Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

http://home.mywebsearch.com set as homepage

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

http://home.mywebsearch.com set as homepage

Unread postby snailed » August 11th, 2011, 11:17 pm


http://home.mywebsearch.com is set as my homepage no matter what I do. Please help! Thank you.

DDS (Ver_2011-06-03.01) - NTFSx86
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_26
Run by Dell at 19:43:35 on 2011-08-11
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3061.1891 [GMT -7:00]
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
============== Running Processes ===============
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\STMicroelectronics\Accelerometer\InstallFilterService.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\STMicroelectronics\Accelerometer\FF_Protection.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\T-Mobile\webConnect Manager\TMobileCM.exe
C:\Program Files\T-Mobile\webConnect Manager\RcAppSvc.exe
C:\Program Files\T-Mobile\webConnect Manager\conappssvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\TeamViewer\Version6\TeamViewer.exe
c:\program files\teamviewer\version6\TeamViewer_Desktop.exe
C:\Program Files\TeamViewer\Version6\tv_w32.exe
============== Pseudo HJT Report ===============
uStart Page = hxxp://home.mywebsearch.com/index.jhtml ... GrauWQOUNw
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
mRun: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
mRun: [StartCCC] "c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe" MSRun
mRun: [FreeFallProtection] c:\program files\stmicroelectronics\accelerometer\FF_Protection.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [T-Mobile webConnect Manager] "c:\program files\t-mobile\webconnect manager\TMobileCM.exe" -a
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 10.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
TCP: Interfaces\{20166798-0D32-47CE-AE11-95078DDD0834}\D416E6F62702F46666963656 : DhcpNameServer =
TCP: Interfaces\{4CC871CA-DE7D-4D0A-B714-460C90892445} : DhcpNameServer =
TCP: Interfaces\{AD6AB575-7F39-4F40-AE38-F28CF54B66BB} : NameServer =
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
================= FIREFOX ===================
FF - ProfilePath - c:\users\dell\appdata\roaming\mozilla\firefox\profiles\dix7ak1w.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://home.mywebsearch.com/index.jhtml ... GrauWQOUNw
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsear ... searchfor=
FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.1.0.37\ipsffplgn\components\IPSFFPl.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
============= SERVICES / DRIVERS ===============
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592]
R0 stdflt;Disk Filter Driver for Accelerometer;c:\windows\system32\drivers\stdflt.sys [2010-12-28 15336]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-5 297168]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-12-28 172032]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-4-18 7398752]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]
R2 InstallFilterService;FF Install Filter Service;c:\program files\stmicroelectronics\accelerometer\InstallFilterService.exe [2010-12-28 60928]
R2 TeamViewer6;TeamViewer 6;c:\program files\teamviewer\version6\TeamViewer_Service.exe [2011-5-25 2280312]
R2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\drivers\TurboB.sys [2009-11-2 14808]
R3 Acceler;Accelerometer Service;c:\windows\system32\drivers\Acceler.sys [2010-12-28 28136]
R3 amdkmdag;amdkmdag;c:\windows\system32\drivers\atipmdag.sys [2010-12-28 5342208]
R3 amdkmdap;amdkmdap;c:\windows\system32\drivers\atikmpag.sys [2010-12-28 152064]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-4-14 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 21968]
R3 CATmobile;T-Mobile Con App Svc;c:\program files\t-mobile\webconnect manager\conappssvc.exe [2011-4-6 118784]
R3 O2MDGRDR;O2MDGRDR;c:\windows\system32\drivers\o2mdg.sys [2009-5-22 58528]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-6-10 139776]
R3 tmobile_mf691_dc_enum;tmobile_mf691_dc_enum;c:\windows\system32\drivers\tmobile_mf691_dc_enum.sys [2010-4-9 61952]
R3 TMobileRcAppSvc;T-Mobile RcApp Svc;c:\program files\t-mobile\webconnect manager\RcAppSvc.exe [2011-4-6 114688]
R3 ZTEusbgps;ZTE GPS Port;c:\windows\system32\drivers\ZTEusbgps.sys [2011-6-3 107776]
R3 ZTEusbMB;ZTE NMEAExt2 Port;c:\windows\system32\drivers\ZTEusbnmeaext2.sys [2011-6-3 107776]
R3 ZTEusbwwan;ZTE MBN Miniport;c:\windows\system32\drivers\ZTEusbwwan.sys [2011-6-3 193536]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 massfilter;MBB Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2011-6-3 9216]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2011-5-25 41272]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-7-7 52224]
S3 TurboBoost;TurboBoost;c:\program files\intel\turboboost\TurboBoost.exe [2009-11-2 99728]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-12-28 1343400]
=============== Created Last 30 ================
2011-08-09 23:39:46 3912576 ----a-w- c:\windows\system32\ntoskrnl.exe
2011-08-09 23:39:45 3967872 ----a-w- c:\windows\system32\ntkrnlpa.exe
2011-08-09 23:39:00 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2011-08-09 23:32:34 94208 ----a-w- c:\program files\common files\system\ole db\msdaosp.dll
2011-08-09 23:32:34 86016 ----a-w- c:\windows\system32\odbccu32.dll
2011-08-09 23:32:34 81920 ----a-w- c:\windows\system32\odbccr32.dll
2011-08-09 23:32:34 319488 ----a-w- c:\windows\system32\odbcjt32.dll
2011-08-09 23:32:34 163840 ----a-w- c:\windows\system32\odbctrac.dll
2011-08-09 23:32:34 122880 ----a-w- c:\windows\system32\odbccp32.dll
2011-07-13 07:36:04 2334208 ----a-w- c:\windows\system32\win32k.sys
==================== Find3M ====================
2011-07-22 04:54:18 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2011-07-16 04:27:30 290816 ----a-w- c:\windows\system32\KernelBase.dll
2011-07-16 02:17:19 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2011-07-16 02:17:19 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2011-07-16 02:17:19 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2011-07-16 02:17:19 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2011-07-07 16:11:59 152576 ----a-w- c:\windows\system32\msclmd.dll
2011-07-07 02:52:42 41272 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2011-07-07 02:52:42 22712 ----a-w- c:\windows\system32\drivers\mbam.sys
2011-06-24 04:27:01 169984 ----a-w- c:\windows\system32\winsrv.dll
2011-06-24 04:22:20 271360 ----a-w- c:\windows\system32\conhost.exe
2011-06-21 05:34:23 1290624 ----a-w- c:\windows\system32\drivers\tcpip.sys
2011-06-21 05:28:33 981504 ----a-w- c:\windows\system32\wininet.dll
2011-06-11 04:19:52 472808 ----a-w- c:\windows\system32\deployJava1.dll
2011-05-24 10:44:59 293376 ----a-w- c:\windows\system32\umpnpmgr.dll
============= FINISH: 19:44:11.56 ===============


