SUPERAntiSpyware Scan Log Generated 04/07/2007 at 11:55 PM Application Version : 3.6.1000 Core Rules Database Version : 3215 Trace Rules Database Version: 1225 Scan type : Complete Scan Total Scan Time : 01:23:58 Memory items scanned : 527 Memory threats detected : 3 Registry items scanned : 6098 Registry threats detected : 83 File items scanned : 51780 File threats detected : 76 Trojan.WinFixer C:\WINDOWS\SYSTEM32\PMKHE.DLL C:\WINDOWS\SYSTEM32\PMKHE.DLL HKLM\Software\Classes\CLSID\{95C769A3-A1B6-4E8A-A389-D169C119D6EB} HKCR\CLSID\{95C769A3-A1B6-4E8A-A389-D169C119D6EB} HKCR\CLSID\{95C769A3-A1B6-4E8A-A389-D169C119D6EB}\InprocServer32 HKCR\CLSID\{95C769A3-A1B6-4E8A-A389-D169C119D6EB}\InprocServer32#ThreadingModel HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95C769A3-A1B6-4E8A-A389-D169C119D6EB} Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\pmkhe Trojan.Downloader-UniBBB C:\WINDOWS\SYSTEM32\XXYWVTU.DLL C:\WINDOWS\SYSTEM32\XXYWVTU.DLL HKLM\Software\Classes\CLSID\{68218620-3D65-43F6-AD47-D38D84B5412A} HKCR\CLSID\{68218620-3D65-43F6-AD47-D38D84B5412A} HKCR\CLSID\{68218620-3D65-43F6-AD47-D38D84B5412A}\InprocServer32 HKCR\CLSID\{68218620-3D65-43F6-AD47-D38D84B5412A}\InprocServer32#ThreadingModel HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68218620-3D65-43F6-AD47-D38D84B5412A} HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks#{68218620-3D65-43F6-AD47-D38D84B5412A} Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\xxywvtu Adware.MyWebSearch C:\PROGRA~1\MYWEBS~1\BAR\4.BIN\MWSOEMON.EXE C:\PROGRA~1\MYWEBS~1\BAR\4.BIN\MWSOEMON.EXE [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\BAR\4.BIN\MWSOEMON.EXE HKLM\Software\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D} HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D} HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D} HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\InprocServer32 HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\InprocServer32#ThreadingModel HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\Programmable C:\PROGRAMFILER\MYWEBSEARCH\SRCHASTT\4.BIN\MWSSRCAS.DLL HKLM\Software\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D} HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D} HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D} HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\InprocServer32 HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\InprocServer32#ThreadingModel HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\Programmable HKLM\Software\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA} HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\InprocServer32 HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\InprocServer32#ThreadingModel HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\Programmable HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\TypeLib C:\PROGRAMFILER\MYWEBSEARCH\BAR\4.BIN\MWSBAR.DLL HKLM\Software\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA} HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\InprocServer32 HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\InprocServer32#ThreadingModel HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\Programmable HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\TypeLib HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D} HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA} HKU\S-1-5-21-740029904-4241134945-1599825260-1008\Software\Microsoft\Internet Explorer\URLSearchHooks#{00A6FAF6-072E-44cf-8957-5838F569A31D} C:\PROGRAMFILER\MYWEBSEARCH\BAR\4.BIN\MWSOEMON.EXE C:\DOCUMENTS AND SETTINGS\ALL USERS\START-MENY\PROGRAMMER\OPPSTART\MYWEBSEARCH EMAIL PLUGIN.LNK C:\DOCUMENTS AND SETTINGS\LISE\START-MENY\PROGRAMMER\OPPSTART\MYWEBSEARCH EMAIL PLUGIN.LNK C:\WINDOWS\Prefetch\MWSOEMON.EXE-10AD6785.pf Unclassified.Unknown Origin HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{57E218E6-5A80-4f0c-AB25-83598F25D7E9} Adware.MyWay HKLM\Software\Microsoft\Internet Explorer\Toolbar#{0494D0D9-F8E0-41ad-92A3-14154ECE70AC} HKCR\CLSID\{014DA6CD-189F-421a-88CD-07CFE51CFF10} HKCR\CLSID\{014DA6CD-189F-421a-88CD-07CFE51CFF10}\InProcServer32 HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC} HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\Control HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32 HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32#ThreadingModel HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\MiscStatus HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\MiscStatus\1 HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\Programmable HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\TypeLib HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\Version HKLM\Software\MyWay HKLM\Software\MyWay\myBar HKLM\Software\MyWay\myBar#Dir HKLM\Software\MyWay\myBar#ShzmCurInstall HKLM\Software\MyWay\myBar#pid HKLM\Software\MyWay\myBar#CurInstall HKLM\Software\MyWay\myBar#sr HKLM\Software\MyWay\myBar#pl HKLM\Software\MyWay\myBar#Id HKLM\Software\MyWay\myBar#Build HKLM\Software\MyWay\myBar#CacheDir HKLM\Software\MyWay\myBar#HistoryDir HKLM\Software\MyWay\myBar#Visible HKLM\Software\MyWay\myBar#Maximized HKLM\Software\MyWay\myBar#SettingsDir HKLM\Software\MyWay\myBar#ConfigRevisionURL HKLM\Software\MyWay\myBar#strings HKLM\Software\MyWay\myBar#ConfigDateStamp HKLM\Software\MyWay\myBar#ConfigRevision HKLM\Software\MyWay\myBar\partner HKLM\Software\MyWay\myBar\partner#bitmap HKLM\Software\MyWay\myBar\partner#name HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\My Way Speedbar Uninstall HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\My Way Speedbar Uninstall#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\My Way Speedbar Uninstall#HelpLink HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\My Way Speedbar Uninstall#Publisher HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\My Way Speedbar Uninstall#UrlInfoAbout C:\Programfiler\MyWay\myBar\2.bin\MY2NS.EXE C:\Programfiler\MyWay\myBar\2.bin\MYWAYPLUGINPROXY.CLASS C:\Programfiler\MyWay\myBar\2.bin\PARTNER.BMP C:\Programfiler\MyWay\myBar\2.bin\PARTNER.DAT C:\Programfiler\MyWay\myBar\2.bin\PARTNER2.DAT C:\Programfiler\MyWay\myBar\2.bin\PARTNER3.DAT C:\Programfiler\MyWay\myBar\2.bin\PARTNER4.DAT C:\Programfiler\MyWay\myBar\2.bin\PARTNER5.DAT C:\Programfiler\MyWay\myBar\2.bin\PARTNER6.DAT C:\Programfiler\MyWay\myBar\2.bin C:\Programfiler\MyWay\myBar\Cache\0001BD30 C:\Programfiler\MyWay\myBar\Cache\0006D9E8.bin C:\Programfiler\MyWay\myBar\Cache\0006DD04.bin C:\Programfiler\MyWay\myBar\Cache\0006DF56.bin C:\Programfiler\MyWay\myBar\Cache\003307D7 C:\Programfiler\MyWay\myBar\Cache\files.ini C:\Programfiler\MyWay\myBar\Cache