Mourning the loss of our friend, WhitPhil.
There's no such thing as a stupid question, but they're the easiest to answer.
JoinTour
Login
Search
 
Windows XP
Tag Cloud
access audio blue screen boot bsod connection crash dell desktop driver drivers dvd email error excel excel 2003 firefox hard drive hardware internet keyboard laptop malware monitor motherboard network networking outlook problem processor ram recovery router safe mode screen slow sound spyware tdlwsp.dll trojan upgrade video virus vista vundo windows windows 7 windows vista windows xp wireless
Search
Search for:
Tech Support Guy Forums > Operating Systems > Windows XP >
Windows XP blue screen issue

Tip: Click here to scan for System Errors and Optimize PC performance
[ Sponsored Link ]

 
Thread Tools
pvtcarlswife's Avatar
Computer Specs
Junior Member with 2 posts.
  
Join Date: Nov 2009
Experience: Beginner
08-Nov-2009, 04:02 PM #1
Windows XP blue screen issue
I am SOO green at this stuff, so maybe someone can try to help.. lol
Yesterday my computer crashed, and flashed a blue screen, i tried entering in safe mode, last good known config, etc, and was unable to get back in with anything, so restarted and used F8 for more options, was finally able to get into the computer using the "debugging mode"
I noticed that i did not have the Windows XP SP 3 installed so tried downloading it, however all i get when trying is that the ATAPI.SYS is in use, i have turned off every application possible, and still receive the same error, I do have Daemon Tools, however it will not allow me to unistall it, when i use unistall, it will go about half way and then stop. I tried updating Daemon thinking that would help, but am unable to do that also because it needs to reboot to finish the install.
I used SuperAntiSpyware blaster, and it found nothing except some mywebsearch issues, i used the Windows malware detector, and it found nothing, i used the malwarebytes tool and it did find some things and removed or quaranteed (will paste the log) I tried using "unlocker" and went to the drivers to try to change the name of the ATAPI driver, but it states it can not because it is in use, i opened the task manager and shut down all applications that i could find that was not system.
I need HELP!!!
Here is the malware log

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6 faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b1 8ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b1 8ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b1 8eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4d b7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2556 0540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc2 01fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff0 5104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{c48 635ad-d6b5-3ee4-aaa2-540d5a173658} (Backdoor.Bot) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\{c48635ad-d6b5-3ee4-aaa2-540d5a173658} (Backdoor.Bot) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Documents and Settings\Owner.family\My Documents\downloads\WebfettiSetup2.3.50.56.ZKfox000.exe (Adware.MyWebSearch) -> Quarantined and deleted successfully.
Register for free to hide this ad!
pvtcarlswife's Avatar
Computer Specs
Junior Member with 2 posts.
  
Join Date: Nov 2009
Experience: Beginner
08-Nov-2009, 05:37 PM #2
update
I am still unable to log into my computer using anything except "debugging mode" i ran another scan with the Malwarebytes and discovered a few more problems, one i think is pretty serious, but not sure how to get it all out.. would this "virus" cause my blue screen issue? and again, does anyone have any ideas on getting my XP Service Pack 3 installed, i still can not get past the error, that the Atapi.sys is in use..
THanks!
(it is this one that has me concerned C:\Documents and Settings\Owner.family\Local Settings\Temp\trt.exe (Rootkit.TDSS)

Malwarebytes' Anti-Malware 1.41
Database version: 3120
Windows 5.1.2600 Service Pack 2

11/8/2009 5:16:54 PM
mbam-log-2009-11-08 (17-16-44)2

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 228727
Time elapsed: 1 hour(s), 10 minute(s), 30 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 11
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 12
Files Infected: 100

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\AvScan (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\gvtl (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Game vance (Adware.Gamevance) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Network\UID (Malware.Trace) -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Documents and Settings\Owner.family\Application Data\FunWebProducts (Adware.MyWebSearch) -> No action taken.
C:\Documents and Settings\Owner.family\Application Data\FunWebProducts\Data (Adware.MyWebSearch) -> No action taken.
C:\Documents and Settings\Owner.family\Application Data\FunWebProducts\Data\Owner (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> No action taken.
C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> No action taken.
C:\WINDOWS\system32\twain32 (Backdoor.Bot) -> No action taken.

