okay now its says a problem has been detected and windows has been shut down to prevent damage to your computer. It was a blue screen and then it just Shut down completely.

That was when Combofix ran is that correct ?

If so restart the computer and select F8 to get the menu up and select Safe mode

Correct, I selected safe mode and now it says loading windows files.

Edit: I also wasnt able to save the report form OTL because the system rebooted unexpectedly, would you like me to run it again or not?

This post has been edited by onkaloonka: Nov 7 2009, 02:57 PM

The report should be at c:\ OTS

Well I'm on a different computer, and if that one is in safe mode how do you want me to get the reports to you?

If you could now run combofix in safe mode it should go back to normal mode on completion

Oh, I'm supposed to run combofix once im in safe mode?

Aye sorry I should have been clearer in my instructions

Alrite, Its fine, running it now, Ha, cant believe zonealarm firewall works in safe mode, do I really need to disable it for combofix to run?

Nope

Alrite, I guess it worked, now my pc is shutdown, should I start it back up into normal mode?

Should do - it should start automatically

It didnt automaticly, but im starting up right now

Heres the reports of avenger and OTL:

OTL:
All processes killed
========== OTL ==========
No active process named MWSOEMON.EXE was found!
Process MWSSVC.EXE killed successfully!
No active process named M3SRCHMN.EXE was found!
Service Akamai stopped successfully!
Service Akamai deleted successfully!
c:\Program Files\Common Files\Akamai\rswin_3600.dll moved successfully.
Service MyWebSearchService stopped successfully!
Service MyWebSearchService deleted successfully!
C:\Program Files\MyWebSearch\bar\1.bin\MWSSVC.EXE moved successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{00A6FAF6-072E-44cf-8957-5838F569A31D} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}\ deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL moved successfully.
Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{01dfd24d-73eb-497f-8dfd-7ea79365af4a} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01dfd24d-73eb-497f-8dfd-7ea79365af4a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}\ deleted successfully.
File C:\Program Files\MyWebSearch\bar\1.bin\MWSSRCAS.DLL not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{01dfd24d-73eb-497f-8dfd-7ea79365af4a}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01dfd24d-73eb-497f-8dfd-7ea79365af4a}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\ deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{01dfd24d-73eb-497f-8dfd-7ea79365af4a} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01dfd24d-73eb-497f-8dfd-7ea79365af4a}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ deleted successfully.
File C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{01DFD24D-73EB-497F-8DFD-7EA79365AF4A} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{01DFD24D-73EB-497F-8DFD-7EA79365AF4A}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{07B18EA9-A523-4961-B6BB-170DE4475CCA} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\ not found.
File C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\My Web Search Bar Search Scope Monitor deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Email Plugin deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE moved successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\MyWebSearch Plugin deleted successfully.
C:\Program Files\MyWebSearch\bar\1.bin\M3PLUGIN.DLL moved successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\PopRock not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\sl1000 not found.
C:\Users\Administrator.BluhmBros-PC\AppData\Local\TempImages\sl1000.exe moved successfully.
Starting removal of ActiveX control {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
C:\Windows\Downloaded Program Files\f3initialsetup1.0.1.1.inf moved successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}\ not found.
C:\WINDOWS\win32k.sys moved successfully.
C:\WINDOWS\System32\BF58954A04.dll moved successfully.
========== FILES ==========
C:\Program Files\MyWebSearch\bar\Settings folder moved successfully.
C:\Program Files\MyWebSearch\bar\Notifier folder moved successfully.
C:\Program Files\MyWebSearch\bar\Message folder moved successfully.
C:\Program Files\MyWebSearch\bar\icons folder moved successfully.
C:\Program Files\MyWebSearch\bar\History folder moved successfully.
C:\Program Files\MyWebSearch\bar\Game folder moved successfully.
C:\Program Files\MyWebSearch\bar\Avatar folder moved successfully.
C:\Program Files\MyWebSearch\bar\1.bin folder moved successfully.
C:\Program Files\MyWebSearch\bar folder moved successfully.
C:\Program Files\MyWebSearch folder moved successfully.
File\Folder C:\Program Files\freevideomaster not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: Administrator

User: Administrator.BluhmBros-PC
->Temp folder emptied: 687272 bytes
->Temporary Internet Files folder emptied: 3238314 bytes
->Java cache emptied: 0 bytes

User: All Users

User: Bluhm Bros
->Temp folder emptied: 455955 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 70727528 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 3050 bytes
RecycleBin emptied: 2934 bytes

Total Files Cleaned = 71.67 mb


OTL by OldTimer - Version 3.1.4.0 log created on 11072009_151631

Files\Folders moved on Reboot...
C:\Users\Bluhm Bros\AppData\Local\Temp\~DFA325.tmp moved successfully.
File\Folder C:\Windows\temp\ZLT06559.TMP not found!

Registry entries deleted on Reboot...

This post has been edited by onkaloonka: Nov 7 2009, 03:49 PM

Could you post the combofix log please it should be at C:\combofix.txt