DDS (Ver_2011-06-03.01)
Microsoft Windows 7 Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 12/28/2010 10:13:17 AM
System Uptime: 8/11/2011 1:57:57 PM (6 hours ago)
Motherboard: Dell Inc. | |
Processor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz | U2E1 | 1600/1333mhz
==== Disk Partitions =========================
C: is FIXED (NTFS) - 466 GiB total, 428.409 GiB free.
D: is CDROM ()
F: is Removable
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP72: 7/7/2011 9:07:53 AM - Windows 7 Service Pack 1
RP73: 7/8/2011 3:00:11 AM - Windows Update
RP74: 7/9/2011 3:00:11 AM - Windows Update
RP75: 7/13/2011 3:00:11 AM - Windows Update
RP76: 7/20/2011 8:08:59 AM - Scheduled Checkpoint
RP77: 7/28/2011 1:48:08 AM - Scheduled Checkpoint
RP78: 8/5/2011 12:45:15 AM - Scheduled Checkpoint
RP79: 8/9/2011 10:30:04 PM - Windows Update
==== Installed Programs ======================
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader X (10.0.1)
Adobe Shockwave Player 11
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ATI Catalyst Install Manager
AVG 2011
Catalyst Control Center - Branding
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Graphics Previews Common
Catalyst Control Center Graphics Previews Vista
Catalyst Control Center InstallProxy
Catalyst Control Center Localization All
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
Debut Video Capture Software
ESET Online Scanner v3
Intel(R) Turbo Boost Technology Monitor
Java Auto Updater
Java(TM) 6 Update 26
K-Lite Mega Codec Pack 5.6.1
Malwarebytes' Anti-Malware version
Microsoft .NET Framework 4 Client Profile
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Mozilla Firefox 5.0 (x86 en-US)
O2Micro Flash Memory Card Windows Driver
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Synaptics Pointing Device Driver
T-Mobile webConnect Manager
TeamViewer 6
VLC media player 1.0.3
==== Event Viewer Messages From Past Week ========
8/9/2011 10:39:13 PM, Error: Service Control Manager [7023] - The Security Center service terminated with the following error: The authentication service is unknown.
==== End Of File ===========================
Active Member
Posts: 11
Joined: June 3rd, 2011, 7:18 pm
Register to Remove

