Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
Name: Lookingup
Windows Xp Home( not sure what inside out means)...get this C:\PROGRA~1\MYWEBS~1\bar\2.bin\MWSBAR.DLL
error message when icon page is loading any help would be much appreciated
Follow:
1) Install, update database and run full scan with Malwarebytes' Anti-Malware. Attach malwarebyte full scan log, fix anything detected.2) House cleaning. Run full Scan with SuperAntispyware : http://www.superantispyware.com/dow... . Fix what it detects and post summary scan log.
If I'm helping you and I don't reply within 24 hours send me a PM.
0 
Malwarebytes' Anti-Malware 1.38
Database version: 2411
Windows 5.1.2600 Service Pack 27/11/2009 11:15:59 PM
mbam-log-2009-07-11 (23-15-59).txtScan type: Full Scan (A:\|C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Objects scanned: 207367
Time elapsed: 2 hour(s), 7 minute(s), 4 second(s)Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 1
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 3Memory Processes Infected:
(No malicious items detected)Memory Modules Infected:
(No malicious items detected)Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\internet antivirus pro_is1 (Rogue.InternetAntiVirus) -> Quarantined and deleted successfully.Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\internet antivirus pro (Rogue.InternetAntiVirus) -> Quarantined and deleted successfully.Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.Folders Infected:
(No malicious items detected)Files Infected:
c:\documents and settings\monica griffin\application data\microsoft\internet explorer\quick launch\Internet Antivirus Pro.lnk (Rogue.InternetAntiVirus) -> Quarantined and deleted successfully.
c:\documents and settings\monica griffin\Local Settings\Application Data\Microsoft\Windows\pguard.ini (Rogue.InternetAntiVirus) -> Quarantined and deleted successfully.
c:\program files\Mpn.dll (Spyware.OnlineGames) -> Quarantined and deleted successfully.
0 0
the second one is still scaning but noticed it seemed to pick up a lot .......why doesn't Norton or Avg pick up these problems?
0
Scan type : Complete Scan
Total Scan Time : 02:12:55Memory items scanned : 500
Memory threats detected : 0
Registry items scanned : 5281
Registry threats detected : 93
File items scanned : 12425
File threats detected : 10Adware.Tracking Cookie
C:\Documents and Settings\monica griffin\Cookies\monica_griffin@findarticles[1].txt
C:\Documents and Settings\monica griffin\Cookies\monica_griffin@richmedia.yahoo[1].txt
C:\Documents and Settings\monica griffin\Cookies\monica_griffin@ad.yieldmanager[2].txt
C:\Documents and Settings\monica griffin\Cookies\monica_griffin@www.mynortonaccount[2].txt
.insightexpressai.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\6j4e2y32.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\6j4e2y32.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\6j4e2y32.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\6j4e2y32.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\6j4e2y32.default\cookies.txt ]
.insightexpressai.com [ C:\Documents and Settings\Guest\Application Data\Mozilla\Firefox\Profiles\6j4e2y32.default\cookies.txt ]Adware.MyWebSearch/FunWebProducts
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE#NextInstance
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#Service