C:\Programfiler\MyWay\myBar\History\search C:\Programfiler\MyWay\myBar\History C:\Programfiler\MyWay\myBar\Settings\prevcfg.htm C:\Programfiler\MyWay\myBar\Settings C:\Programfiler\MyWay\myBar C:\Programfiler\MyWay Adware.Tracking Cookie C:\Documents and Settings\Lise\Cookies\lise@ctxtad.tribalfusion[1].txt C:\Documents and Settings\Lise\Cookies\lise@tribalfusion[1].txt C:\Documents and Settings\Håkon\Cookies\håkon@ads.foxkidseurope[2].txt C:\Documents and Settings\Håkon\Cookies\håkon@ads.habbogroup[1].txt C:\Documents and Settings\Håkon\Cookies\håkon@ads.habbohotel[1].txt C:\Documents and Settings\Håkon\Cookies\håkon@ads.ims[2].txt C:\Documents and Settings\Håkon\Cookies\håkon@banner.magicboxcasino[2].txt C:\Documents and Settings\Håkon\Cookies\håkon@e2.emediate[2].txt C:\Documents and Settings\Håkon\Cookies\håkon@lt_stats[2].txt C:\Documents and Settings\Håkon\Cookies\håkon@mywebsearch[2].txt C:\Documents and Settings\Håkon\Cookies\håkon@server.cpmstar[2].txt C:\Documents and Settings\Ingrid\Cookies\ingrid@ads.habbogroup[1].txt C:\Documents and Settings\Ingrid\Cookies\ingrid@ads.habbohotel[2].txt C:\Documents and Settings\Solveig\Cookies\solveig@ad.cibleclick[2].txt C:\Documents and Settings\Solveig\Cookies\solveig@adopt.hotbar[2].txt C:\Documents and Settings\Solveig\Cookies\solveig@ads.foxkidseurope[1].txt C:\Documents and Settings\Solveig\Cookies\solveig@ads.habbogroup[2].txt C:\Documents and Settings\Solveig\Cookies\solveig@ads.habbohotel[1].txt C:\Documents and Settings\Solveig\Cookies\solveig@ads.vg.basefarm[1].txt C:\Documents and Settings\Solveig\Cookies\solveig@atwola[2].txt C:\Documents and Settings\Solveig\Cookies\solveig@banner.laislabonitacasino[2].txt C:\Documents and Settings\Solveig\Cookies\solveig@belnk[1].txt C:\Documents and Settings\Solveig\Cookies\solveig@chat.sex[1].txt C:\Documents and Settings\Solveig\Cookies\solveig@data4.perf.overture[2].txt C:\Documents and Settings\Solveig\Cookies\solveig@dist.belnk[2].txt C:\Documents and Settings\Solveig\Cookies\solveig@e2.emediate[2].txt C:\Documents and Settings\Solveig\Cookies\solveig@ehg-dig.hitbox[2].txt C:\Documents and Settings\Solveig\Cookies\solveig@elitespill[1].txt C:\Documents and Settings\Solveig\Cookies\solveig@focalex[1].txt C:\Documents and Settings\Solveig\Cookies\solveig@http.edge.vru4[1].txt C:\Documents and Settings\Solveig\Cookies\solveig@i.screensavers[2].txt C:\Documents and Settings\Solveig\Cookies\solveig@mywebsearch[2].txt C:\Documents and Settings\Solveig\Cookies\solveig@offeroptimizer[1].txt C:\Documents and Settings\Solveig\Cookies\solveig@rightmedia[2].txt C:\Documents and Settings\Solveig\Cookies\solveig@starware[2].txt C:\Documents and Settings\Solveig\Cookies\solveig@stat.katalysatormedia[1].txt C:\Documents and Settings\Solveig\Cookies\solveig@stats1.reliablestats[2].txt C:\Documents and Settings\Solveig\Cookies\solveig@winfixer[1].txt C:\Documents and Settings\Solveig\Cookies\solveig@www.mystats[2].txt C:\Documents and Settings\Solveig\Cookies\solveig@www.screensavers[2].txt C:\Documents and Settings\Solveig\Cookies\solveig@www.sex[1].txt C:\Documents and Settings\Solveig\Cookies\solveig@www.winfixer[1].txt C:\Documents and Settings\Solveig\Cookies\solveig@xiti[1].txt Trojan.Downloader-CREW C:\SYSTEM VOLUME INFORMATION\_RESTORE{D605E2CB-B3C5-4B2C-AE68-C3128058031A}\RP964\A0278141.DLL