Help again

Status
Not open for further replies.
D

Dustin123

Baseband Member
Messages
61
Dads laptop this time, I know for a fact that he watched porn on it and the home page was a porn site....
Here's malwarebyte's log.
Code: 
Malwarebytes' Anti-Malware 1.39
Database version: 2531
Windows 6.0.6001 Service Pack 1

7/30/2009 2:49:44 PM
mbam-log-2009-07-30 (14-49-44).txt

Scan type: Full Scan (C:\|D:\|E:\|)
Objects scanned: 248063
Time elapsed: 43 minute(s), 44 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 32
Registry Values Infected: 2
Registry Data Items Infected: 1
Folders Infected: 102
Files Infected: 232

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{22c12739-c111-44c6-9bb7-f335c2a9be2a} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{edb1a56e-2224-4c79-a4bd-42a39c6e4608} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{27ff1ee8-8ccc-49e1-b801-f212e3744e80} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1d975a5e-1126-4f46-a423-41781934a63e} (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\AppID\AIMActiveXDLL.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Funband Serach (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1fb52ab3-5987-45a2-85e0-f3ec30dddc29}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{16b6279b-9ff5-41fb-8bf9-404324f5dd1f}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{c5096216-7703-409e-b85a-8a6ee7395128}}_is1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\JuicyAccess Toolbar (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\Outlook\Addins\OEActiveXDLL.DesktopOEAddin1 (Adware.DoubleD) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> Quarantined and deleted successfully.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3PopularScreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktopChanges (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
C:\Program Files (x86)\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Avatar (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\icons (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Notifier (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\funwebproducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\funwebproducts\screensaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.
C:\Program Files (x86)\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\JuicyAccess Toolbar (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Cache (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Skins (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Media Access Startup (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\media access startup\1.5.0.850 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\media access startup\1.5.0.850\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\media access startup\1.5.0.850\FF (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\media access startup\1.5.0.850\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\media access startup\1.5.0.850\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\media access startup\1.5.0.850\FF\components (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Internet Saving Optimizer (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\internet saving optimizer\3.4.0.4340 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\internet saving optimizer\3.4.0.4340\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\internet saving optimizer\3.4.0.4340\FF (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\internet saving optimizer\3.4.0.4340\FF\chrome (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\internet saving optimizer\3.4.0.4340\FF\chrome\content (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\internet saving optimizer\3.4.0.4340\FF\components (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\Program Files (x86)\System Search Dispatcher (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\system search dispatcher\1.3.0.840 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\system search dispatcher\1.3.0.840\Data (Adware.DoubleD) -> Quarantined and deleted successfully.
C:\ProgramData\{5EA804FD-5E7A-4405-A638-CAFBD22489D9} (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\15D3A7BB (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\15D3A7BB\3E688669 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\24618E3F (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\24618E3F\611F5CA (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\29A73ACD (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\29A73ACD\3E688669 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\2A3DCDAF (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\2A3DCDAF\611F5CA (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\36F1A852 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\36F1A852\3E688669 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\3FA86A06 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\3FA86A06\3E688669 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\4DAC9037 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\4DAC9037\611F5CA (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\4F73E13A (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\4F73E13A\3E688669 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\50EF6DF6 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\50EF6DF6\3E688669 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\51B9750F (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\51B9750F\611F5CA (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\6216A4BD (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\6216A4BD\3E688669 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\62404B3E (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\62404B3E\3E688669 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\628759C1 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\628759C1\3E688669 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\69E6D3E5 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\69E6D3E5\3E688669 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\879169BE (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\879169BE\611F5CA (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\9B242A8C (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\9B242A8C\611F5CA (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\A26F7F7 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\A26F7F7\3E688669 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\A53562F1 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\A53562F1\3E688669 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\B3AC8875 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\B3AC8875\3E688669 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\B75FA91E (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\B75FA91E\3E688669 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\BED3DEFB (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\BED3DEFB\3E688669 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\C3C6C2CD (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\C3C6C2CD\3E688669 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\C41B8701 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\C41B8701\3E688669 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\C90EEF64 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\C90EEF64\3E688669 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\CC8FDF08 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\CC8FDF08\3E688669 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\CE8732D (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\CE8732D\3E688669 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\D5797E3B (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\D5797E3B\3E688669 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\EB91CE86 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\EB91CE86\3E688669 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\F0A80E14 (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\F0A80E14\5702F56C (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mFileBagIDE.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mfilebagide.dll\bag (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mIDEFunc.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mIDEWriteReg.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mMSI.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
 