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#Legacy
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#ConfigFlags
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#Class
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#ClassGUID
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#DeviceDesc
HKLM\Software\Microsoft\Windows\CurrentVersion\Run#My Web Search Bar [ rundll32 C:\PROGRA~1\MYWEBS~1\bar\2.bin\MWSBAR.DLL,S ]Malware.SpyLocked
HKCR\Interface\{05061FBD-4124-4EAE-BEFE-B844303A2D74}
HKCR\Interface\{05061FBD-4124-4EAE-BEFE-B844303A2D74}\ProxyStubClsid
HKCR\Interface\{05061FBD-4124-4EAE-BEFE-B844303A2D74}\ProxyStubClsid32
HKCR\Interface\{05061FBD-4124-4EAE-BEFE-B844303A2D74}\TypeLib
HKCR\Interface\{05061FBD-4124-4EAE-BEFE-B844303A2D74}\TypeLib#Version
HKCR\Interface\{0D0E7125-9728-40AC-9FC1-CA3C26A0E9AC}
HKCR\Interface\{0D0E7125-9728-40AC-9FC1-CA3C26A0E9AC}\ProxyStubClsid
HKCR\Interface\{0D0E7125-9728-40AC-9FC1-CA3C26A0E9AC}\ProxyStubClsid32
HKCR\Interface\{0D0E7125-9728-40AC-9FC1-CA3C26A0E9AC}\TypeLib
HKCR\Interface\{0D0E7125-9728-40AC-9FC1-CA3C26A0E9AC}\TypeLib#Version
HKCR\Interface\{17DA0ADA-D080-476A-8A32-29961B3145DA}
HKCR\Interface\{17DA0ADA-D080-476A-8A32-29961B3145DA}\ProxyStubClsid
HKCR\Interface\{17DA0ADA-D080-476A-8A32-29961B3145DA}\ProxyStubClsid32
HKCR\Interface\{17DA0ADA-D080-476A-8A32-29961B3145DA}\TypeLib
HKCR\Interface\{17DA0ADA-D080-476A-8A32-29961B3145DA}\TypeLib#Version
HKCR\Interface\{27E4B73F-3C78-4463-888D-AE36C6F3ABFC}
HKCR\Interface\{27E4B73F-3C78-4463-888D-AE36C6F3ABFC}\ProxyStubClsid
HKCR\Interface\{27E4B73F-3C78-4463-888D-AE36C6F3ABFC}\ProxyStubClsid32
HKCR\Interface\{27E4B73F-3C78-4463-888D-AE36C6F3ABFC}\TypeLib
HKCR\Interface\{27E4B73F-3C78-4463-888D-AE36C6F3ABFC}\TypeLib#Version
HKCR\Interface\{3EEC58B4-FE87-4885-AE8A-B19E7454BD03}
HKCR\Interface\{3EEC58B4-FE87-4885-AE8A-B19E7454BD03}\ProxyStubClsid
HKCR\Interface\{3EEC58B4-FE87-4885-AE8A-B19E7454BD03}\ProxyStubClsid32
HKCR\Interface\{3EEC58B4-FE87-4885-AE8A-B19E7454BD03}\TypeLib
HKCR\Interface\{3EEC58B4-FE87-4885-AE8A-B19E7454BD03}\TypeLib#Version
HKCR\Interface\{3F0B05B7-FD07-43A3-82CA-8DD6C75363D7}
HKCR\Interface\{3F0B05B7-FD07-43A3-82CA-8DD6C75363D7}\ProxyStubClsid
HKCR\Interface\{3F0B05B7-FD07-43A3-82CA-8DD6C75363D7}\ProxyStubClsid32
HKCR\Interface\{3F0B05B7-FD07-43A3-82CA-8DD6C75363D7}\TypeLib
HKCR\Interface\{3F0B05B7-FD07-43A3-82CA-8DD6C75363D7}\TypeLib#Version
HKCR\Interface\{4EDB0354-F87D-4C60-B5F8-B09D30247BF3}
HKCR\Interface\{4EDB0354-F87D-4C60-B5F8-B09D30247BF3}\ProxyStubClsid
HKCR\Interface\{4EDB0354-F87D-4C60-B5F8-B09D30247BF3}\ProxyStubClsid32
HKCR\Interface\{4EDB0354-F87D-4C60-B5F8-B09D30247BF3}\TypeLib
HKCR\Interface\{4EDB0354-F87D-4C60-B5F8-B09D30247BF3}\TypeLib#Version
HKCR\Interface\{62DDEE51-44C6-44F9-B8CC-CC85C7BDD54D}
HKCR\Interface\{62DDEE51-44C6-44F9-B8CC-CC85C7BDD54D}\ProxyStubClsid
HKCR\Interface\{62DDEE51-44C6-44F9-B8CC-CC85C7BDD54D}\ProxyStubClsid32
HKCR\Interface\{62DDEE51-44C6-44F9-B8CC-CC85C7BDD54D}\TypeLib
HKCR\Interface\{62DDEE51-44C6-44F9-B8CC-CC85C7BDD54D}\TypeLib#Version
HKCR\Interface\{71FBB0FF-3295-4435-966D-C966DC86DC18}
HKCR\Interface\{71FBB0FF-3295-4435-966D-C966DC86DC18}\ProxyStubClsid
HKCR\Interface\{71FBB0FF-3295-4435-966D-C966DC86DC18}\ProxyStubClsid32
HKCR\Interface\{71FBB0FF-3295-4435-966D-C966DC86DC18}\TypeLib
HKCR\Interface\{71FBB0FF-3295-4435-966D-C966DC86DC18}\TypeLib#Version
HKCR\Interface\{7578BE5C-0F58-4914-A8E4-6446A94FA82B}
HKCR\Interface\{7578BE5C-0F58-4914-A8E4-6446A94FA82B}\ProxyStubClsid
HKCR\Interface\{7578BE5C-0F58-4914-A8E4-6446A94FA82B}\ProxyStubClsid32
HKCR\Interface\{7578BE5C-0F58-4914-A8E4-6446A94FA82B}\TypeLib
HKCR\Interface\{7578BE5C-0F58-4914-A8E4-6446A94FA82B}\TypeLib#Version
HKCR\Interface\{8B317816-B6CD-4F56-88D8-02FA916C5C54}
HKCR\Interface\{8B317816-B6CD-4F56-88D8-02FA916C5C54}\ProxyStubClsid
HKCR\Interface\{8B317816-B6CD-4F56-88D8-02FA916C5C54}\ProxyStubClsid32
HKCR\Interface\{8B317816-B6CD-4F56-88D8-02FA916C5C54}\TypeLib
HKCR\Interface\{8B317816-B6CD-4F56-88D8-02FA916C5C54}\TypeLib#Version
HKCR\Interface\{9AF243AF-0FBF-4FD8-9D12-0442BE49D64B}
HKCR\Interface\{9AF243AF-0FBF-4FD8-9D12-0442BE49D64B}\ProxyStubClsid
HKCR\Interface\{9AF243AF-0FBF-4FD8-9D12-0442BE49D64B}\ProxyStubClsid32
HKCR\Interface\{9AF243AF-0FBF-4FD8-9D12-0442BE49D64B}\TypeLib
HKCR\Interface\{9AF243AF-0FBF-4FD8-9D12-0442BE49D64B}\TypeLib#Version
HKCR\Interface\{9D01BC12-D61A-4828-AA88-A4FFFC393C0D}
HKCR\Interface\{9D01BC12-D61A-4828-AA88-A4FFFC393C0D}\ProxyStubClsid
HKCR\Interface\{9D01BC12-D61A-4828-AA88-A4FFFC393C0D}\ProxyStubClsid32
HKCR\Interface\{9D01BC12-D61A-4828-AA88-A4FFFC393C0D}\TypeLib
HKCR\Interface\{9D01BC12-D61A-4828-AA88-A4FFFC393C0D}\TypeLib#Version
HKCR\Interface\{A8870ADF-5E61-44B9-A443-439BC30CE341}
HKCR\Interface\{A8870ADF-5E61-44B9-A443-439BC30CE341}\ProxyStubClsid
HKCR\Interface\{A8870ADF-5E61-44B9-A443-439BC30CE341}\ProxyStubClsid32
HKCR\Interface\{A8870ADF-5E61-44B9-A443-439BC30CE341}\TypeLib
HKCR\Interface\{A8870ADF-5E61-44B9-A443-439BC30CE341}\TypeLib#Version
HKCR\Interface\{D8F9E49E-80BE-4BD8-8EFE-3124228105DC}
HKCR\Interface\{D8F9E49E-80BE-4BD8-8EFE-3124228105DC}\ProxyStubClsid
HKCR\Interface\{D8F9E49E-80BE-4BD8-8EFE-3124228105DC}\ProxyStubClsid32
HKCR\Interface\{D8F9E49E-80BE-4BD8-8EFE-3124228105DC}\TypeLib
HKCR\Interface\{D8F9E49E-80BE-4BD8-8EFE-3124228105DC}\TypeLib#Version
HKCR\Interface\{E92E6F2D-2CA1-4B39-BBAA-D685F4A0FB40}
HKCR\Interface\{E92E6F2D-2CA1-4B39-BBAA-D685F4A0FB40}\ProxyStubClsid
HKCR\Interface\{E92E6F2D-2CA1-4B39-BBAA-D685F4A0FB40}\ProxyStubClsid32
HKCR\Interface\{E92E6F2D-2CA1-4B39-BBAA-D685F4A0FB40}\TypeLib
HKCR\Interface\{E92E6F2D-2CA1-4B39-BBAA-D685F4A0FB40}\TypeLib#VersionTrojan.Media-Codec/V2
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Security Messenger
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Security Messenger#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Security Messenger#UninstallString
0
dll error mention above is gone, now some other error with c:.........bucket came up, and i've had to download something for windows after each scan
0
booted up this morning and didn't get any error reports......when i boot up i get a couple beeps and phoenix bios page pops up and i need to press F1 key to continue, is there a way to not have this page pop up, or is it required/normal for a computer to have this.......and
Thank you for your help
0
No clue what you pop up your talking about post a screenshot if you can.
If I'm helping you and I don't reply within 24 hours send me a PM.
0  |
 Suspicious website
|
Windows fault
|
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
