Some how Antivirus studios 2010 was installed onto my laptop. I downloaded and followed all the steps and these are the logs..The antivirus is still on my computer and i cant delete it.
SUPERAntiSpyware Scan Log
http://www.superantispyware.comGenerated 10/05/2010 at 08:26 PM
Application Version : 4.44.1000
Core Rules Database Version : 0
Trace Rules Database Version: 3422
Scan type : Quick Scan
Total Scan Time : 00:39:02
Memory items scanned : 553
Memory threats detected : 0
Registry items scanned : 1533
Registry threats detected : 120
File items scanned : 37318
File threats detected : 292
Adware.MyWebSearch/FunWebProducts
HKLM\SOFTWARE\Fun Web Products
HKLM\SOFTWARE\Fun Web Products#JpegConversionLib
HKLM\SOFTWARE\Fun Web Products#CacheDir
HKLM\SOFTWARE\Fun Web Products\ScreenSaver
HKLM\SOFTWARE\Fun Web Products\ScreenSaver#ImagesDir
HKLM\SOFTWARE\Fun Web Products\Settings
HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn
HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn#LastHTMLMenuURL
HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn#HTMLMenuRevision
HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn#ETag
HKLM\SOFTWARE\Fun Web Products\Settings\MailStampBtn
HKLM\SOFTWARE\Fun Web Products\Settings\MailStampBtn#LastHTMLMenuURL
HKLM\SOFTWARE\Fun Web Products\Settings\MailStampBtn#HTMLMenuRevision
HKLM\SOFTWARE\Fun Web Products\Settings\MailStampBtn#ETag
HKLM\SOFTWARE\Fun Web Products\Settings\MyStationeryBtn
HKLM\SOFTWARE\Fun Web Products\Settings\MyStationeryBtn#LastHTMLMenuURL
HKLM\SOFTWARE\Fun Web Products\Settings\MyStationeryBtn#HTMLMenuRevision
HKLM\SOFTWARE\Fun Web Products\Settings\MyStationeryBtn#ETag
HKLM\SOFTWARE\Fun Web Products\Settings\Promos
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextNone.numActive
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextNone.0
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyFreqNone
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextUninstalled.numActive
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextUninstalled.0
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyFreqUninstalled
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.numActive
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.numActive2
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.1
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.2
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.3
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.4
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.5
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.6
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#MSN.7
HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn
HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#HTMLMenuPosDeleted
HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#LastHTMLMenuURL
HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#HTMLMenuRevision
HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#ETag
HKU\S-1-5-21-3460985270-3255328264-557960363-1007\SOFTWARE\FunWebProducts
HKLM\SOFTWARE\FunWebProducts
HKLM\SOFTWARE\FunWebProducts\Installer
HKLM\SOFTWARE\FunWebProducts\Installer#Dir
HKLM\SOFTWARE\FunWebProducts\Installer#CurInstall
HKLM\SOFTWARE\FunWebProducts\Installer#sr
HKLM\SOFTWARE\FunWebProducts\Installer#pl
HKLM\SOFTWARE\FunWebProducts\Installer#CheckForConnection
HKLM\SOFTWARE\FunWebProducts\Installer#CacheDir
HKLM\SOFTWARE\FunWebProducts\Installer\downloaded
HKU\S-1-5-21-3460985270-3255328264-557960363-1007\SOFTWARE\MyWebSearch
HKLM\SOFTWARE\MyWebSearch
HKLM\SOFTWARE\MyWebSearch\bar
HKLM\SOFTWARE\MyWebSearch\bar#pid
HKLM\SOFTWARE\MyWebSearch\bar#Dir
HKLM\SOFTWARE\MyWebSearch\bar#PluginPath
HKLM\SOFTWARE\MyWebSearch\bar#CurInstall
HKLM\SOFTWARE\MyWebSearch\bar#SettingsDir
HKLM\SOFTWARE\MyWebSearch\bar#sr
HKLM\SOFTWARE\MyWebSearch\bar#pl
HKLM\SOFTWARE\MyWebSearch\bar#Id
HKLM\SOFTWARE\MyWebSearch\bar#CacheDir
HKLM\SOFTWARE\MyWebSearch\bar#ConfigDateStamp
HKLM\SOFTWARE\MyWebSearch\bar#HTMLMenuRevision
HKLM\SOFTWARE\MyWebSearch\bar#sscSet
HKLM\SOFTWARE\MyWebSearch\bar#sscLabel
HKLM\SOFTWARE\MyWebSearch\bar#sscURL
HKLM\SOFTWARE\MyWebSearch\bar#Flags
HKLM\SOFTWARE\MyWebSearch\bar#HistoryDir
HKLM\SOFTWARE\MyWebSearch\SearchAssistant
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#pid
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#Dir
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#esh
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#lsp
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#CurInstall
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#sr
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#pl
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#Id
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#ConfigDateStamp
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#ABS
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#DES
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#eintl
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#fs
HKLM\SOFTWARE\MyWebSearch\SkinTools
HKLM\SOFTWARE\MyWebSearch\SkinTools#PlayerPath
HKCR\MyWebSearch.PseudoTransparentPlugin
HKCR\MyWebSearch.PseudoTransparentPlugin\CLSID
HKCR\MyWebSearch.PseudoTransparentPlugin\CurVer
HKCR\MyWebSearch.PseudoTransparentPlugin.1
HKCR\MyWebSearch.PseudoTransparentPlugin.1\CLSID
HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}\TreatAs
HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}
HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}\InprocServer32
HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}\InprocServer32#ThreadingModel
HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3}
HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3}\TreatAs
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib#Version
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid32
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib#Version
Adware.ClickSpring/Outer Info Network
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#Publisher
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#HelpLink
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#InstallLocation
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#NoModify
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#NoRepair
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#DisplayVersion
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Outerinfo#DisplayIcon
C:\Program Files\Outerinfo\FF\chrome.manifest
C:\Program Files\Outerinfo\FF\components\OuterinfoAds.xpt
C:\Program Files\Outerinfo\FF\components
C:\Program Files\Outerinfo\FF\install.rdf
C:\Program Files\Outerinfo\FF
C:\Program Files\Outerinfo\Terms.rtf
C:\Program Files\Outerinfo
Adware.AdSponsor/ISM
HKU\S-1-5-21-3460985270-3255328264-557960363-1007\Software\antica
Adware.WinTouch/XInside
C:\Program Files\InetGet2
Trojan.Unclassified/NVCOI
C:\Program Files\Temporary
Disabled.SecurityCenterOption
HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#ANTIVIRUSDISABLENOTIFY
HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#FIREWALLDISABLENOTIFY
HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER#UPDATESDISABLENOTIFY
Adware.Tracking Cookie
cdn4.specificclick.net [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
content.yieldmanager.edgesuite.net [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
core.insightexpressai.com [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
ia.media-imdb.com [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
interclick.com [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
m1.2mdn.net [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
media.tattomedia.com [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
media1.break.com [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
secure-us.imrworldwide.com [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
smedia.gofightlive.tv [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
vhss-a.oddcast.com [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
wdpromedia.com [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