Code: 
Files Infected:
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\AxGifAnimator.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\MyDll.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Riched20Smiley.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\stbAol.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\stbasst.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\stbdl.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\stbMsn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\stbOL.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\stbOLEX.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\stbsvc.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\stbYahoo8.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\stbYahoo9.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\1.bin\F3IMSTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\1.bin\F3PSSAVR.SCR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\1.bin\F3RESTUB.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\1.bin\M3HIGHIN.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\1.bin\M3IDLE.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\1.bin\M3IMPIPE.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\1.bin\M3MEDINT.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\1.bin\M3SKPLAY.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\1.bin\M3SLSRCH.EXE (Adware.MyWeb) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\1.bin\NPMYWEBS.DLL (Adware.MyWeb) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\15D3A7BB\3E688669\stbappHelper.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\29A73ACD\3E688669\stb0.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\36F1A852\3E688669\MyDll.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\3FA86A06\3E688669\HookAPINT.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\4F73E13A\3E688669\stbapp.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\50EF6DF6\3E688669\Riched20Smiley.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\6216A4BD\3E688669\stbYahoo8.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\628759C1\3E688669\stbOLEX.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\69E6D3E5\3E688669\stbapp.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\A26F7F7\3E688669\stbOL.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\A53562F1\3E688669\AIMActiveXDLL.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\B3AC8875\3E688669\stbMsn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\B75FA91E\3E688669\stbsvc.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\BED3DEFB\3E688669\stbasst.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\C3C6C2CD\3E688669\stbIE.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\C41B8701\3E688669\stbAol.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\C90EEF64\3E688669\AxGifAnimator.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\CC8FDF08\3E688669\OEActiveXDLL.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\CE8732D\3E688669\ProductInfo.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\D5797E3B\3E688669\stbYahoo9.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\EB91CE86\3E688669\stbdl.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mfilebagide.dll\bag\ProductInfo.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mfilebagide.dll\bag\SSD.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mfilebagide.dll\bag\stbpx.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mfilebagide.dll\bag\stbreaim.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mfilebagide.dll\bag\stbrewlm.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mfilebagide.dll\bag\stbrunwlm.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mfilebagide.dll\bag\stbsh.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mfilebagide.dll\bag\stbterm.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\Users\Don\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\F7GORJ0T\stbup[1].exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\Users\Don\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\MCJMMH5A\juicyaccess_installer[1].exe (Adware.BHO) -> Quarantined and deleted successfully.
c:\Users\Don\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\MCJMMH5A\Setup[1].exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\Users\Don\AppData\Local\microsoft\Windows\temporary internet files\Content.IE5\YWTW3917\productinfo[1].dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\Users\Don\AppData\Local\microsoft\Windows\temporary internet files\Low\DoubleD\juicyaccess toolbar\4.1.4.20920\bin\stbup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\Users\Don\AppData\Local\microsoft\Windows\temporary internet files\Low\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\productinfo.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\Users\Don\AppData\Local\microsoft\Windows\temporary internet files\Low\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\Setup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\Users\Don\AppData\Local\microsoft\Windows\temporary internet files\Low\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\stbup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\Windows\System32\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\Windows\SysWOW64\f3PSSavr.scr (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\1.bin\F3SCHMON.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\1.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\1.bin\M3FFXTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\1.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\1.bin\M3NTSTBR.JAR (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\1.bin\M3NTSTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\mywebsearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\gdiplus.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\mfc80.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Microsoft.VC80.CRT.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Microsoft.VC80.MFC.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\msvcr80.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\SkinCrafterDll.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Cache\01c9eb2893468d1fba80553d2b75bd30.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Cache\867b44b1158783875052f103c3a2f11a.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Cache\bc83ac54dd36e7479704363c8fbd7e43.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Cache\c14631dd1d688aa0ae8e9c9dd396c653.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Cache\default1.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Cache\loading.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Cache\loading.gif (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Data\Module_DailyVideo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Data\Module_Game.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Data\Module_Logo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Data\Module_Option.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Data\Module_Search.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Data\Module_Smiley_TellAFriend.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Data\Module_Wallpaper.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Data\Module_Web.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Data\pixel.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Data\profile.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Data\SearchEngineList.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Data\tbcore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Data\ToolbarLayout.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Data\UpdateCentre.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Data\UpdateCentreBk.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\About.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\Component_ComboBox.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
 
Code: 
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\Module_DailyVideo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\Module_Game.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\Module_Logo.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\Module_Option.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\Module_Search.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\Module_Smiley.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\Module_Wallpaper.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\Module_Web.mg (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\TBBtnDefault.png (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\TBBtnDisplay.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\TBBtnDisplay.png (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\TBBtnDisplay18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\TBBtnDisplay20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\TBBtnGlitters.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\TBBtnGlitters.png (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\TBBtnGlitters18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\TBBtnGlitters20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\TBBtnOption.png (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\TBBtnSmiley.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\TBBtnSmiley.png (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\TBBtnSmiley18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\TBBtnSmiley20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\TBBtnTellFd.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\TBBtnTellFd.png (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\TBBtnTellFd18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\TBBtnTellFd20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\TBBtnWink.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\TBBtnWink.png (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\TBBtnWink18.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Icons\TBBtnWink20.bmp (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Skins\myskin1.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Skins\myskin2.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Skins\myskin3.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Skins\myskin4.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Skins\TellafriendSkin.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Skins\TellafriendSkin_s.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\DoubleD\juicyaccess toolbar\4.1.4.20920\Skins\ToastSkin.skf (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\media access startup\1.5.0.850\HPCommon.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\media access startup\1.5.0.850\hppx.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\media access startup\1.5.0.850\MAHelper.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\media access startup\1.5.0.850\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\media access startup\1.5.0.850\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\media access startup\1.5.0.850\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\media access startup\1.5.0.850\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\media access startup\1.5.0.850\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\media access startup\1.5.0.850\FF\chrome\HPAddOn.jar (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\media access startup\1.5.0.850\FF\chrome\content\HPAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\media access startup\1.5.0.850\FF\chrome\content\HPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\media access startup\1.5.0.850\FF\components\HPFFAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\media access startup\1.5.0.850\FF\components\HPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\media access startup\1.5.0.850\FF\components\HPFFHelperComponent.js (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\internet saving optimizer\3.4.0.4340\adwpx.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\internet saving optimizer\3.4.0.4340\NPCommon.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\internet saving optimizer\3.4.0.4340\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\internet saving optimizer\3.4.0.4340\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\internet saving optimizer\3.4.0.4340\Data\config.md (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\internet saving optimizer\3.4.0.4340\FF\chrome.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\internet saving optimizer\3.4.0.4340\FF\install.rdf (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\internet saving optimizer\3.4.0.4340\FF\chrome\NPAddOn.jar (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\internet saving optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.js (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\internet saving optimizer\3.4.0.4340\FF\chrome\content\NPAddOn.xul (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\internet saving optimizer\3.4.0.4340\FF\components\NPFFAddOn.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\internet saving optimizer\3.4.0.4340\FF\components\NPFFAddOn.xpt (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\internet saving optimizer\3.4.0.4340\FF\components\NPFFHelperComponent.js (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\system search dispatcher\1.3.0.840\unins000.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\system search dispatcher\1.3.0.840\unins000.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\system search dispatcher\1.3.0.840\Data\eacore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\system search dispatcher\1.3.0.840\Data\URLDynamic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\program files (x86)\system search dispatcher\1.3.0.840\Data\URLStatic.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\instance.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\mia.lib (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\Setup.dat (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\Setup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\Setup.msi (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\Setup.par (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\Setup.res (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\{1D975A5E-1126-4F46-A423-41781934A63E} (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\{5EA804FD-5E7A-4405-A638-CAFBD22489D9} (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\24618E3F\611F5CA\Microsoft.VC80.MFC.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\2A3DCDAF\611F5CA\SkinCrafterDll.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\4DAC9037\611F5CA\gdiplus.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\51B9750F\611F5CA\msvcr80.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\62404B3E\3E688669\FFToolbar.xml (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\879169BE\611F5CA\mfc80.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\9B242A8C\611F5CA\Microsoft.VC80.CRT.manifest (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\F0A80E14\5702F56C\home.juicyaccess.com.url (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mfilebagide.dll\mFileBagEXE.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mfilebagide.dll\bag\AdwareSetup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mfilebagide.dll\bag\cfcpxlog.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mfilebagide.dll\bag\FFToolbar.xpi (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mfilebagide.dll\bag\HJSetup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mfilebagide.dll\bag\libiconv2.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mfilebagide.dll\bag\libintl3.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mfilebagide.dll\bag\MsiZap.Exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mfilebagide.dll\bag\msvcp60.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mfilebagide.dll\bag\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mfilebagide.dll\bag\setup.exe (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mfilebagide.dll\bag\sqlite3.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mfilebagide.dll\bag\tbcore.mx (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mfilebagide.dll\bag\tre4.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mIDEFunc.dll\mEXEFunc.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\midewritereg.dll\mEXEWriteReg.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\programdata\{5ea804fd-5e7a-4405-a638-cafbd22489d9}\OFFLINE\mMSI.dll\mMSIExec.dll (Adware.DoubleD) -> Quarantined and deleted successfully.
c:\Users\Don\favorites\home.juicyaccess.com.url (Adware.DoubleD) -> Quarantined and deleted successfully.
Going to run combo fix then malware again.
EDIT:Can't install combo fix since this laptop is vista.
This sure does suck.
 
Here's a hijack this log. will run malware again.
Code: 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:03:07 PM, on 7/30/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18248)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Java\jre6\bin\jusched.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\Internet Explorer\ieuser.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msntask.exe
C:\Windows\SysWow64\Macromed\Flash\FlashUtil10b.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_us&c=91&bd=Pavilion&pf=cnnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~2\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [DVDAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe"
O4 - HKLM\..\Run: [TSMAgent] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\TSMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer for HP TouchSmart] "C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [TVAgent] "C:\Program Files (x86)\Hewlett-Packard\Media\TV\TVAgent.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Media\Webcam" update "Software\Hewlett-Packard\Media\Webcam"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [QlbCtrl.exe] "C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" /Start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~2\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~2\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix: 
O23 - Service: Andrea ST Filters Service (AESTFilters) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\AESTSr64.exe (file missing)
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Unknown owner - C:\Windows\system32\agr64svc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing)
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: My Web Search Service (MyWebSearchService) - Unknown owner - C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Recovery Service for Windows - Unknown owner - C:\Program Files (x86)\SMINST\BLService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Audio Service (STacSV) - Unknown owner - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_bd5387da\STacSV64.exe (file missing)
O23 - Service: TV Background Capture Service (TVBCS) (TVCapSvc) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVCapSvc.exe
O23 - Service: TV Task Scheduler (TVTS) (TVSched) - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\Media\TV\Kernel\TV\TVSched.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11526 bytes
 
Remove

O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~2\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF

O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~2\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w

O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe

O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwsoemon.exe

O23 - Service: My Web Search Service (MyWebSearchService) - Unknown owner - C:\PROGRA~2\MYWEBS~1\bar\1.bin\mwssvc.exe (file missing)
 
After I remove those should I run malware again?
I clicked fix checked and they still remain in there.
;/
 
I need you to run combofix now and then malwarebytes again, post both of their logs and then post a new hijackthis log.
 
I can't run combofix on that type of vista.
It says it can only run on windows 2000 or w/e.
 
Did you run as administrator? Have you tried running in compatibility mode for XP? Pretty sure it's supposed to work with Vista...
 
Status
Not open for further replies.

Similar threads

XWrench3
hijack this scan
Replies
6
Views
2K
XWrench3
XWrench3
N
Laptop slowing down in function (internet and general apps)
Replies
1
Views
3K
Trotter
Trotter
G
Computer slow and work in background
Replies
0
Views
2K
grecycle99
G
C
Hacked by malware
2
Replies
10
Views
8K
PP Mguire
PP Mguire
N
Your computer appears to be correctly configured, but the device or resource (DNS server) is not responding"
Replies
0
Views
4K
nev
N
Back
Top Bottom