Files Infected:
C:\Documents and Settings\Owner.family\Local Settings\Temp\trt.exe (Rootkit.TDSS) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP128\A0016616.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP128\A0016634.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP128\A0016617.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP128\A0016620.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP128\A0016624.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP128\A0016626.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP128\A0016630.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP128\A0016631.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP128\A0016633.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP128\A0016635.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP128\A0016636.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP128\A0016637.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP128\A0016638.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP128\A0016640.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP128\A0016641.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP128\A0016642.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP128\A0016643.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP128\A0016644.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP128\A0016645.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP128\A0016646.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP128\A0016647.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP148\A0018583.dll (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP158\A0019037.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP158\A0019012.dll (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP158\A0019013.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP158\A0019020.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP158\A0019022.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP158\A0019026.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP158\A0019027.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP158\A0019029.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP158\A0019030.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP158\A0019031.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP158\A0019032.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP158\A0019033.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP158\A0019034.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP158\A0019036.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP158\A0019038.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP158\A0019039.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP158\A0019040.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP158\A0019041.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP158\A0019042.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP158\A0019043.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP158\A0019044.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP158\A0019045.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP161\A0019105.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP161\A0019106.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP161\A0019108.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP167\A0019382.dll (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP204\A0023649.dll (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP204\A0023650.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP206\A0023739.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP206\A0023740.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP206\A0023741.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP206\A0023742.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP206\A0023743.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP206\A0023744.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP206\A0023747.DLL (Adware.FunWeb) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP222\A0026540.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP222\A0026516.scr (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP222\A0026518.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP222\A0026523.SCR (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP222\A0026524.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP222\A0026526.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP222\A0026531.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP222\A0026532.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP222\A0026533.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP222\A0026534.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP222\A0026535.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP222\A0026536.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP222\A0026538.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP222\A0026539.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP222\A0026541.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP222\A0026542.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP222\A0026543.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP222\A0026544.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP223\A0026587.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP223\A0026580.dll (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP223\A0026581.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP223\A0026583.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP223\A0026584.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP223\A0026585.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP223\A0026586.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP223\A0026588.EXE (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP223\A0026589.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP223\A0026590.DLL (Adware.MyWebSearch) -> No action taken.
C:\System Volume Information\_restore{4E015214-6BB0-4181-B365-456CF1DEC069}\RP227\A0026636.dll (Adware.MyWebSearch) -> No action taken.
C:\WINDOWS\system32\spool\prtprocs\w32x86\1AC6.tmp (Rootkit.TDSS) -> No action taken.
C:\WINDOWS\Temp\1AC7.tmp (Rootkit.TDSS) -> No action taken.
C:\Documents and Settings\Owner.family\Application Data\FunWebProducts\Data\Owner\avatar.dat (Adware.MyWebSearch) -> No action taken.
C:\Documents and Settings\Owner.family\Application Data\FunWebProducts\Data\Owner\outfit.dat (Adware.MyWebSearch) -> No action taken.
C:\Documents and Settings\Owner.family\Application Data\FunWebProducts\Data\Owner\register.dat (Adware.MyWebSearch) -> No action taken.
C:\Documents and Settings\Owner.family\Application Data\FunWebProducts\Data\Owner\zbucks.dat (Adware.MyWebSearch) -> No action taken.
C:\Documents and Settings\Owner.family\Application Data\FunWebProducts\Data\Owner\zevents.dat (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\History\search3 (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Settings\setting2.htm (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Settings\settings.dat (Adware.MyWebSearch) -> No action taken.
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> No action taken.
C:\WINDOWS\system32\twain32\local.ds (Backdoor.Bot) -> No action taken.
C:\WINDOWS\system32\twain32\user.ds (Backdoor.Bot) -> No action taken.
johnebadbak's Avatar
Senior Member with 852 posts.
  
Join Date: Feb 2002
Location: australia
Experience: Intermediate
08-Nov-2009, 06:47 PM #3
would suggest a reinstall of windows.wipe the hdd clean and start a windows insrtall
Reply Bookmark and Share

Smart Search

Find your solution!


« Previous Thread | Windows XP | Next Thread »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
WELCOME TO TECH SUPPORT GUY! Are you looking for the solution to your computer problem? Join our site today to ask your question -- for free! Our site is run completely by volunteers who want to help you solve your computer problems. See our Welcome Guide to get started.

Thread Tools


Twitter Twitter! | Podcast | Mobile | Advertise
Contact Us - HelpOnThe.Net - Archive - Terms of Service - Top
You Are Using:
Server ID
Advertisements do not imply our endorsement of that product or service.
All times are GMT -5. The time now is 05:13 PM.
Copyright © 1996 - 2009 TechGuy, Inc. All rights reserved.
Powered by vBulletin, Copyright © 2000 - 2009, Jelsoft Enterprises Ltd.
 Powered by Cermak Technologies, Inc.