Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:20:15 PM, on 3/28/2009
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\soundman.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ie/
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\system32\soundman.exe
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKLM\..\RunOnce: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\RunOnce: [SpybotDeletingB3246] command.com /c del "C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4732] cmd.exe /c del "C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingB778] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9176] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9922] command.com /c del "C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4960] cmd.exe /c del "C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1547] command.com /c del "C:\Program Files\FunWebProducts\Shared\Cache\MailStampBtn-new.html"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8491] cmd.exe /c del "C:\Program Files\FunWebProducts\Shared\Cache\MailStampBtn-new.html"
O4 - HKCU\..\RunOnce: [SpybotDeletingB451] command.com /c del "C:\Program Files\FunWebProducts\Shared\Cache\MailStampBtn.html"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6612] cmd.exe /c del "C:\Program Files\FunWebProducts\Shared\Cache\MailStampBtn.html"
O4 - HKCU\..\RunOnce: [SpybotDeletingB355] command.com /c del "C:\Program Files\FunWebProducts\Shared\Cache\MyStationeryBtn-new.html"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4330] cmd.exe /c del "C:\Program Files\FunWebProducts\Shared\Cache\MyStationeryBtn-new.html"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4024] command.com /c del "C:\Program Files\FunWebProducts\Shared\Cache\MyStationeryBtn.html"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9490] cmd.exe /c del "C:\Program Files\FunWebProducts\Shared\Cache\MyStationeryBtn.html"
O4 - HKCU\..\RunOnce: [SpybotDeletingB188] command.com /c del "C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7049] cmd.exe /c del "C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5119] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8609] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1716] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7035] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5139] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingD570] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7565] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3145] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3HTTPCT.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7850] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6845] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingB827] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4859] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3MSG.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3057] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7438] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3HTML.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2476] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2480] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7619] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5215] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3237] command.com /c del "C:\Program Files\MyWebSearch\bar\History\search3"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8150] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\History\search3"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2242] command.com /c del "C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7479] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8529] command.com /c del "C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2544] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5841] command.com /c del "C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8517] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2448] command.com /c del "C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6154] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9125] command.com /c del "C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9607] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2584] command.com /c del "C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4736] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingB5039] command.com /c del "C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1675] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6706] command.com /c del "C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7492] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1091] command.com /c del "C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingD199] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2926] command.com /c del "C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3567] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8141] command.com /c del "C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6414] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8543] command.com /c del "C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4045] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2875] command.com /c del "C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5062] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9534] command.com /c del "C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7659] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3434] command.com /c del "C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9534] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3264] command.com /c del "C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5040] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3543] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8048] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT"
O4 - HKCU\..\RunOnce: [SpybotDeletingB409] command.com /c del "C:\Program Files\MyWebSearch\bar\Settings\settings.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8501] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Settings\settings.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4247] command.com /c del "C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6013] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat"
O4 - HKCU\..\RunOnce: [SpybotDeletingB2392] command.com /c del "C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4107] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7489] command.com /c del "C:\Program Files\MyWebSearch\bar\Settings\setting2.htm"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2382] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Settings\setting2.htm"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3896] command.com /c del "C:\Program Files\MyWebSearch\bar\icons\CM.ICO"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2661] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\icons\CM.ICO"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8442] command.com /c del "C:\Program Files\MyWebSearch\bar\icons\MFC.ICO"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5496] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\icons\MFC.ICO"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9968] command.com /c del "C:\Program Files\MyWebSearch\bar\icons\PSS.ICO"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6338] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\icons\PSS.ICO"
O4 - HKCU\..\RunOnce: [SpybotDeletingB460] command.com /c del "C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4433] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3494] command.com /c del "C:\Program Files\MyWebSearch\bar\icons\WB.ICO"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1113] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\icons\WB.ICO"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4482] command.com /c del "C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4438] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7142] command.com /c del "C:\Program Files\MyWebSearch\bar\Cache\files.ini"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2054] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Cache\files.ini"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6620] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6017] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.JAR"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8314] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR"
O4 - HKCU\..\RunOnce: [SpybotDeletingD948] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.JAR"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9919] command.com /c del "C:\Program Files\MyWebSearch\bar\Cache\0054098C.bin"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5864] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Cache\0054098C.bin"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3711] command.com /c del "C:\Program Files\MyWebSearch\bar\Cache\00540CF7.bin"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8337] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Cache\00540CF7.bin"
O4 - HKCU\..\RunOnce: [SpybotDeletingB3878] command.com /c del "C:\Program Files\MyWebSearch\bar\Cache\00540E8E.bin"
O4 - HKCU\..\RunOnce: [SpybotDeletingD733] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Cache\00540E8E.bin"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8204] command.com /c del "C:\Program Files\MyWebSearch\bar\Cache\00541053.bin"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7789] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Cache\00541053.bin"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1168] command.com /c del "C:\Program Files\MyWebSearch\bar\Cache\005411F9.bin"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1150] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Cache\005411F9.bin"
O4 - HKCU\..\RunOnce: [SpybotDeletingB840] command.com /c del "C:\Program Files\MyWebSearch\bar\Cache\0060EDE7.bin"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1778] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Cache\0060EDE7.bin"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7361] command.com /c del "C:\Program Files\MyWebSearch\bar\Cache\0060F142.bin"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4649] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\Cache\0060F142.bin"
O4 - HKCU\..\RunOnce: [SpybotDeletingB561] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3693] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3HIGHIN.EXE"
O4 - HKCU\..\RunOnce: [SpybotDeletingB842] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7461] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3IDLE.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9181] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5489] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4183] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.EXE"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9787] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3MEDINT.EXE"
O4 - HKCU\..\RunOnce: [SpybotDeletingB934] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7648] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6655] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8206] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE"
O4 - HKCU\..\RunOnce: [SpybotDeletingB882] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9304] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\M3SLSRCH.EXE"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6596] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5900] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE"
O4 - HKCU\..\RunOnce: [SpybotDeletingB417] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingD7163] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingB563] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE"
O4 - HKCU\..\RunOnce: [SpybotDeletingD4344] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7718] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingD1978] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\NPMYWEBS.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6179] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9635] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9418] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingD2254] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3IMSTUB.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingB7197] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingD5439] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingB9327] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3217] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR"
O4 - HKCU\..\RunOnce: [SpybotDeletingB8210] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3807] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingB6490] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9453] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL"
O4 - HKCU\..\RunOnce: [SpybotDeletingB432] command.com /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE"
O4 - HKCU\..\RunOnce: [SpybotDeletingD8427] cmd.exe /c del "C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE"
O4 - HKUS\S-1-5-18\..\Run: [Microsoft Msn Messenger] C:\WINDOWS\System32\msmsgs.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Microsoft Msn Messenger] C:\WINDOWS\System32\msmsgs.exe (User 'Default user')
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Search - ?p=ZKxdm021YYIE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1238249100750
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file missing)
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe (file missing)
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe
O23 - Service: Network Windows Service (MSWindows) - Unknown owner - C:\WINDOWS\System32\urdvxc.exe

--
End of file - 20865 bytes