Author Topic: Antivirus studios 2010 (Read 6005 times)

SPEEDDRUG · « **on:** October 05, 2010, 08:31:23 PM »

Some how Antivirus studios 2010 was installed onto my laptop. I downloaded and followed all the steps and these are the logs..The antivirus is still on my computer and i cant delete it.

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/05/2010 at 08:26 PM

Application Version : 4.44.1000

Core Rules Database Version : 0
Trace Rules Database Version: 3422

Scan type : Quick Scan
Total Scan Time : 00:39:02

Memory items scanned : 553
Memory threats detected : 0
Registry items scanned : 1533
Registry threats detected : 120
File items scanned : 37318
File threats detected : 292

Adware.MyWebSearch/FunWebProducts
   HKLM\SOFTWARE\Fun Web Products
   HKLM\SOFTWARE\Fun Web Products#JpegConversionLib
   HKLM\SOFTWARE\Fun Web Products#CacheDir
   HKLM\SOFTWARE\Fun Web Products\ScreenSaver
   HKLM\SOFTWARE\Fun Web Products\ScreenSaver#ImagesDir
   HKLM\SOFTWARE\Fun Web Products\Settings
   HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn
   HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn#LastHTMLMenuURL
   HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn#HTMLMenuRevision
   HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn#ETag
   HKLM\SOFTWARE\Fun Web Products\Settings\MailStampBtn
   HKLM\SOFTWARE\Fun Web Products\Settings\MailStampBtn#LastHTMLMenuURL
   HKLM\SOFTWARE\Fun Web Products\Settings\MailStampBtn#HTMLMenuRevision
   HKLM\SOFTWARE\Fun Web Products\Settings\MailStampBtn#ETag
   HKLM\SOFTWARE\Fun Web Products\Settings\MyStationeryBtn
   HKLM\SOFTWARE\Fun Web Products\Settings\MyStationeryBtn#LastHTMLMenuURL
   HKLM\SOFTWARE\Fun Web Products\Settings\MyStationeryBtn#HTMLMenuRevision
   HKLM\SOFTWARE\Fun Web Products\Settings\MyStationeryBtn#ETag
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextNone.numActive
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextNone.0
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyFreqNone
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextUninstalled.numActive
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextUninstalled.0
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyFreqUninstalled
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.numActive
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.numActive2
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.1
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.2
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.3
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.4
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.5
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.6
   HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.7
   HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn
   HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#HTMLMenuPosDeleted
   HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#LastHTMLMenuURL
   HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#HTMLMenuRevision
   HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#ETag
   HKU\S-1-5-21-3460985270-3255328264-557960363-1007\SOFTWARE\FunWebProducts
   HKLM\SOFTWARE\FunWebProducts
   HKLM\SOFTWARE\FunWebProducts\Installer
   HKLM\SOFTWARE\FunWebProducts\Installer#Dir
   HKLM\SOFTWARE\FunWebProducts\Installer#CurInstall
   HKLM\SOFTWARE\FunWebProducts\Installer#sr
   HKLM\SOFTWARE\FunWebProducts\Installer#pl
   HKLM\SOFTWARE\FunWebProducts\Installer#CheckForConnection
   HKLM\SOFTWARE\FunWebProducts\Installer#CacheDir
   HKLM\SOFTWARE\FunWebProducts\Installer\downloaded
   HKU\S-1-5-21-3460985270-3255328264-557960363-1007\SOFTWARE\MyWebSearch
   HKLM\SOFTWARE\MyWebSearch
   HKLM\SOFTWARE\MyWebSearch\bar
   HKLM\SOFTWARE\MyWebSearch\bar#pid
   HKLM\SOFTWARE\MyWebSearch\bar#Dir
   HKLM\SOFTWARE\MyWebSearch\bar#PluginPath
   HKLM\SOFTWARE\MyWebSearch\bar#CurInstall
   HKLM\SOFTWARE\MyWebSearch\bar#SettingsDir
   HKLM\SOFTWARE\MyWebSearch\bar#sr
   HKLM\SOFTWARE\MyWebSearch\bar#pl
   HKLM\SOFTWARE\MyWebSearch\bar#Id
   HKLM\SOFTWARE\MyWebSearch\bar#CacheDir
   HKLM\SOFTWARE\MyWebSearch\bar#ConfigDateStamp
   HKLM\SOFTWARE\MyWebSearch\bar#HTMLMenuRevision
   HKLM\SOFTWARE\MyWebSearch\bar#sscSet
   HKLM\SOFTWARE\MyWebSearch\bar#sscLabel
   HKLM\SOFTWARE\MyWebSearch\bar#sscURL
   HKLM\SOFTWARE\MyWebSearch\bar#Flags
   HKLM\SOFTWARE\MyWebSearch\bar#HistoryDir
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#pid
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#Dir
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#esh
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#lsp
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#CurInstall
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#sr
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#pl
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#Id
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#ConfigDateStamp
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#ABS
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#DES
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#eintl
   HKLM\SOFTWARE\MyWebSearch\SearchAssistant#fs
   HKLM\SOFTWARE\MyWebSearch\SkinTools
   HKLM\SOFTWARE\MyWebSearch\SkinTools#PlayerPath
   HKCR\MyWebSearch.PseudoTransparentPlugin
   HKCR\MyWebSearch.PseudoTransparentPlugin\CLSID
   HKCR\MyWebSearch.PseudoTransparentPlugin\CurVer
   HKCR\MyWebSearch.PseudoTransparentPlugin.1
   HKCR\MyWebSearch.PseudoTransparentPlugin.1\CLSID
   HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
   HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}\TreatAs
   HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}
   HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}\InprocServer32
   HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}\InprocServer32#ThreadingModel
   HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3}
   HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3}\TreatAs
   HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
   HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid
   HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32
   HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib
   HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib#Version
   HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
   HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid
   HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid32
   HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib
   HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib#Version