wdw1.wdpromedia.com [ C:\Documents and Settings\EILEEN PALOMINO\Application Data\Macromedia\Flash Player\#SharedObjects\VYTUZ9H8 ]
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@247realmedia[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@2o7[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@2o7[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@accountonline[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@adbrite[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@adcentriconline[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@adinterax[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@adlegend[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][3].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@adtech[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@advertising[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@advertising[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@advertising[3].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@adxpose[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@apmebf[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][3].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@atdmt[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@atwola[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@azjmp[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@babynamescountry[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@bfast[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@bizrate[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@bluestreak[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@bookfinder[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@burstbeacon[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@burstnet[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@casalemedia[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@chitika[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@collective-media[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][3].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@countrywide[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@da-tracking[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@dealtime[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@dmtracker[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@doubleclick[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@enhance[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@eyewonder[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@fastclick[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@findology[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@hitbox[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@imrworldwide[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@incentaclick[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@indexstats[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@insightexpressai[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@interclick[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@invitemedia[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@kontera[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@lfstmedia[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@linksynergy[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@liveperson[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@liveperson[3].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@liveperson[4].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@liveperson[5].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@liveperson[6].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@liveperson[7].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@liveperson[8].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@lucidmedia[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@media6degrees[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@mediabrandsww[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@mediaplex[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@mediatraffic[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@missionfinder[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][3].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@nextag[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@oddcast[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@overture[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@partner2profit[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@pointroll[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@pro-market[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@proelite[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@questionmarket[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@realmedia[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@revenue[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@revsci[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@roiservice[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@ru4[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][10].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][3].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][4].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][5].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][6].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][7].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][8].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][9].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][3].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@serving-sys[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@simplymedia[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@spamblockerutility[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@specificclick[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@specificmedia[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@statcounter[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@tacoda[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@tacoda[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@thefind[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@ticketsnow[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@toseeka[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@tradedoubler[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@trafficmp[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@traveladvertising[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@tribalfusion[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@valueclick[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@webstatsmaster[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][3].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][4].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][5].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\
[email protected][2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@yieldmanager[1].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@yieldmanager[2].txt
C:\Documents and Settings\EILEEN PALOMINO\Cookies\eileen_palomino@zedo[1].txt
_______________________________________
_______________________________________
____________________________
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.orgDatabase version: 4749
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.13
10/5/2010 9:07:53 PM
mbam-log-2010-10-05 (21-07-53).txt
Scan type: Quick scan
Objects scanned: 185882
Time elapsed: 23 minute(s), 29 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 10
Registry Values Infected: 1
Registry Data Items Infected: 1
Folders Infected: 2
Files Infected: 45
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{875a1348-7674-42aa-adac-b4f36a004a2d} (Adware.Adband) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a26f07f-0d60-4835-91cf-1e1766a0ec56} (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\WinAble (Trojan.Adloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\*.starsdoor.com (Backdoor.Bot) -> Quarantined and deleted successfully.
Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\(default) (Hijack.StartMenuInternet) -> Bad: ("C:\Documents and Settings\DAVID PALOMINO\Local Settings\Application Data\av.exe" /START "C:\Program Files\Internet Explorer\iexplore.exe") Good: (iexplore.exe) -> Quarantined and deleted successfully.
Folders Infected:
C:\Program Files\Insider (Adware.DnsInsider) -> Quarantined and deleted successfully.
C:\Documents and Settings\EILEEN PALOMINO\Start Menu\Programs\Outerinfo (Malware.Trace) -> Quarantined and deleted successfully.
Files Infected:
C:\Program Files\Common Files\Yazzle1560OinUninstaller.exe (Adware.PurityScan) -> Quarantined and deleted successfully.
C:\Documents and Settings\EILEEN PALOMINO\Start Menu\Programs\Outerinfo\Terms.lnk (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\EILEEN PALOMINO\Start Menu\Programs\Outerinfo\Uninstall.lnk (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\EILEEN PALOMINO\Desktop\Click to Find and Fix Errors.url (Rogue.Link) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ClickToFindandFixErrors_US.ico (Malware.Trace) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\02c9c3c35bdx5.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\17dkf.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\472a10e2ebxd9.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\56493.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\alerfa.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\backd-efq.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\cosock.exe (Trojan.FakeAlert) -> Delete on reboot.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\cunifuc.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\dc_3.exe (Trojan.FakeSmoke) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\dd10x10.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\ddhelp.exe (Trojan.FakeSmoke) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\ddoll3342.exe (Trojan.FakeAlert) -> Delete on reboot.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\dkfjd93.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\ds7hw.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\eelnvd13.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\eephilpe.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\fe.exe (Trojan.FakeSmoke) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\gedx_ae09.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\gpupz2a.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\hhbboll_2.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\hiphop.exe (Trojan.FakeSmoke) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\hodeme.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\hvipws9.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\jdhellwo3.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\kilslmd.exex (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\kjdh_gf_jjdhgd.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\lols.exe (Trojan.FakeSmoke) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\lorsk.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\ppddfcfux.exxe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\pswwg3c.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\qwedvor.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\qwklrvjhqlkj.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\rator.exe (Trojan.FakeSmoke) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\snowif.exe (Trojan.FakeSmoke) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\sycre.exe (Trojan.FakeSmoke) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\timem.exe (Trojan.FakeSmoke) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\wergfq.exe (Trojan.FakeSmoke) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\winlogoff.exe (Trojan.FakeSmoke) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\wrcud12.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\wrfwe_di.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
_______________________________________
_______________________________________
_______________________________
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:21:42 PM, on 10/5/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17080)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Emsisoft\Online Armor\OAcat.exe
C:\Program Files\Emsisoft\Online Armor\oasrv.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\wanmpsvc.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\program files\quicktime\qtsystem\quicktimempeg4authoring.resources\zh_cn.lproj\quicktimeresourcesquicktimeresources.exe
C:\program files\quicktime\qtsystem\quicktimeessentials.resources\nl.lproj\quicktimeresourcesquicktimeresources.exe
C:\Program Files\Emsisoft\Online Armor\oaui.exe
