQT.numActive2
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#ICQT.0
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#ICQT.1
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#ICQT.2
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#ICQT.3
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#ICQT.4
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#ICQT.5
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#ICQT.6
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#ICQT.7
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.numActive
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.numActive2
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.0.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.1.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.2.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.3.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.4.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.5.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.6.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.7.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.8.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.9.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.10.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.11.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.12.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.numActive
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.numActive2
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.0.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.1.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.2.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.3.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.4.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.5.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.6.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.numActive2
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.0
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.1
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.2
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.3
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.4
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.5
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.6
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.7
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.numActive2
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.0
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.1
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.2
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.3
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.4
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.5
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.6
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#ICQT.8
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.13.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.7.old
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.8
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.7
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#ICQT.9
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.8
   HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.9
   HKLM\SOFTWARE\MyWebSearch\OEHosts
   HKLM\SOFTWARE\MyWebSearch\OEHosts#Windows8
   HKLM\SOFTWARE\MyWebSearch\OEHosts#Windows2
   HKLM\SOFTWARE\MyWebSearch\OEHosts#Windows3
   HKLM\SOFTWARE\MyWebSearch\OEHosts#Windows4
   HKLM\SOFTWARE\MyWebSearch\OEHosts#Windows5
   HKLM\SOFTWARE\MyWebSearch\OEHosts#Windows6
   HKLM\SOFTWARE\MyWebSearch\OEHosts#Windows7
   HKLM\SOFTWARE\MyWebSearch\OEHosts#Windows9
   HKLM\SOFTWARE\MyWebSearch\OEHosts#Windows10
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#pid
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#fwp
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#mwsask
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#Dir
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#esh
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#lsp
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#Id
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#CurInstall
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#sr
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#pl
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#ConfigDateStamp
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#ABS
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#DES
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#sscEnabled
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#eintl
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#NextRequest
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#LastRequest
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#fs
   HKLM\SOFTWARE\MyWebSearch\SkinTools
   HKLM\SOFTWARE\MyWebSearch\SkinTools#PlayerPath
   HKCR\FunWebProducts.HistoryKillerScheduler
   HKCR\FunWebProducts.HistoryKillerScheduler\CLSID
   HKCR\FunWebProducts.HistoryKillerScheduler\CurVer
   HKCR\FunWebProducts.HistoryKillerScheduler.1
   HKCR\FunWebProducts.HistoryKillerScheduler.1\CLSID
   HKCR\FunWebProducts.HistorySwatterControlBar
   HKCR\FunWebProducts.HistorySwatterControlBar\CLSID
   HKCR\FunWebProducts.HistorySwatterControlBar\CurVer
   HKCR\FunWebProducts.HistorySwatterControlBar.1
   HKCR\FunWebProducts.HistorySwatterControlBar.1\CLSID
   HKCR\FunWebProducts.IECookiesManager
   HKCR\FunWebProducts.IECookiesManager\CLSID
   HKCR\FunWebProducts.IECookiesManager\CurVer
   HKCR\FunWebProducts.IECookiesManager.1
   HKCR\FunWebProducts.IECookiesManager.1\CLSID
   HKCR\FunWebProducts.KillerObjManager
   HKCR\FunWebProducts.KillerObjManager\CLSID
   HKCR\FunWebProducts.KillerObjManager\CurVer
   HKCR\FunWebProducts.KillerObjManager.1
   HKCR\FunWebProducts.KillerObjManager.1\CLSID
   HKCR\FunWebProducts.PopSwatterBarButton
   HKCR\FunWebProducts.PopSwatterBarButton\CLSID
   HKCR\FunWebProducts.PopSwatterBarButton\CurVer
   HKCR\FunWebProducts.PopSwatterBarButton.1
   HKCR\FunWebProducts.PopSwatterBarButton.1\CLSID
   HKCR\FunWebProducts.PopSwatterSettingsControl
   HKCR\FunWebProducts.PopSwatterSettingsControl\CLSID
   HKCR\FunWebProducts.PopSwatterSettingsControl\CurVer
   HKCR\FunWebProducts.PopSwatterSettingsControl.1
   HKCR\FunWebProducts.PopSwatterSettingsControl.1\CLSID
   HKCR\MyWebSearch.ChatSessionPlugin
   HKCR\MyWebSearch.ChatSessionPlugin\CLSID
   HKCR\MyWebSearch.ChatSessionPlugin\CurVer
   HKCR\MyWebSearch.ChatSessionPlugin.1
   HKCR\MyWebSearch.ChatSessionPlugin.1\CLSID
   HKCR\MyWebSearch.HTMLPanel
   HKCR\MyWebSearch.HTMLPanel\CLSID
   HKCR\MyWebSearch.HTMLPanel\CurVer
   HKCR\MyWebSearch.HTMLPanel.1
   HKCR\MyWebSearch.HTMLPanel.1\CLSID
   HKCR\MyWebSearch.OutlookAddin
   HKCR\MyWebSearch.OutlookAddin\CLSID
   HKCR\MyWebSearch.OutlookAddin\CurVer
   HKCR\MyWebSearch.OutlookAddin.1
   HKCR\MyWebSearch.OutlookAddin.1\CLSID
   HKCR\MyWebSearch.PseudoTransparentPlugin
   HKCR\MyWebSearch.PseudoTransparentPlugin\CLSID
   HKCR\MyWebSearch.PseudoTransparentPlugin\CurVer
   HKCR\MyWebSearch.PseudoTransparentPlugin.1
   HKCR\MyWebSearch.PseudoTransparentPlugin.1\CLSID
   HKCR\MyWebSearchToolBar.ToolbarPlugin
   HKCR\MyWebSearchToolBar.ToolbarPlugin\CLSID
   HKCR\MyWebSearchToolBar.ToolbarPlugin\CurVer
   HKCR\MyWebSearchToolBar.ToolbarPlugin.1
   HKCR\MyWebSearchToolBar.ToolbarPlugin.1\CLSID
   HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}
   HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\InprocServer32
   HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\InprocServer32#ThreadingModel
   HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\ProgID
   HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\Programmable
   HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\TypeLib
   HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\VersionIndependentProgID
   HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
   HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}\TreatAs
   HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}
   HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Implemented

[mecka]

HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Implemented Categories\{00021493-0000-0000-C000-000000000046}
   HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\InprocServer32
   HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\InprocServer32#ThreadingModel
   HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Instance
   HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Instance#CLSID
   HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Instance\InitPropertyBag
   HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Instance\InitPropertyBag#Url
   HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}
   HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\Control
   HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\InprocServer32
   HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\InprocServer32#ThreadingModel
   HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\MiscStatus
   HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\MiscStatus\1
   HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\ProgID
   HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\Programmable
   HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\TypeLib
   HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\Version
   HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\VersionIndependentProgID
   HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}
   HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\InprocServer32
   HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\InprocServer32#ThreadingModel
   HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\ProgID
   HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\Programmable
   HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\TypeLib
   HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\VersionIndependentProgID
   HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
   HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\InprocServer32
   HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\InprocServer32#ThreadingModel
   HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\ProgID
   HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\Programmable
   HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\TypeLib
   HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\VersionIndependentProgID
   HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}
   HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\Control
   HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32
   HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32#ThreadingModel
   HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus
   HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus\1
   HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\Programmable
   HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\TypeLib
   HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\Version
   HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}
   HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\Control
   HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32
   HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32#ThreadingModel
   HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus
   HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus\1
   HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\ProgID
   HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\Programmable
   HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\TypeLib
   HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\Version
   HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\VersionIndependentProgID
   HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}
   HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\Control
   HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32
   HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32#ThreadingModel
   HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus
   HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus\1
   HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\Programmable
   HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\TypeLib
   HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\Version
   HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}
   HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}\InprocServer32
   HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}\InprocServer32#ThreadingModel
   HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}
   HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\InprocServer32
   HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\InprocServer32#ThreadingModel
   HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\ProgID
   HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\Programmable
   HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\TypeLib
   HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\VersionIndependentProgID
   HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}
   HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}\InprocServer32
   HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}\InprocServer32#ThreadingModel
   HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3}
   HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3}\TreatAs
   HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}
   HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}\InprocServer32
   HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}\InprocServer32#ThreadingModel
   HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}\Programmable
   HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}\TypeLib
   HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}
   HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}\InprocServer32
   HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}\InprocServer32#ThreadingModel
   HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}\ProgID
   HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}\Programmable
   HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}\VersionIndependentProgID
   HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}
   HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\InprocServer32
   HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\InprocServer32#ThreadingModel
   HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\MiscStatus
   HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\MiscStatus\1
   HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\ProgID
   HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\Programmable
   HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\TypeLib
   HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\Version
   HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\VersionIndependentProgID
   HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}
   HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\InprocServer32
   HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\InprocServer32#ThreadingModel
   HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\MiscStatus
   HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\MiscStatus\1
   HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\ProgID
   HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\Programmable
   HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\TypeLib
   HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\Version
   HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\VersionIndependentProgID
   HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}
   HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\InprocServer32
   HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\InprocServer32#ThreadingModel
   HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\ProgID
   HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\Programmable
   HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\TypeLib
   HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\VersionIndependentProgID
   HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
   HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}\InprocServer32
   HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}\InprocServer32#ThreadingModel
   HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}\Programmable
   HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}\TypeLib
   HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}
   HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\Control
   HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\InprocServer32
   HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\InprocServer32#ThreadingModel
   HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\MiscStatus
   HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\MiscStatus\1
   HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\ProgID
   HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\Programmable
   HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\TypeLib
   HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\Version
   HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\VersionIndependentProgID
   HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
   HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}\1.0
   HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}\1.0\0
   HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}\1.0\0\win32
   HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}\1.0\FLAGS
   HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}\1.0\HELPDIR
   HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
   HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}\1.0
   HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}\1.0\0
   HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}\1.0\0\win32
   HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}\1.0\FLAGS
   HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}\1.0\HELPDIR
   HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}
   HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}\1.0
   HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}\1.0\0
   HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}\1.0\0\win32
   HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}\1.0\FLAGS
   HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}\1.0\HELPDIR
   HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}
   HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}\1.0
   HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}\1.0\0
   HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}\1.0\0\win32
   HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}\1.0\FLAGS
   HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}\1.0\HELPDIR
   HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
   HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}\1.0
   HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}\1.0\0
   HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}\1.0\0\win32
   HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}\1.0\FLAGS
   HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}\1.0\HELPDIR
   HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
   HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0
   HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\0
   HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\0\win32
   HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\FLAGS
   HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\HELPDIR
   HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
   HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}\1.0
   HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}\1.0\0
   HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}\1.0\0\win32
   HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}\1.0\FLAGS
   HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}\1.0\HELPDIR
   HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}
   HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}\1.0
   HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}\1.0\0
   HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}\1.0\0\win32
   HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}\1.0\FLAGS
   HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}\1.0\HELPDIR
   HKCR\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
   HKCR\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}\1.0
   HKCR\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}\1.0\0
   HKCR\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}\1.0\0\win32
   HKCR\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}\1.0\FLAGS
   HKCR\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}\1.0\HELPDIR
   HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
   HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid
   HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid32
   HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\TypeLib
   HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\TypeLib#Version
   HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
   HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid
   HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid32
   HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\TypeLib
   HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\TypeLib#Version
   HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
   HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\ProxyStubClsid
   HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\ProxyStubClsid32
   HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\TypeLib
   HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\TypeLib#Version
   HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
   HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\ProxyStubClsid
   HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\ProxyStubClsid32
   HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\TypeLib
   HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\TypeLib#Version
   HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
   HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\ProxyStubClsid
   HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\ProxyStubClsid32
   HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\TypeLib
   HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\TypeLib#Version
   HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
   HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\ProxyStubClsid
   HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\ProxyStubClsid32
   HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\TypeLib
   HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\TypeLib#Version
   HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
   HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\ProxyStubClsid
   HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\ProxyStubClsid32
   HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\TypeLib
   HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\TypeLib#Version
   HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
   HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid
   HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32
   HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib
   HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib#Version
   HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
   HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid
   HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32
   HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib
   HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib#Version
   HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
   HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\ProxyStubClsid
   HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\ProxyStubClsid32
   HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\TypeLib
   HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\TypeLib#Version
   HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
   HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\ProxyStubClsid
   HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\ProxyStubClsid32
   HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\TypeLib
   HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\TypeLib#Version
   HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
   HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\ProxyStubClsid
   HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\ProxyStubClsid32
   HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\TypeLib
   HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\TypeLib#Version
   HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
   HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\ProxyStubClsid
   HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\ProxyStubClsid32
   HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\TypeLib
   HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\TypeLib#Version
   HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
   HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid
   HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid32
   HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\TypeLib
   HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\TypeLib#Version
   HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
   HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid
   HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid32
   HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\TypeLib
   HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\TypeLib#Version
   HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
   HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\ProxyStubClsid
   HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\ProxyStubClsid32
   HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\TypeLib
   HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\TypeLib#Version
   HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
   HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}\ProxyStubClsid
   HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}\ProxyStubClsid32
   HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}\TypeLib
   HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}\TypeLib#Version
   HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
   HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid
   HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid32
   HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib
   HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib#Version
   HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
   HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid
   HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
   HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
   HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
   HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
   HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid
   HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
   HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
   HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
   HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
   HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid
   HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
   HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
   HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
   HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
   HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid
   HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
   HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
   HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
   HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
   HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\ProxyStubClsid
   HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\ProxyStubClsid32
   HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\TypeLib
   HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\TypeLib#Version
   HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
   HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\ProxyStubClsid
   HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\ProxyStubClsid32
   HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\TypeLib
   HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\TypeLib#Version
   HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
   HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\ProxyStubClsid
   HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\ProxyStubClsid32
   HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\TypeLib
   HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\TypeLib#Version
   HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
   HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\ProxyStubClsid
   HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\ProxyStubClsid32
   HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\TypeLib
   HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\TypeLib#Version
   HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
   HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\ProxyStubClsid
   HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\ProxyStubClsid32
   HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\TypeLib
   HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\TypeLib#Version
   HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
   HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\ProxyStubClsid
   HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\ProxyStubClsid32
   HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\TypeLib
   HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\TypeLib#Version
   HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
   HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\ProxyStubClsid
   HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\ProxyStubClsid32
   HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\TypeLib
   HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\TypeLib#Version
   HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
   HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\ProxyStubClsid
   HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\ProxyStubClsid32
   HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\TypeLib
   HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\TypeLib#Version
   HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
   HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\ProxyStubClsid
   HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\ProxyStubClsid32
   HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\TypeLib
   HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\TypeLib#Version
   HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
   HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid
   HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid32
   HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib
   HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib#Version
   HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
   HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid
   HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid32
   HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib
   HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib#Version
   HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
   HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\ProxyStubClsid
   HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\ProxyStubClsid32
   HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\TypeLib
   HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\TypeLib#Version
   HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
   HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\ProxyStubClsid
   HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\ProxyStubClsid32
   HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\TypeLib
   HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\TypeLib#Version
   HKLM\Software\FocusInteractive
   HKLM\Software\FocusInteractive\bar
   HKLM\Software\FocusInteractive\bar\Switches
   HKLM\Software\FocusInteractive\bar\Switches#incmail.exe
   HKLM\Software\FocusInteractive\bar\Switches#msimn.exe
   HKLM\Software\FocusInteractive\bar\Switches#msn.exe
   HKLM\Software\FocusInteractive\bar\Switches#outlook.exe
   HKLM\Software\FocusInteractive\bar\Switches#waol.exe
   HKLM\Software\FocusInteractive\bar\Switches#aim.exe
   HKLM\Software\FocusInteractive\bar\Switches#icq.exe
   HKLM\Software\FocusInteractive\bar\Switches#icqlite.exe
   HKLM\Software\FocusInteractive\bar\Switches#msmsgs.exe
   HKLM\Software\FocusInteractive\bar\Switches#msnmsgr.exe
   HKLM\Software\FocusInteractive\bar\Switches#ypager.exe
   HKLM\Software\FocusInteractive\bar\Switches#au
   HKLM\Software\FocusInteractive\bar\Switches#mwsSrcAs.dll
   HKLM\Software\FocusInteractive\bar\Switches#ps
   HKLM\Software\FocusInteractive\bar\Switches#ok
   HKLM\Software\FocusInteractive\bar\Switches#od
   HKLM\Software\FocusInteractive\bar\Switches#nk
   HKLM\Software\FocusInteractive\bar\Switches#nd
   HKLM\Software\FocusInteractive\Email-IM
   HKLM\Software\FocusInteractive\Email-IM\0
   HKLM\Software\FocusInteractive\Email-IM\0#Toolbar
   HKLM\Software\FocusInteractive\Email-IM\0#AppName
   HKLM\Software\FocusInteractive\Email-IM\0#Path
   HKLM\Software\FocusInteractive\Outlook
   HKLM\Software\FocusInteractive\Outlook#MyWebSearch.OutlookAddin
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall#DisplayName
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall#HelpLink
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall#Publisher
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall#UninstallString
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall#U

[mecka]

C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG
   C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL
   C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL
   C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL
   C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL
   C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL
   C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
   C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL
   C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL
   C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE
   C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV
   C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT
   C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
   C:\Program Files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG
   C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR
   C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST
   C:\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE
   C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL
   C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL
   C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE
   C:\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.EXE
   C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL
   C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR
   C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST
   C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL
   C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL
   C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL
   C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE
   C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE
   C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
   C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
   C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE
   C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL
   C:\Program Files\MyWebSearch\bar\1.bin
   C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S
   C:\Program Files\MyWebSearch\bar\Avatar
   C:\Program Files\MyWebSearch\bar\Cache\01E147C3
   C:\Program Files\MyWebSearch\bar\Cache\0280DBD0
   C:\Program Files\MyWebSearch\bar\Cache\028FF606.bin
   C:\Program Files\MyWebSearch\bar\Cache\02900BD0.bin
   C:\Program Files\MyWebSearch\bar\Cache\02900CE9.bin
   C:\Program Files\MyWebSearch\bar\Cache\02900DB5.bin
   C:\Program Files\MyWebSearch\bar\Cache\0A368C66
   C:\Program Files\MyWebSearch\bar\Cache\0A368E5A.bin
   C:\Program Files\MyWebSearch\bar\Cache\0A368FC2.bin
   C:\Program Files\MyWebSearch\bar\Cache\0A369252.bin
   C:\Program Files\MyWebSearch\bar\Cache\0A36930E.bin
   C:\Program Files\MyWebSearch\bar\Cache\0BA2BFA1.bin
   C:\Program Files\MyWebSearch\bar\Cache\0BA2C0E9.bin
   C:\Program Files\MyWebSearch\bar\Cache\0BA2C241.bin
   C:\Program Files\MyWebSearch\bar\Cache\0C8D7BFA.bin
   C:\Program Files\MyWebSearch\bar\Cache\0C8D7D23.bin
   C:\Program Files\MyWebSearch\bar\Cache\0C8D7EA9.bin
   C:\Program Files\MyWebSearch\bar\Cache\0C8D7FB3.bin
   C:\Program Files\MyWebSearch\bar\Cache\179BB881
   C:\Program Files\MyWebSearch\bar\Cache\29E8392B.bin
   C:\Program Files\MyWebSearch\bar\Cache\31467861
   C:\Program Files\MyWebSearch\bar\Cache\50C8F2E0
   C:\Program Files\MyWebSearch\bar\Cache\files.ini
   C:\Program Files\MyWebSearch\bar\Cache
   C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S
   C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S
   C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S
   C:\Program Files\MyWebSearch\bar\Game
   C:\Program Files\MyWebSearch\bar\History\search3
   C:\Program Files\MyWebSearch\bar\History
   C:\Program Files\MyWebSearch\bar\icons\CM.ICO
   C:\Program Files\MyWebSearch\bar\icons\MFC.ICO
   C:\Program Files\MyWebSearch\bar\icons\PSS.ICO
   C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO
   C:\Program Files\MyWebSearch\bar\icons\WB.ICO
   C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO
   C:\Program Files\MyWebSearch\bar\icons
   C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S
   C:\Program Files\MyWebSearch\bar\Message
   C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S
   C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S
   C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S
   C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S
   C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
   C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S
   C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S
   C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S
   C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S
   C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S
   C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S
   C:\Program Files\MyWebSearch\bar\Notifier
   C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm
   C:\Program Files\MyWebSearch\bar\Settings\setting2.htm
   C:\Program Files\MyWebSearch\bar\Settings\settings.dat
   C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat
   C:\Program Files\MyWebSearch\bar\Settings
   C:\Program Files\MyWebSearch\bar
   C:\Program Files\MyWebSearch\SrchAstt\1.bin
   C:\Program Files\MyWebSearch\SrchAstt
   C:\Program Files\MyWebSearch
   C:\Program Files\FunWebProducts\ScreenSaver\Images\0A36A405.urr
   C:\Program Files\FunWebProducts\ScreenSaver\Images
   C:\Program Files\FunWebProducts\ScreenSaver
   C:\Program Files\FunWebProducts\Shared\38428FAA.dat
   C:\Program Files\FunWebProducts\Shared\Cache\AvatarSmallBtn-new.html
   C:\Program Files\FunWebProducts\Shared\Cache\AvatarSmallBtn.html
   C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html
   C:\Program Files\FunWebProducts\Shared\Cache\FunBuddyIconBtn.html
   C:\Program Files\FunWebProducts\Shared\Cache\MailStampBtn.html
   C:\Program Files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn-new.html
   C:\Program Files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html
   C:\Program Files\FunWebProducts\Shared\Cache\MySignatureInsertBtn.html
   C:\Program Files\FunWebProducts\Shared\Cache\MySignaturePreviewBtn.html
   C:\Program Files\FunWebProducts\Shared\Cache\MyStationeryBtn.html
   C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
   C:\Program Files\FunWebProducts\Shared\Cache
   C:\Program Files\FunWebProducts\Shared
   C:\Program Files\FunWebProducts
   C:\WINDOWS\SYSTEM32\F3PSSAVR.SCR
   C:\PROGRAM FILES\INTERNET EXPLORER\MSIMG32.DLL
   C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\MSIMG32.DLL
   C:\PROGRAM FILES\WINDOWS LIVE\MESSENGER\RICHED20.DLL