Adware.ClickSpring/Outer Info Network
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#Publisher
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#DisplayName
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#UninstallString
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#HelpLink
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#InstallLocation
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#NoModify
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#NoRepair
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#DisplayVersion
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#DisplayIcon
   C:\Program Files\Outerinfo\FF\chrome.manifest
   C:\Program Files\Outerinfo\FF\components\OuterinfoAds.xpt
   C:\Program Files\Outerinfo\FF\components
   C:\Program Files\Outerinfo\FF\install.rdf
   C:\Program Files\Outerinfo\FF
   C:\Program Files\Outerinfo\Terms.rtf
   C:\Program Files\Outerinfo

Adware.AdSponsor/ISM
   HKU\S-1-5-21-3460985270-3255328264-557960363-1007\Software\antica

Adware.WinTouch/XInside
   C:\Program Files\InetGet2

Trojan.Unclassified/NVCOI
   C:\Program Files\Temporary

Disabled.SecurityCenterOption
   HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#ANTIVIRUSDISABLENOTIFY
   HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#FIREWALLDISABLENOTIFY
   HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#UPDATESDISABLENOTIFY

Adware.Tracking Cookie
   cdn4.specificclick.net [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
   content.yieldmanager.edgesuite.net [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
   core.insightexpressai.com [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
   ia.media-imdb.com [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
   interclick.com [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
   m1.2mdn.net [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
   media.tattomedia.com [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
   media1.break.com [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
   secure-us.imrworldwide.com [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
   smedia.gofightlive.tv [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
   vhss-a.oddcast.com [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
   wdpromedia.com [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
   wdw1.wdpromedia.com [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen [email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen [email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen [email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@247realmedia[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@2o7[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@2o7[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@accountonline[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@adbrite[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@adcentriconline[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@adinterax[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@adlegend[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][3].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@adtech[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@advertising[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@advertising[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@advertising[3].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@adxpose[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@apmebf[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][3].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@atdmt[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@atwola[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@azjmp[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@babynamescountry[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@bfast[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@bizrate[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@bluestreak[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@bookfinder[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@burstbeacon[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@burstnet[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@casalemedia[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@chitika[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@collective-media[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][3].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@countrywide[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@da-tracking[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@dealtime[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@dmtracker[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@doubleclick[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@enhance[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@eyewonder[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@fastclick[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@findology[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@hitbox[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@imrworldwide[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@incentaclick[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@indexstats[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@insightexpressai[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@interclick[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@invitemedia[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@kontera[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@lfstmedia[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@linksynergy[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@liveperson[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@liveperson[3].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@liveperson[4].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@liveperson[5].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@liveperson[6].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@liveperson[7].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@liveperson[8].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@lucidmedia[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@media6degrees[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@mediabrandsww[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@mediaplex[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@mediatraffic[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@missionfinder[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][3].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@nextag[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@oddcast[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@overture[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@partner2profit[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@pointroll[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@pro-market[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@proelite[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@questionmarket[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@realmedia[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@revenue[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@revsci[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@roiservice[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@ru4[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][10].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][3].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][4].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][5].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][6].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][7].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][8].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][9].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][3].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@serving-sys[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@simplymedia[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@spamblockerutility[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@specificclick[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@specificmedia[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@statcounter[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@tacoda[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@tacoda[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@thefind[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@ticketsnow[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@toseeka[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@tradedoubler[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@trafficmp[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@traveladvertising[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@tribalfusion[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@valueclick[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@webstatsmaster[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][3].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][4].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][5].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\[email protected][2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@yieldmanager[1].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@yieldmanager[2].txt
   C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@zedo[1].txt
_______________________________________ _______________________________________ ____________________________

Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4749

Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13

10/5/2010 9:07:53 PM
mbam-log-2010-10-05 (21-07-53).txt

Scan type: Quick scan
Objects scanned: 185882
Time elapsed: 23 minute(s), 29 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 10
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 2
Files Infected: 45

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{875a1348-7674-42aa-adac-b4f36a004a2d} (Adware.Adband) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a26f07f-0d60-4835-91cf-1e1766a0ec56} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WinAble (Trojan.Adloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.starsdoor.com (Backdoor.Bot) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Documents and Settings\DAVID PALOMINO\Local Settings\Application Data\av.exe" /START "C:\Program Files\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> Quarantined and deleted successfully.

Folders Infected:
C:\Program Files\Insider (Adware.DnsInsider) -> Quarantined and deleted successfully.
C:\Documents and Settings\EILEEN PALOMINO\Start Menu\Programs\Outerinfo (Malware.Trace) -> Quarantined and deleted successfully.

Files Infected:
C:\Program Files\Common Files\Yazzle1560OinUninstaller.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\Documents and Settings\EILEEN PALOMINO\Start Menu\Programs\Outerinfo\Terms.lnk (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\EILEEN PALOMINO\Start Menu\Programs\Outerinfo\Uninstall.lnk (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\EILEEN PALOMINO\Desktop\Click to Find and Fix Errors.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ClickToFindandFixErrors_US.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\02c9c3c35bdx5.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\17dkf.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\472a10e2ebxd9.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\56493.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\alerfa.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\backd-efq.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\cosock.exe (Trojan.FakeAlert) -> Delete on reboot.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\cunifuc.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\dc_3.exe (Trojan.FakeSmoke) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\dd10x10.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\ddhelp.exe (Trojan.FakeSmoke) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\ddoll3342.exe (Trojan.FakeAlert) -> Delete on reboot.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\dkfjd93.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\ds7hw.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\eelnvd13.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\eephilpe.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\fe.exe (Trojan.FakeSmoke) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\gedx_ae09.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\gpupz2a.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\hhbboll_2.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\hiphop.exe (Trojan.FakeSmoke) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\hodeme.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\hvipws9.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\jdhellwo3.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\kilslmd.exex (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\kjdh_gf_jjdhgd.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\lols.exe (Trojan.FakeSmoke) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\lorsk.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\ppddfcfux.exxe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\pswwg3c.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\qwedvor.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\qwklrvjhqlkj.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\rator.exe (Trojan.FakeSmoke) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\snowif.exe (Trojan.FakeSmoke) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\sycre.exe (Trojan.FakeSmoke) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\timem.exe (Trojan.FakeSmoke) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\wergfq.exe (Trojan.FakeSmoke) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\winlogoff.exe (Trojan.FakeSmoke) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\wrcud12.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\wrfwe_di.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
_______________________________________ _______________________________________ _______________________________