C:\program files\common files\microsoft shared\dashboard components\10\msddscmicrosoft.exe
C:\program files\quicktime\qtsystem\quicktimempeg4authoring.resources\zh_cn.lproj\quicktimeresourcesquicktimeresources.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Emsisoft\Online Armor\OAhlp.exe
C:\Documents and Settings\DAVID PALOMINO\Application Data\AntiVirus 2010\AntiVirus Studio 2010.exe
C:\Documents and Settings\DAVID PALOMINO\Application Data\AntiVirus 2010\securitycenter.exe
C:\WINDOWS\system32\msiexec.exe
c:\program files\common files\system\windowswindows.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Trend Micro\sniper.exe\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=0060921R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.yahoo.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL =
www.google.com/ig/dell?hl=en&client=dell-usuk&channel=us&ibd=0060921O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1316D219-6BFF-6171-FDB8-14A3948AACC7} - C:\WINDOWS\system32\alrt.dll (file missing)
O2 - BHO: (no name) - {303AB4E6-0A00-02DB-0217-2E00BEBB8DC1} - C:\WINDOWS\system32\fgos.dll (file missing)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [92788a3[1]] C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temporary Internet Files\Content.IE5\K5OZ0IOF\92788a3[1].exe
O4 - HKLM\..\Run: [QuickTimeResourcesQuickTime] c:\program files\quicktime\qtsystem\quicktimempeg4authoring.resources\zh_cn.lproj\quicktimeresourcesquicktimeresources.exe
O4 - HKLM\..\Run: [QuickTimeQuickTimeResources7.6.61660] c:\program files\quicktime\qtsystem\quicktimeessentials.resources\nl.lproj\quicktimeresourcesquicktimeresources.exe
O4 - HKLM\..\Run: [@OnlineArmor GUI] "C:\Program Files\Emsisoft\Online Armor\oaui.exe"
O4 - HKLM\..\Run: [MSDDSCMicrosoft] c:\program files\common files\microsoft shared\dashboard components\10\msddscmicrosoft.exe
O4 - HKLM\..\Run: [QuickTimeQuickTimeResources] C:\program files\quicktime\qtsystem\quicktimempeg4authoring.resources\zh_cn.lproj\quicktimeresourcesquicktimeresources.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\RunServices: [92788a3[1]] C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temporary Internet Files\Content.IE5\K5OZ0IOF\92788a3[1].exe
O4 - HKLM\..\RunServices: [WAB32Windows] c:\program files\common files\system\windowswindows.exe
O4 - HKLM\..\RunServices: [QuickTimeRecursosQuickTime] c:\program files\quicktime\qtsystem\quicktimeh264.resources\pt.lproj\recursosquicktimequicktime.exe
O4 - HKLM\..\RunServices: [ServerMSDDSC] c:\program files\common files\microsoft shared\dashboard components\10\msddscmicrosoft.exe
O4 - HKLM\..\RunServices: [QuickTimeResourcesQuickTimeResources] c:\program files\quicktime\qtsystem\quicktime3gpp.resources\es.lproj\quicktimeresourcesquicktime.exe
O4 - HKLM\..\RunServices: [QuickTimeQuickTimeResources] C:\program files\quicktime\qtsystem\quicktimempeg4authoring.resources\zh_cn.lproj\quicktimeresourcesquicktimeresources.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [tpj8s3uwcmft] C:\Documents and Settings\DAVID PALOMINO\Local Settings\Temp\m.2F9.tmp.exe
O4 - HKCU\..\Run: [AntiVirus 2010] "C:\Documents and Settings\DAVID PALOMINO\Application Data\AntiVirus 2010\AntiVirus Studio 2010.exe" /STARTUP
O4 - HKCU\..\Run: [SecurityCenter] C:\Documents and Settings\DAVID PALOMINO\Application Data\AntiVirus 2010\securitycenter.exe
O8 - Extra context menu item: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1A1F56AA-3401-46F9-B277-D57F3421F821} (FunGamesLoader Object) -
http://aol.worldwinner.com/games/v47/shared/FunGamesLoader.cabO16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) -
http://photo.walgreens.com/WalgreensActivia.cabO16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) -
http://lads.myspace.com/upload/MySpaceUploader1005.cabO16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) -
http://www.worldwinner.com/games/shared/wwlaunch.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/activescan/as5free/asinst.cabO16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) -
http://download.games.yahoo.com/games/popcap/zuma/popcaploader_v6.cabO16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabO20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: FlipShare Service - Unknown owner - C:\Program Files\Flip Video\FlipShare\FlipShareService.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe
O23 - Service: Online Armor Helper Service (OAcat) - Unknown owner - C:\Program Files\Emsisoft\Online Armor\OAcat.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Unknown owner - C:\Program Files\Emsisoft\Online Armor\oasrv.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE
--
End of file - 13238 bytes