Adware.Tracking Cookie
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@imrworldwide[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@insightexpressai[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@mediaplex[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@realmedia[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@smartadserver[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@linksynergy[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@pro-market[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@statcounter[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@questionmarket[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@casalemedia[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@dmtracker[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@cj[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][3].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@fastclick[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@talkstats[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@xiti[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@hitbox[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tribalfusion[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@kontera[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@apmebf[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@2o7[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@revsci[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@serving-sys[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@mywebsearch[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@rogersmedia[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@advertising[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@burstnet[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@webstat[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@burstbeacon[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@bluestreak[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@zedo[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@247realmedia[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@interclick[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adtech[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][3].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tacoda[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@aim9adtrack[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adbrite[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@pointroll[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@chitika[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tripod[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@media6degrees[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adcentriconline[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@doubleclick[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@imstat[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@networldmedia[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@atdmt[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@collective-media[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adultfriendfinder[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@avermedia-usa[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@eyewonder[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@specificclick[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@honeywell-thermostat[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][3].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@dealtime[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@clickaider[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@avermedia[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@lfstmedia[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@blackeyedpeasexperience[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@fishfinder[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@naked[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@clicksor[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@invitemedia[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adultadworld[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@mediafetcher[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adecn[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@overture[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@yieldmanager[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][4].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@myroitracking[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@trafficmp[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@bizrate[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@clickability[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@kanoodle[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][6].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@emediatrack[1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][3].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Cookies\hp_owner@nextag[2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Local Settings\Temp\Cookies\[email protected][1].txt
   C:\Documents and Settings\HP_Owner\Local Settings\Temp\Cookies\hp_owner@atdmt[2].txt
   C:\Documents and Settings\HP_Owner\Local Settings\Temp\Cookies\hp_owner@doubleclick[1].txt
   C:\Documents and Settings\HP_Owner\Local Settings\Temp\Cookies\hp_owner@indexstats[2].txt
   C:\Documents and Settings\HP_Owner\Local Settings\Temp\Cookies\hp_owner@questionmarket[2].txt
   C:\Documents and Settings\HP_Owner\Local Settings\Temp\Cookies\[email protected][2].txt
   C:\Documents and Settings\HP_Owner\Local Settings\Temp\Cookies\[email protected][1].txt

Rogue.AntivirusSoft
   HKU\S-1-5-21-4214450793-2204253846-1464747219-1009\Software\avsoft

Application.PowerReg Scheduler
   C:\DOCUMENTS AND SETTINGS\HP_OWNER\START MENU\PROGRAMS\STARTUP\POWERREG SCHEDULER V3.EXE

[mecka]

And the Malware log

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4078

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

08/05/2010 1:57:36 PM
mbam-log-2010-05-08 (13-57-36).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 296314
Time elapsed: 2 hour(s), 58 minute(s), 13 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 153
Registry Values Infected: 5
Registry Data Items Infected: 0
Folders Infected: 21
Files Infected: 107

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8e6f1832-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{e79dfbc0-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{72ee7f04-15bd-4845-a005-d6711144d86a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e79dfbc9-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e79dfbcb-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{3e720450-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e720451-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3e720453-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{adb01e81-3c79-4272-a0f1-7b2be7a782dc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.outlookaddin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{7473d290-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d291-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d293-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d295-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{7473d297-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{07b18ea0-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{07b18eaa-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{07b18eac-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{f87d7fb5-9dc5-4c8c-b998-d8dfe02e2978} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{29d67d3c-509a-4544-903f-c8c1b8236554} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2e3537fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{938aa51a-996c-4884-98ce-80dd16a5c9da} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{6e74766c-4d93-4cc0-96d1-47b8e07ff9ca} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{de38c398-b328-4f4c-a3ad-1b5e4ed93477} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25e} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e342af55-b78a-4cd0-a2bb-da7f52d9d25f} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{84da4fdf-a1cf-4195-8688-3e961f505983} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{0d26bc71-a633-4e71-ad31-eadc3a1b6a3a} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{f42228fb-e84e-479e-b922-fbbd096e792c} (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{42f2c9ba-614f-47c0-b3e3-ecfd34eed658} (Adware.ISTBar) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> No action taken.
HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kawtuamv (Rogue.AntivirusSuite.Gen) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3popularscreensavers (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\funwebproducts (Adware.MyWebSearch) -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Documents and Settings\HP_Owner\Application Data\FunWebProducts (Adware.MyWebSearch) -> No action taken.
C:\Documents and Settings\HP_Owner\Application Data\FunWebProducts\Data (Adware.MyWebSearch) -> No action taken.
C:\Documents and Settings\HP_Owner\Application Data\FunWebProducts\Data\HP_Owner (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Shared\Cache (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Avatar (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Game (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\icons (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Message (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\SrchAstt\1.bin (Adware.MyWebSearch) -> No action taken.

Files Infected:
C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\Internet Explorer\msimg32.dll (Adware.MyWebSearch) -> No action taken.
C:\Program Files\Windows Live\Messenger\msimg32.dll (Adware.MyWebSearch) -> No action taken.
C:\Program Files\Windows Live\Messenger\riched20.dll (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP1531\A0085132.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP1531\A0085133.EXE (Adware.MyWebSearch) -> No action taken.
C:\WINDOWS\system32\f3PSSavr.scr (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Images\0A36A405.urr (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Shared\38428FAA.dat (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Shared\Cache\AvatarSmallBtn-new.html (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Shared\Cache\AvatarSmallBtn.html (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Shared\Cache\FunBuddyIconBtn.html (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Shared\Cache\MailStampBtn.html (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn-new.html (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Shared\Cache\MySignatureInsertBtn.html (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Shared\Cache\MySignaturePreviewBtn.html (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Shared\Cache\MyStationeryBtn.html (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\01E147C3 (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\0280DBD0 (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\028FF606.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\02900BD0.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\02900CE9.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\02900DB5.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\0A368C66 (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\0A368E5A.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\0A368FC2.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\0A369252.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\0A36930E.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\0BA2BFA1.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\0BA2C0E9.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\0BA2C241.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\0C8D7BFA.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\0C8D7D23.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\0C8D7EA9.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\0C8D7FB3.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\179BB881 (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\29E8392B.bin (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\31467861 (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\50C8F2E0 (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Cache\files.ini (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\History\search3 (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Settings\setting2.htm (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Settings\settings.dat (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.

[mecka]

And last but not least the Combo log
ComboFix 10-05-08.02 - HP_Owner 08/05/2010  20:29:48.1.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.446.119 [GMT -5:00]
Running from: c:\documents and settings\HP_Owner\Desktop\commy.exe.exe
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\HP_Owner\LOCALS~1\Temp\IadHide5.dll
c:\documents and settings\HP_Owner\Local Settings\Temp\IadHide5.dll
c:\windows\Downloaded Program Files\f3initialsetup1.0.1.0.inf
c:\windows\Downloaded Program Files\Temp
c:\windows\system32\_004191_.tmp.dll
c:\windows\system32\_004192_.tmp.dll
c:\windows\system32\_004193_.tmp.dll
c:\windows\system32\_004194_.tmp.dll
c:\windows\system32\_004201_.tmp.dll
c:\windows\system32\_004202_.tmp.dll
c:\windows\system32\_004203_.tmp.dll
c:\windows\system32\_004204_.tmp.dll
c:\windows\system32\_004206_.tmp.dll
c:\windows\system32\_004207_.tmp.dll
c:\windows\system32\_004210_.tmp.dll
c:\windows\system32\_004211_.tmp.dll
c:\windows\system32\_004213_.tmp.dll
c:\windows\system32\_004214_.tmp.dll
c:\windows\system32\_004215_.tmp.dll
c:\windows\system32\_004217_.tmp.dll
c:\windows\system32\_004220_.tmp.dll
c:\windows\system32\_004221_.tmp.dll
c:\windows\system32\_004225_.tmp.dll
c:\windows\system32\_004226_.tmp.dll
c:\windows\system32\_004228_.tmp.dll
c:\windows\system32\_004230_.tmp.dll
c:\windows\system32\_004231_.tmp.dll
c:\windows\system32\_004233_.tmp.dll
c:\windows\system32\_004234_.tmp.dll
c:\windows\system32\_004235_.tmp.dll
c:\windows\system32\_004236_.tmp.dll
c:\windows\system32\_004237_.tmp.dll
c:\windows\system32\_004240_.tmp.dll
c:\windows\system32\_004241_.tmp.dll
c:\windows\system32\_004242_.tmp.dll
c:\windows\system32\_004243_.tmp.dll
c:\windows\system32\_004244_.tmp.dll
c:\windows\system32\_004249_.tmp.dll
c:\windows\system32\_004251_.tmp.dll
c:\windows\system32\_004252_.tmp.dll
D:\Autorun.inf

.
(((((((((((((((((((((((((   Files Created from 2010-04-09 to 2010-05-09  )))))))))))))))))))))))))))))))
.

2010-05-08 14:07 . 2010-05-08 14:07   --------   d-----w-   c:\documents and settings\HP_Owner\Application Data\Malwarebytes
2010-05-08 14:07 . 2010-04-29 20:39   38224   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-08 14:07 . 2010-05-08 14:07   --------   d-----w-   c:\documents and settings\All Users\Application Data\Malwarebytes
2010-05-08 14:07 . 2010-04-29 20:39   20952   ----a-w-   c:\windows\system32\drivers\mbam.sys
2010-05-08 14:07 . 2010-05-08 14:07   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
2010-05-08 03:22 . 2010-05-08 03:22   --------   d-----w-   c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-05-08 03:10 . 2010-05-08 03:10   --------   d-----w-   c:\program files\SUPERAntiSpyware
2010-05-08 03:10 . 2010-05-08 03:10   --------   d-----w-   c:\documents and settings\HP_Owner\Application Data\SUPERAntiSpyware.com
2010-05-08 03:07 . 2010-05-08 03:07   --------   d-----w-   c:\program files\Common Files\Wise Installation Wizard
2010-05-03 03:30 . 2010-05-03 03:30   674234368   --sha-w-   C:\NRTPage.sys
2010-05-02 22:50 . 2010-05-02 22:50   --------   d-----w-   c:\program files\AVG
2010-05-02 14:49 . 2010-05-02 14:49   --------   d-----w-   c:\program files\Trend Micro
2010-05-02 02:48 . 2010-05-02 02:48   --------   d-----w-   c:\program files\Symantec
2010-05-02 01:54 . 2010-05-08 03:06   --------   d-----w-   c:\documents and settings\HP_Owner\Local Settings\Application Data\eqanwejyb
2010-04-24 16:41 . 2010-04-24 16:41   --------   d-----w-   c:\documents and settings\All Users\Application Data\321A

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-09 01:53 . 2009-08-04 22:29   --------   d-----w-   c:\documents and settings\All Users\Application Data\Babylon
2010-05-08 19:18 . 2005-10-19 14:48   --------   d-----w-   c:\program files\Common Files\InstallShield
2010-05-08 19:18 . 2005-10-19 15:09   --------   d-----w-   c:\program files\Hewlett-Packard
2010-05-08 19:18 . 2005-10-19 14:49   --------   d--h--w-   c:\program files\InstallShield Installation Information
2010-05-02 13:26 . 2005-10-19 15:32   --------   d-----w-   c:\program files\Common Files\Symantec Shared
2010-05-02 04:18 . 2009-09-26 20:33   --------   d-----w-   c:\documents and settings\All Users\Application Data\Norton
2010-05-02 03:52 . 2009-09-26 20:32   --------   d-----w-   c:\documents and settings\All Users\Application Data\NortonInstaller
2010-05-02 03:09 . 2007-10-26 18:41   --------   d--h--w-   c:\program files\SystemA
2010-03-10 06:15 . 2004-08-04 05:00   420352   ----a-w-   c:\windows\system32\vbscript.dll
2010-03-01 03:06 . 2010-03-01 03:06   152848   ---ha-w-   c:\windows\system32\mlfcache.dat
2010-02-25 06:24 . 2004-08-04 05:00   916480   ----a-w-   c:\windows\system32\wininet.dll
2010-02-24 13:11 . 2008-08-27 02:56   455680   ----a-w-   c:\windows\system32\drivers\mrxsmb.sys
2010-02-16 14:08 . 2008-08-27 02:56   2146304   ----a-w-   c:\windows\system32\ntoskrnl.exe
2010-02-16 13:25 . 2008-08-27 02:56   2024448   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2010-02-14 01:36 . 2005-12-25 06:07   399856   ----a-w-   c:\documents and settings\HP_Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-02-12 04:33 . 2004-08-04 05:00   100864   ----a-w-   c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2008-08-27 02:56   226880   ----a-w-   c:\windows\system32\drivers\tcpip6.sys
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{2558d83c-097c-4cf1-9163-ce5ecc36ace2}"= "c:\program files\MapQuest Toolbar\mapquesttb.dll" [2009-03-11 1291560]
"{5ba73b24-4614-4d17-b58e-0d9d95847e14}"= "c:\program files\AIR MILES TOOLBAR\Helper.dll" [2009-05-11 219648]

[HKEY_CLASSES_ROOT\clsid\{2558d83c-097c-4cf1-9163-ce5ecc36ace2}]
[HKEY_CLASSES_ROOT\mapquestTb.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{e3a72ce3-87ab-41bc-a506-d0c507d265f3}]
[HKEY_CLASSES_ROOT\mapquestTb.AOLTBSearch]

[HKEY_CLASSES_ROOT\clsid\{5ba73b24-4614-4d17-b58e-0d9d95847e14}]
[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{DF11073E-3AFF-410F-9AC8-72459F32C80F}]
[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{169A78DB-CFC2-4DA4-A9BD-A67B28D41FA7}]
2009-05-11 12:05   1292288   ----a-w-   c:\program files\AIR MILES TOOLBAR\Toolbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bd3fd433-147a-482e-a192-614f26e2310c}]
2009-03-11 19:39   1291560   ----a-w-   c:\program files\MapQuest Toolbar\mapquesttb.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CFC4F59B-A2DA-4e12-B337-52A4F871E10C}]
2009-06-30 11:03   398784   ----a-w-   c:\program files\Shareaza Applications\Shareaza\ShareazaIEHelper.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{196C3A46-4758-433D-A600-802C804AF39C}"= "c:\program files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll" [2009-06-30 529856]
"{9302e698-7e00-43ab-b867-c6e759bc2ada}"= "c:\program files\MapQuest Toolbar\mapquesttb.dll" [2009-03-11 1291560]

[HKEY_CLASSES_ROOT\clsid\{196c3a46-4758-433d-a600-802c804af39c}]
[HKEY_CLASSES_ROOT\ShareazaMediaBar.StockBar.1]
[HKEY_CLASSES_ROOT\TypeLib\{89807A16-AC31-4449-AB91-06A753813543}]
[HKEY_CLASSES_ROOT\ShareazaMediaBar.StockBar]

[HKEY_CLASSES_ROOT\clsid\{9302e698-7e00-43ab-b867-c6e759bc2ada}]
[HKEY_CLASSES_ROOT\mapquestTb.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{e3a72ce3-87ab-41bc-a506-d0c507d265f3}]
[HKEY_CLASSES_ROOT\mapquestTb.AOLToolBand]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{789D9334-A44A-486E-8234-313A78E66E61}"= "c:\program files\AIR MILES TOOLBAR\Toolbar.dll" [2009-05-11 1292288]
"{196C3A46-4758-433D-A600-802C804AF39C}"= "c:\program files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll" [2009-06-30 529856]
"{9302E698-7E00-43AB-B867-C6E759BC2ADA}"= "c:\program files\MapQuest Toolbar\mapquesttb.dll" [2009-03-11 1291560]

[HKEY_CLASSES_ROOT\clsid\{789d9334-a44a-486e-8234-313a78e66e61}]
[HKEY_CLASSES_ROOT\FCTB000056939.IEToolbar.3]
[HKEY_CLASSES_ROOT\TypeLib\{8518B5E9-EDF5-4BDA-B5D3-4AA044EC072D}]
[HKEY_CLASSES_ROOT\FCTB000056939.IEToolbar]

[HKEY_CLASSES_ROOT\clsid\{196c3a46-4758-433d-a600-802c804af39c}]
[HKEY_CLASSES_ROOT\ShareazaMediaBar.StockBar.1]
[HKEY_CLASSES_ROOT\TypeLib\{89807A16-AC31-4449-AB91-06A753813543}]
[HKEY_CLASSES_ROOT\ShareazaMediaBar.StockBar]

[HKEY_CLASSES_ROOT\clsid\{9302e698-7e00-43ab-b867-c6e759bc2ada}]
[HKEY_CLASSES_ROOT\mapquestTb.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{e3a72ce3-87ab-41bc-a506-d0c507d265f3}]
[HKEY_CLASSES_ROOT\mapquestTb.AOLToolBand]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmileboxTray"="c:\documents and settings\HP_Owner\Application Data\Smilebox\SmileboxTray.exe" [2009-07-31 266888]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-05-06 2017280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-01 49152]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-02-25 245760]
"SMSERIAL"="sm56hlpr.exe" [2005-01-24 544768]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2005-10-19 180269]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]
"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-30 155648]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 69632]
"Babylon Client"="c:\program files\Babylon\Babylon-Pro\Babylon.exe" [2009-08-03 3730832]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"USBToolTip"="c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" [2007-02-20 199752]
"USB2Check"="c:\windows\system32\PCLECoInst.dll" [2006-11-06 81920]
"ScanSoft OmniPage SE 4.0-reminder"="c:\program files\ScanSoft\OmniPageSE4.0\Ereg\Ereg.exe" [2005-06-03 729088]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-02-16 141608]

c:\documents and settings\HP_Owner\Start Menu\Programs\Startup\
Microsoft Find Fast.lnk - c:\program files\Microsoft Office\Office\FINDFAST.EXE [1996-11-21 111376]
Office Startup.lnk - c:\program files\Microsoft Office\Office\OSA.EXE [1996-11-21 51984]
PowerReg Scheduler V3.exe [2006-3-27 225280]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Event Reminder.lnk - c:\program files\The Print Shop 23\Remind.exe [2008-7-16 344064]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-12 282624]
Reality Fusion GameCam SE.lnk - c:\program files\Reality Fusion\Reality Fusion GameCam SE\Program\RFTRay.exe [2000-7-10 323584]
Updates from HP.lnk - c:\program files\Updates from HP\9972322\Program\Updates from HP.exe [2005-10-19 36903]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-10-14 2049344]
WDSmartWare.lnk - c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-10-14 9085760]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 20:21   548352   ----a-w-   c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\SystemA\\uninstall.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Shareaza Applications\\Shareaza\\Shareaza.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17/02/2010 11:25 AM 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [06/05/2010 5:10 PM 68168]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [06/05/2008 5:06 PM 11520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx   REG_MULTI_SZ      scan
.
Contents of the 'Scheduled Tasks' folder

2010-04-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]

2010-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 03:35]

2010-05-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 03:35]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ca/
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_CA&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_CA&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
uInternet Settings,ProxyServer = http=127.0.0.1:5555
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{B2E293EE-FD7E-4C71-A714-5F4750D8D7B7} - (no file)
HKCU-Run-WebCamRT.exe - (no file)
HKLM-Run-PCDrProfiler - (no file)
Notify-NavLogon - (no file)
AddRemove-Marine Aquarium 2.5, Goldfish, Sharks & Carousel Bundle - c:\program files\Prolific Publishing



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-08 20:50
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(544)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(1564)
c:\windows\system32\WININET.dll
c:\docume~1\HP_Owner\LOCALS~1\Temp\IadHide5.dll
c:\program files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll
c:\windows\system32\ieframe.dll
c:\program files\Babylon\Babylon-Pro\Captlib.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\windows\sm56hlpr.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\windows\system32\wscntfy.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2010-05-08  21:06:49 - machine was rebooted
ComboFix-quarantined-files.txt  2010-05-09 02:06

Pre-Run: 101,960,863,744 bytes free
Post-Run: 103,655,743,488 bytes free

- - End Of File - - 9F4C75DC16C6FC3BAAB48416D5DB4987

[SuperDave]

Please re-open Malwarebytes, click the Update tab, and click Check for Updates. Then, click the Scanner tab, select Perform Quick Scan, and press Scan. Remove selected, and post the log in your next reply..

===================================
Download Security Check by screen317 from one of the following links and save it to your desktop.

Link 1
Link 2

* Unzip SecurityCheck.zip and a folder named Security Check should appear.
* Open the Security Check folder and double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.
======================================

P2P - I see you have P2P software installed on your machine. (Shareaza) We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It is certainly contributing to your current situation.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

I would strongly recommend that you uninstall them, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.
======================================
Re-running ComboFix to remove infections:

• Close any open browsers.
• Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
• Open notepad and copy/paste the text in the quotebox below into it:
  

  KillAll::
  
  DDS::
  uInternet Settings,ProxyServer = http=127.0.0.1:5555
  
  
• Save this as CFScript.txt, in the same location as ComboFix.exe
  
  
  
  
• Referring to the picture above, drag CFScript into ComboFix.exe
• When finished, it shall produce a log for you at C:\ComboFix.txt
  
• Please post the contents of the log in your next reply.

=====================
Next post, please include MBAM, Security Check and ComboFix logs.

[mecka]

Here is the MBAM log
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4084

Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

09/05/2010 9:15:22 PM
mbam-log-2010-05-09 (21-15-22).txt

Scan type: Quick scan
Objects scanned: 129529
Time elapsed: 9 minute(s), 58 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Smart-Shopper (Adware.SmartShopper) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)






And Security Check log

 Results of screen317's Security Check version 0.99.4 
 Windows XP Service Pack 3 
 Internet Explorer 8 
``````````````````````````````
Antivirus/Firewall Check:
 Windows Firewall Enabled! 
```````````````````````````````
Anti-malware/Other Utilities Check:
 Malwarebytes' Anti-Malware   
 Adobe Flash Player   
Adobe Reader 9.2
Out of date Adobe Reader installed!
````````````````````````````````
Process Check: 
objlist.exe by Laurent
````````````````````````````````
DNS Vulnerability Check:
 GREAT! (Not vulnerable to DNS cache poisoning)

``````````End of Log````````````

[mecka]

And the Combo log
ComboFix 10-05-09.01 - HP_Owner 09/05/2010  21:28:12.2.1 - x86
Microsoft Windows XP Home Edition  5.1.2600.3.1252.1.1033.18.446.155 [GMT -5:00]
Running from: c:\documents and settings\HP_Owner\Desktop\commy.exe.exe
Command switches used :: c:\documents and settings\HP_Owner\Desktop\cfscript.txt.txt
.

(((((((((((((((((((((((((   Files Created from 2010-04-10 to 2010-05-10  )))))))))))))))))))))))))))))))
.

2010-05-08 14:07 . 2010-05-08 14:07   --------   d-----w-   c:\documents and settings\HP_Owner\Application Data\Malwarebytes
2010-05-08 14:07 . 2010-04-29 20:39   38224   ----a-w-   c:\windows\system32\drivers\mbamswissarmy.sys
2010-05-08 14:07 . 2010-05-08 14:07   --------   d-----w-   c:\documents and settings\All Users\Application Data\Malwarebytes
2010-05-08 14:07 . 2010-04-29 20:39   20952   ----a-w-   c:\windows\system32\drivers\mbam.sys
2010-05-08 14:07 . 2010-05-08 14:07   --------   d-----w-   c:\program files\Malwarebytes' Anti-Malware
2010-05-08 03:22 . 2010-05-08 03:22   --------   d-----w-   c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2010-05-08 03:10 . 2010-05-08 03:10   --------   d-----w-   c:\program files\SUPERAntiSpyware
2010-05-08 03:10 . 2010-05-08 03:10   --------   d-----w-   c:\documents and settings\HP_Owner\Application Data\SUPERAntiSpyware.com
2010-05-08 03:07 . 2010-05-08 03:07   --------   d-----w-   c:\program files\Common Files\Wise Installation Wizard
2010-05-03 03:30 . 2010-05-03 03:30   674234368   --sha-w-   C:\NRTPage.sys
2010-05-02 22:50 . 2010-05-02 22:50   --------   d-----w-   c:\program files\AVG
2010-05-02 14:49 . 2010-05-02 14:49   --------   d-----w-   c:\program files\Trend Micro
2010-05-02 02:48 . 2010-05-02 02:48   --------   d-----w-   c:\program files\Symantec
2010-05-02 01:54 . 2010-05-08 03:06   --------   d-----w-   c:\documents and settings\HP_Owner\Local Settings\Application Data\eqanwejyb
2010-04-24 16:41 . 2010-04-24 16:41   --------   d-----w-   c:\documents and settings\All Users\Application Data\321A

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-05-09 20:36 . 2009-05-24 22:19   --------   d-----w-   c:\program files\Shareaza Applications
2010-05-08 19:18 . 2005-10-19 14:48   --------   d-----w-   c:\program files\Common Files\InstallShield
2010-05-08 19:18 . 2005-10-19 15:09   --------   d-----w-   c:\program files\Hewlett-Packard
2010-05-08 19:18 . 2005-10-19 14:49   --------   d--h--w-   c:\program files\InstallShield Installation Information
2010-05-02 13:26 . 2005-10-19 15:32   --------   d-----w-   c:\program files\Common Files\Symantec Shared
2010-05-02 04:18 . 2009-09-26 20:33   --------   d-----w-   c:\documents and settings\All Users\Application Data\Norton
2010-05-02 03:52 . 2009-09-26 20:32   --------   d-----w-   c:\documents and settings\All Users\Application Data\NortonInstaller
2010-05-02 03:09 . 2007-10-26 18:41   --------   d--h--w-   c:\program files\SystemA
2010-03-10 06:15 . 2004-08-04 05:00   420352   ----a-w-   c:\windows\system32\vbscript.dll
2010-03-01 03:06 . 2010-03-01 03:06   152848   ---ha-w-   c:\windows\system32\mlfcache.dat
2010-02-25 06:24 . 2004-08-04 05:00   916480   ----a-w-   c:\windows\system32\wininet.dll
2010-02-24 13:11 . 2008-08-27 02:56   455680   ----a-w-   c:\windows\system32\drivers\mrxsmb.sys
2010-02-16 14:08 . 2008-08-27 02:56   2146304   ----a-w-   c:\windows\system32\ntoskrnl.exe
2010-02-16 13:25 . 2008-08-27 02:56   2024448   ----a-w-   c:\windows\system32\ntkrnlpa.exe
2010-02-14 01:36 . 2005-12-25 06:07   399856   ----a-w-   c:\documents and settings\HP_Owner\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-02-12 04:33 . 2004-08-04 05:00   100864   ----a-w-   c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2008-08-27 02:56   226880   ----a-w-   c:\windows\system32\drivers\tcpip6.sys
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{2558d83c-097c-4cf1-9163-ce5ecc36ace2}"= "c:\program files\MapQuest Toolbar\mapquesttb.dll" [2009-03-11 1291560]
"{5ba73b24-4614-4d17-b58e-0d9d95847e14}"= "c:\program files\AIR MILES TOOLBAR\Helper.dll" [2009-05-11 219648]

[HKEY_CLASSES_ROOT\clsid\{2558d83c-097c-4cf1-9163-ce5ecc36ace2}]
[HKEY_CLASSES_ROOT\mapquestTb.AOLTBSearch.1]
[HKEY_CLASSES_ROOT\TypeLib\{e3a72ce3-87ab-41bc-a506-d0c507d265f3}]
[HKEY_CLASSES_ROOT\mapquestTb.AOLTBSearch]

[HKEY_CLASSES_ROOT\clsid\{5ba73b24-4614-4d17-b58e-0d9d95847e14}]
[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1]
[HKEY_CLASSES_ROOT\TypeLib\{DF11073E-3AFF-410F-9AC8-72459F32C80F}]
[HKEY_CLASSES_ROOT\FreeCauseURLSearchHook.FCToolbarURLSearchHook]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{169A78DB-CFC2-4DA4-A9BD-A67B28D41FA7}]
2009-05-11 12:05   1292288   ----a-w-   c:\program files\AIR MILES TOOLBAR\Toolbar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{bd3fd433-147a-482e-a192-614f26e2310c}]
2009-03-11 19:39   1291560   ----a-w-   c:\program files\MapQuest Toolbar\mapquesttb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{196C3A46-4758-433D-A600-802C804AF39C}"= "c:\program files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll" [2009-06-30 529856]
"{9302e698-7e00-43ab-b867-c6e759bc2ada}"= "c:\program files\MapQuest Toolbar\mapquesttb.dll" [2009-03-11 1291560]

[HKEY_CLASSES_ROOT\clsid\{196c3a46-4758-433d-a600-802c804af39c}]
[HKEY_CLASSES_ROOT\ShareazaMediaBar.StockBar.1]
[HKEY_CLASSES_ROOT\TypeLib\{89807A16-AC31-4449-AB91-06A753813543}]
[HKEY_CLASSES_ROOT\ShareazaMediaBar.StockBar]

[HKEY_CLASSES_ROOT\clsid\{9302e698-7e00-43ab-b867-c6e759bc2ada}]
[HKEY_CLASSES_ROOT\mapquestTb.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{e3a72ce3-87ab-41bc-a506-d0c507d265f3}]
[HKEY_CLASSES_ROOT\mapquestTb.AOLToolBand]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{789D9334-A44A-486E-8234-313A78E66E61}"= "c:\program files\AIR MILES TOOLBAR\Toolbar.dll" [2009-05-11 1292288]
"{196C3A46-4758-433D-A600-802C804AF39C}"= "c:\program files\Shareaza Applications\Shareaza MediaBar\ShareazaMediaBar.dll" [2009-06-30 529856]
"{9302E698-7E00-43AB-B867-C6E759BC2ADA}"= "c:\program files\MapQuest Toolbar\mapquesttb.dll" [2009-03-11 1291560]

[HKEY_CLASSES_ROOT\clsid\{789d9334-a44a-486e-8234-313a78e66e61}]
[HKEY_CLASSES_ROOT\FCTB000056939.IEToolbar.3]
[HKEY_CLASSES_ROOT\TypeLib\{8518B5E9-EDF5-4BDA-B5D3-4AA044EC072D}]
[HKEY_CLASSES_ROOT\FCTB000056939.IEToolbar]

[HKEY_CLASSES_ROOT\clsid\{196c3a46-4758-433d-a600-802c804af39c}]
[HKEY_CLASSES_ROOT\ShareazaMediaBar.StockBar.1]
[HKEY_CLASSES_ROOT\TypeLib\{89807A16-AC31-4449-AB91-06A753813543}]
[HKEY_CLASSES_ROOT\ShareazaMediaBar.StockBar]

[HKEY_CLASSES_ROOT\clsid\{9302e698-7e00-43ab-b867-c6e759bc2ada}]
[HKEY_CLASSES_ROOT\mapquestTb.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{e3a72ce3-87ab-41bc-a506-d0c507d265f3}]
[HKEY_CLASSES_ROOT\mapquestTb.AOLToolBand]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmileboxTray"="c:\documents and settings\HP_Owner\Application Data\Smilebox\SmileboxTray.exe" [2009-07-31 266888]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-05-06 2017280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-01 49152]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-02-25 245760]
"SMSERIAL"="sm56hlpr.exe" [2005-01-24 544768]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2005-10-19 180269]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]
"KBD"="c:\hp\KBD\KBD.EXE" [2005-02-02 61440]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-09-30 155648]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe" [2006-03-21 69632]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"USBToolTip"="c:\progra~1\Pinnacle\SHARED~1\Programs\USBTip\USBTip.exe" [2007-02-20 199752]
"USB2Check"="c:\windows\system32\PCLECoInst.dll" [2006-11-06 81920]
"ScanSoft OmniPage SE 4.0-reminder"="c:\program files\ScanSoft\OmniPageSE4.0\Ereg\Ereg.exe" [2005-06-03 729088]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-02-16 141608]

c:\documents and settings\HP_Owner\Start Menu\Programs\Startup\
Microsoft Find Fast.lnk - c:\program files\Microsoft Office\Office\FINDFAST.EXE [1996-11-21 111376]
Office Startup.lnk - c:\program files\Microsoft Office\Office\OSA.EXE [1996-11-21 51984]
PowerReg Scheduler V3.exe [2006-3-27 225280]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Event Reminder.lnk - c:\program files\The Print Shop 23\Remind.exe [2008-7-16 344064]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-12 282624]
Reality Fusion GameCam SE.lnk - c:\program files\Reality Fusion\Reality Fusion GameCam SE\Program\RFTRay.exe [2000-7-10 323584]
Updates from HP.lnk - c:\program files\Updates from HP\9972322\Program\Updates from HP.exe [2005-10-19 36903]
WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2009-10-14 2049344]
WDSmartWare.lnk - c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWare.exe [2009-10-14 9085760]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2009-09-03 20:21   548352   ----a-w-   c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"FirewallOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Updates from HP\\9972322\\Program\\Updates from HP.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=
"c:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"c:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"c:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\SystemA\\uninstall.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\WINDOWS\\system32\\rtcshare.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\RM.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\Studio.exe"=
"c:\\Program Files\\Pinnacle\\Studio 12\\Programs\\umi.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17/02/2010 11:25 AM 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [06/05/2010 5:10 PM 68168]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [03/02/2010 10:35 PM 135664]
S3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [06/05/2008 5:06 PM 11520]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx   REG_MULTI_SZ      scan
.
Contents of the 'Scheduled Tasks' folder

2010-04-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 18:34]

2010-05-10 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 03:35]

2010-05-10 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-02-04 03:35]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.ca/
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_CA&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_CA&c=Q405&bd=pavilion&pf=desktop&parm1=seconduser
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: E&xport to Microsoft Excel - c:\progra~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html
IE: Translate this web page with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-05-09 21:41
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ... 

scanning hidden autostart entries ...

scanning hidden files ... 

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(544)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\windows\system32\WININET.dll
c:\windows\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(3644)
c:\windows\system32\WININET.dll
c:\docume~1\HP_Owner\LOCALS~1\Temp\IadHide5.dll
c:\program files\ScanSoft\OmniPageSE4.0\OpHookSE4.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.4053_x-ww_e6967989\MSVCR80.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\LightScribe\LSSrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe
c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe
c:\windows\sm56hlpr.exe
c:\windows\system32\wscntfy.exe
c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\program files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Completion time: 2010-05-09  21:56:31 - machine was rebooted
ComboFix-quarantined-files.txt  2010-05-10 02:56
ComboFix2.txt  2010-05-09 02:06

Pre-Run: 104,088,989,696 bytes free
Post-Run: 104,048,324,608 bytes free

- - End Of File - - 2BADF9F8A388C760F0E860EDB8780DC7

[SuperDave]

As you stated at the begining, you don't have any antivirus software.

Before we continue download and install a free antivirus.

Remember to only install one antivirus!
I would recommend MicroSoft Security Essentials. Very efficient and not a resource hog.

1) Avast! Home Edition
2) AVG Free Edition
3) Avira AntiVir Personal
4) Microsoft Security Essentials for Windows Vista\Windows 7 - 64 bit Download
4-a) Microsoft Security Essentials for Windows XP
5) Comodo Antivirus (Uncheck during installation "Install Comodo SafeSurf..", Make Comodo my default search provider" and "Make Comodo Search my homepage" if you choose this one)
6) PC Tools AntiVirus Free Edition

It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts. If you choose to install more than one antivirus program on your computer, then only one of them should be active in memory at a time.

=====================================

I'd like us to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

• Click on to download the ESET Smart Installer. Save it to your desktop.
  
• Double click on the icon on your desktop.
  

•Check
•Click the button.
•Accept any security warnings from your browser.
•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the button.
•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt
====================================
Please tell me how your computer is running now.

[mecka]

Eset scan  file
C:\System Volume Information\_restore{A2578CBA-012A-4EE9-9E3D-27D3F494A2B6}\RP1538\A0087723.exe   a variant of Win32/Adware.Toolbar.Shopper.AA application   deleted - quarantined

[mecka]

Computer is operating just fine,also installed Microsoft Essentials anti virus and did not slow computer down at all.