Re: http://home.mywebsearch.com set as homepage

Unread postby Cypher » August 14th, 2011, 12:40 pm

Checking your logs now be right back.
User avatar
Posts: 14936
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: http://home.mywebsearch.com set as homepage

Unread postby Cypher » August 14th, 2011, 12:50 pm

Hi and welcome to Malware Removal Forum.
My name is Cypher, and I will be helping you with your malware problems.
This may or may not, solve other issues you have with your machine.
If you no longer require help i would be grateful if you would let me know.

Before we start please note the following important guidelines.
  • If you don't know or understand something, please don't hesitate to ask.
  • Only post your problem at One help site. Applying fixes from multiple help sites can cause problems.
  • Only reply to this thread do not start another, Please continue responding until I give you the "All Clean"
    Absence of symptoms does not mean that everything is clear.
  • Please DO NOT run any other tools or scans whilst I am helping you.
  • Please DO NOT install any other software (or hardware) during the cleaning process.
  • Print each set of instructions... if possible...your Internet connection will not be available during some fix processes.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • Note: No Reply Within 3 Days Will Result In Your Topic Being Closed!

Note: If you haven't done so already, please read this topic ALL USERS OF THIS FORUM MUST READ THIS FIRST where the conditions for receiving help here are explained.
Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.

Because of this, I advise you to backup any personal files and folders before you start.

Windows 7 Advice:
  • All applications I ask to be used will require to be run in Administrator mode. IE: Right click on and select Run as Administrator.
  • Your Operating System in use comes with a inbuilt utility called User Access Control(UAC).
  • When prompted by this with anything I ask you to do carry out please select the option Allow.

Uninstall programs
  • Click on Start.
  • All programs.
  • Accessories.
  • Run.
  • In the open text box copy/paste appwiz.cpl Then click Ok.
  • Uninstall the following
ESET Online Scanner v3


I see you already have Malwarebytes Anti-Malware installed:

  • Launch the application, Check for Updates >> Perform Quick Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Check all items except items in the C:\System Volume Information folder... and click Remove Selected.
    Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
  • When completed, a log will open in Notepad. please copy and paste the log into your next reply.
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt


Please download OTL by Old Timer and save it to your Desktop.
  • Right click on OTL.exe And select Run as administrator to run it.
  • Under Output, ensure that Minimal Output is selected.
  • Under Extra Registry section, select Use SafeList.
  • Click the Scan All Users checkbox.
  • Click on Run Scan at the top left hand corner.
  • When done, two Notepad files will open.
    • OTL.txt <-- Will be opened
      Extra.txt <-- Will be minimized
  • Please post the contents of these 2 Notepad files in your next reply.

Logs/Information to Post in your Next Reply

  • Malwarebytes log.
  • OTL.txt and Extra.txt contents.
User avatar
Posts: 14936
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: http://home.mywebsearch.com set as homepage

Unread postby Cypher » August 18th, 2011, 11:06 am

Due to a lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
Posts: 14936
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns
Register to Remove

  • Similar Topics
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!

Who is online

Users browsing this forum: No registered users and 16 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware