View Full Version : Infection help (Logs included)
Magnesium
2008-06-11, 00:11
Hi, im new to this site and i was wondering if you could help me with my computer, one of the problems ive had for the longest time is being unable to switch images for a desktop background and in the desktop background it says [None] with a red circle and bar .
I ran Spybot S & D which found cookies that were removed. I then ran a Kaspersky online scan which found 5 infections, and also an HJT log.
Both HJT log and Kaspersky log are provided below, respectively:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:02:52 PM, on 6/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {232D2677-68EE-4FA1-B988-279EBC8969ED} - (no file)
O2 - BHO: (no name) - {512aa4a5-27a7-48c7-9775-f4565e4fb02a} - C:\WINDOWS\system32\ylyvovy.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7C1A9EB8-8846-4F7E-AE3E-6E87C524091F} - C:\Program Files\NetMeeting\safenury83122.dll (file missing)
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: (no name) - {B08AF244-438F-482C-8B5F-4DE602F15E93} - C:\WINDOWS\system32\dfrn.dll (file missing)
O2 - BHO: (no name) - {BCF30268-E268-4274-80A9-A1CB92B7E72C} - C:\WINDOWS\system32\ssqpp.dll (file missing)
O2 - BHO: (no name) - {D58EE65D-7F45-4683-91D4-23F4FFDC0A7A} - (no file)
O2 - BHO: (no name) - {DC05099A-DA98-48B8-AA39-674A3B6A496A} - C:\Program Files\NetMeeting\safenury4444.dll (file missing)
O2 - BHO: (no name) - {E7B1BD97-3258-4CC4-83E4-10A21EF3F34C} - C:\WINDOWS\system32\gebayvv.dll (file missing)
O2 - BHO: (no name) - {FDFA8B1A-E83D-4B32-BE56-DB52C5A36903} - C:\Program Files\NetMeeting\safenury555077.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk.disabled
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\DOCUME~1\ADMINI~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O20 - AppInit_DLLs: c:\windows\system32\ldcore.dll
O20 - Winlogon Notify: efcawuu - efcawuu.dll (file missing)
O20 - Winlogon Notify: gebayvv - gebayvv.dll (file missing)
O20 - Winlogon Notify: vtstsss - vtstsss.dll (file missing)
O20 - Winlogon Notify: winmqx32 - winmqx32.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O24 - Desktop Component 0: (no name) - C:\Program Files\Internet Explorer\bazy.html
--
End of file - 7023 bytes
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Tuesday, June 10, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Tuesday, June 10, 2008 14:33:01
Records in database: 845725
--------------------------------------------------------------------------------
Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes
Scan area - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\
Scan statistics:
Files scanned: 75414
Threat name: 5
Infected objects: 5
Suspicious objects: 0
Duration of the scan: 00:47:21
File name / Threat name / Threats count
C:\Documents and Settings\Administrator\.jpi_cache\jar\1.0\jvmsecman.jar-6b26dca8-4a1172dd.zip Infected: Trojan-Downloader.Java.Agent.f 1
C:\Documents and Settings\Administrator\Local Settings\Temp\snapsnet.exe Infected: Trojan-Downloader.Win32.VB.ccs 1
C:\RECYCLER\S-1-5-21-1060284298-1035525444-725345543-500\Dc45.html Infected: Trojan-Clicker.HTML.IFrame.dn 1
C:\WINDOWS\system32\cmdow.exe Infected: not-a-virus:RiskTool.Win32.HideWindows 1
C:\WINDOWS\ѕеcurity\wοwexec.exe Infected: not-a-virus:AdWare.Win32.PurityScan.gq 1
The selected area was scanned.
pskelley
2008-06-12, 15:27
Welcome to Safer Networking, I wish to be sure you have viewed and understand this information.
"BEFORE you POST" (READ this Procedure before Requesting Assistance)
http://forums.spybot.info/showthread.php?t=288
All advice given is taken at your own risk.
Please make sure you have read this information so we are on the same page.
You are infected, I suggest you keep this computer offline except when troubleshooting, the junk may download more. If you have any tool I use, delete it and download it new from the link I provide. Read and follow the directions carefully, the tools will not work unless you do.
Looks like a possible Vundo infection and more, I see this:
http://www.sophos.com/security/analyses/viruses-and-spyware/trojdloadraqg.html
ldcore.dll includes functionality to access the internet and communicate with a remote server via HTTP, and to download, install and run new software.