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:21:42 PM, on 10/5/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17080)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Emsisoft\Online Armor\OAcat.exe
C:\Program Files\Emsisoft\Online Armor\oasrv.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\program files\quicktime\qtsystem\quicktimempeg4authoring.resources\zh_cn.lproj\quicktimeresourcesquicktimeresources.exe
C:\program files\quicktime\qtsystem\quicktimeessentials.resources\nl.lproj\quicktimeresourcesquicktimeresources.exe
C:\Program Files\Emsisoft\Online Armor\oaui.exe
C:\program files\common files\microsoft shared\dashboard components\10\msddscmicrosoft.exe
C:\program files\quicktime\qtsystem\quicktimempeg4authoring.resources\zh_cn.lproj\quicktimeresourcesquicktimeresources.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Emsisoft\Online Armor\OAhlp.exe
C:\Documents and Settings\DAVID PALOMINO\Application Data\AntiVirus 2010\AntiVirus Studio 2010.exe
C:\Documents and Settings\DAVID PALOMINO\Application Data\AntiVirus 2010\securitycenter.exe
C:\WINDOWS\system32\msiexec.exe
c:\program files\common files\system\windowswindows.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Trend Micro\sniper.exe\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=0060921
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=0060921
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1316D219-6BFF-6171-FDB8-14A3948AACC7} - C:\WINDOWS\system32\alrt.dll (file missing)
O2 - BHO: (no name) - {303AB4E6-0A00-02DB-0217-2E00BEBB8DC1} - C:\WINDOWS\system32\fgos.dll (file missing)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [92788a3[1]] C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temporary Internet Files\Content.IE5\K5OZ0IOF\92788a3[1].exe
O4 - HKLM\..\Run: [QuickTimeResourcesQuickTime] c:\program files\quicktime\qtsystem\quicktimempeg4authoring.resources\zh_cn.lproj\quicktimeresourcesquicktimeresources.exe
O4 - HKLM\..\Run: [QuickTimeQuickTimeResources7.6.61660] c:\program files\quicktime\qtsystem\quicktimeessentials.resources\nl.lproj\quicktimeresourcesquicktimeresources.exe
O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Emsisoft\Online Armor\oaui.exe"
O4 - HKLM\..\Run: [MSDDSCMicrosoft] c:\program files\common files\microsoft shared\dashboard components\10\msddscmicrosoft.exe
O4 - HKLM\..\Run: [QuickTimeQuickTimeResources] C:\program files\quicktime\qtsystem\quicktimempeg4authoring.resources\zh_cn.lproj\quicktimeresourcesquicktimeresources.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunServices: [92788a3[1]] C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temporary Internet Files\Content.IE5\K5OZ0IOF\92788a3[1].exe
O4 - HKLM\..\RunServices: [WAB32Windows] c:\program files\common files\system\windowswindows.exe
O4 - HKLM\..\RunServices: [QuickTimeRecursosQuickTime] c:\program files\quicktime\qtsystem\quicktimeh264.resources\pt.lproj\recursosquicktimequicktime.exe
O4 - HKLM\..\RunServices: [ServerMSDDSC] c:\program files\common files\microsoft shared\dashboard components\10\msddscmicrosoft.exe
O4 - HKLM\..\RunServices: [QuickTimeResourcesQuickTimeResources] c:\program files\quicktime\qtsystem\quicktime3gpp.resources\es.lproj\quicktimeresourcesquicktime.exe
O4 - HKLM\..\RunServices: [QuickTimeQuickTimeResources] C:\program files\quicktime\qtsystem\quicktimempeg4authoring.resources\zh_cn.lproj\quicktimeresourcesquicktimeresources.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [tpj8s3uwcmft] C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\m.2F9.tmp.exe
O4 - HKCU\..\Run: [AntiVirus 2010] "C:\Documents and Settings\DAVID PALOMINO\Application Data\AntiVirus 2010\AntiVirus Studio 2010.exe" /STARTUP
O4 - HKCU\..\Run: [SecurityCenter] C:\Documents and Settings\DAVID PALOMINO\Application Data\AntiVirus 2010\securitycenter.exe
O8 - Extra context menu item: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://aol.worldwinner.com/games/v47/shared/FunGamesLoader.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://photo.walgreens.com/WalgreensActivia.cab
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1005.cab
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) - http://www.worldwinner.com/games/shared/wwlaunch.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/games/popcap/zuma/popcaploader_v6.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: FlipShare Service - Unknown owner - C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: Online Armor Helper Service (OAcat) - Unknown owner - C:\Program Files\Emsisoft\Online Armor\OAcat.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files\Emsisoft\Online Armor\oasrv.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 13238 bytes

OpenSource · « **Reply #1 on:** October 07, 2010, 01:15:27 PM »

Your comment has been removed. Please do not post malware advice, or post here in the malware forum, unless you need help.

SuperDave · « **Reply #2 on:** October 21, 2010, 04:57:31 PM »

Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer. I am working under the guidance of one of the specialist of this forum so it may take a bit longer to process your logs.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

You have Viewpoint installed.

Viewpoint Media Player/Manager/Toolbar is considered as Foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad".

More information:

* ViewMgr.exe - Useless
* Viewpoint to Plunge Into Adware

It is suggested to remove the program now. Go to Start > Control Panel > Add/Remove Programs - (Vista & Win7 is Programs and Features) and remove the following programs if present.

* Viewpoint
* Viewpoint Manager
* Viewpoint Media Player
* Viewpoint Toolbar
* Viewpoint Experience Technology
****************************************

Open HijackThis and select Open the Misc Tools section. Select open process manager. select
C:\Documents and Settings\DAVID PALOMINO\Application Data\AntiVirus 2010\AntiVirus Studio 2010.exe
C:\Documents and Settings\DAVID PALOMINO\Application Data\AntiVirus 2010\securitycenter.exe

and click on kill process.
**************************************
Copy and paste the text in the code box below into Notepad.

Code: [Select]

@echo off
del C:\Documents and Settings\DAVID PALOMINO\Application Data\AntiVirus  2010\AntiVirus Studio 2010.exe
del C:\Documents and Settings\DAVID PALOMINO\Application Data\AntiVirus  2010\securitycenter.exe

exit

Then click File > Save as
Save to the Desktop as blackpudding.bat
And Save as type: All Files.

Double-click on blackpudding.bat to run it.
********************************************

Please go to Jotti's malware scan
(If more than one file needs scanned they must be done separately and links posted for each one)

* Copy the file path in the below Code box:

Code: [Select]

c:\program files\common files\system\windowswindows.exe

* At the upload site, click once inside the window next to Browse.
* Press Ctrl+V on the keyboard (both at the same time) to paste the file path into the window.
* Next click Submit file
* Your file will possibly be entered into a queue which normally takes less than a minute to clear.
* This will perform a scan across multiple different virus scanning engines.
* Important: Wait for all of the scanning engines to complete.
* Once the scan is finished, Copy and then Paste the link in the address bar into your next reply.
*************************************

Download Disable/Remove Windows Messenger to the desktop to remove Windows Messenger.

Do not confuse Windows Messenger with MSN Messenger because they are not the same. Windows Messenger is a frequent cause of popups.

Unzip the file on the desktop. Open the MessengerDisable.exe and choose the bottom box - Uninstall Windows Messenger and click Apply.

Exit out of MessengerDisable then delete the two files that were put on the desktop.

************************************************
Open HijackThis and select Do a system scan only

Place a check mark next to the following entries: (if there)

O2 - BHO: (no name) - {1316D219-6BFF-6171-FDB8-14A3948AACC7} - C:\WINDOWS\system32\alrt.dll (file missing)
O2 - BHO: (no name) - {303AB4E6-0A00-02DB-0217-2E00BEBB8DC1} - C:\WINDOWS\system32\fgos.dll (file missing)
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [tpj8s3uwcmft] C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\m.2F9.tmp.exe
O4 - HKCU\..\Run: [AntiVirus 2010] "C:\Documents and Settings\DAVID PALOMINO\Application Data\AntiVirus 2010\AntiVirus Studio 2010.exe" /STARTUP
O4 - HKCU\..\Run: [SecurityCenter] C:\Documents and Settings\DAVID PALOMINO\Application Data\AntiVirus 2010\securitycenter.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) - http://aol.worldwinner.com/games/v47/shared/FunGamesLoader.cab

Important: Close all open windows except for HijackThis and then click Fix checked.

Once completed, exit HijackThis.
*************************************
Download Security Check by screen317 from one of the following links and save it to your desktop.

Link 1
Link 2

* Unzip SecurityCheck.zip and a folder named Security Check should appear.
* Open the Security Check folder and double-click Security Check.bat
* Follow the on-screen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Post the contents of that document in your next reply.

Note: If a security program requests permission from dig.exe to access the Internet, allow it to do so.

Computer Hope Forum

News:

Author Topic: Antivirus studios 2010 (Read 6005 times)

SPEEDDRUG

Antivirus studios 2010

OpenSource

Re: Antivirus studios 2010

SuperDave

Re: Antivirus studios 2010