I you still want help, I will do my best but I need some help from you first.
1) I know what NetMeeting is but this is the first time I have seen it running like this:
O2 - BHO: (no name) - {7C1A9EB8-8846-4F7E-AE3E-6E87C524091F} - C:\Program Files\NetMeeting\safenury83122.dll (file missing)
Do you know what this is and why it is running on your computer.
2) Are you aware this is running on the computer?
C:\WINDOWS\system32\cmdow.exe ------> RiskTool.Win32.HideWindows 1
http://www.google.com/search?hl=en&q=cmdow.exe&btnG=Search
3) I am 99.9% sure your antivirus program expired 5/31/2008 (Run AVG free myself) It is a waste of your time and mine to clean a computer with an out of date antivirus program. Here is the link for the update (free) version if you plan to continue with AVG:
http://free.grisoft.com/ww.download-avg-anti-virus-free-edition
Update and run a system scan, delete or quarantine what AVG finds and post the scan results for me to view.
Add the information I requested and any comments you think will help.
This is only a start...
Thanks
Magnesium
2008-06-13, 03:45
Thank you fo replying Pskelley,
As far as the Sophos link is concerned i have some questions: i clicked on "instructions for removing the threat." it brought me to a link where i had instructions in order to remove the trojan. So do you want me to download the Sophos program in order to remove the trojan?
1) I really do not know what that is and why its running on my computer, but after i ran the AVG scan with the updated version i tried following that directory and i could not find "safenury83122.dll" in the NetMeeting folder.
2) cmdow.exe was removed once i ran an updated AVG scan on the new version 8.0 with the link you provided me (i deleted the outdated version as you instructed before downloading the updated version). and no i wasnt aware that that was running in my computer
3) Here is the AVG scan results as you requested(too long so i put it as next reply):
Magnesium
2008-06-13, 03:47
Scan "Scan whole computer" was finished.
Infections found:;"2"
Infected objects removed or healed;"2"
Not removed or healed.;"0"
Spyware found:;"4"
Spyware removed:;"4"
Not removed:;"0"
Warnings count:;"96"
Information count:;"0"
Scan started:;"Thursday, June 12, 2008, 6:52:27 PM"
Total object scanned:;"729099"
Time needed:;"47 minute(s) 28 second(s) "
Errors encountered:;"0"
Infections
File;"Infection";"Result"
C:\Documents and Settings\Administrator\Local Settings\Temp\snapsnet.exe:\$CF\ardCo01\ardCo011065.exe;"Trojan horse Downloader.Generic6.ACAV";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Local Settings\Temp\snapsnet.exe;"Trojan horse Downloader.Generic6.ACAV";"Moved to Virus Vault"
Spyware
File;"Infection";"Result"
C:\WINDOWS\system32\cmdow.exe;"Potentially harmful program HideExec.BN";"Moved to Virus Vault"
C:\WINDOWS\ѕеcurity\wοwexec.exe;"Adware Generic2.VJE";"Moved to Virus Vault"
K:\RECYCLER\S-1-5-21-1060284298-1035525444-725345543-500\Dk460.exe:\$JF\AviSplitter.ax;"Adware Generic3.GRF";"Deleted"
K:\RECYCLER\S-1-5-21-1060284298-1035525444-725345543-500\Dk460.exe;"Adware Generic3.GRF";"Deleted"
Warnings
File;"Infection";"Result"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00000000-59D4-4008-9058-080011001200};"Found Adware.TitanShieldAntispyware";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00000000-C1EC-0345-6EC2-4D0300000000};"Found Adware.TitanShieldAntispyware";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00000000-F09C-02B4-6EC2-AD0300000000};"Found Adware.TitanShieldAntispyware";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00000001-C003-4A2F-9142-7CB1D78DE6C1};"Found Adware.InternetOptimizer";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00000049-8F91-4D9C-9573-F016E7626484};"Found Adware.Isearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00000062-2E5F-4AF7-986E-5B64E0951A96};"Found Adware.BetterInternet";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00027925-0017-4faf-9539-90E4AC0B9EC5};"Found Adware.IEPlugin";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00110011-4B0B-44D5-9718-90C88817369B};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{002AF282-E42D-4B51-9F70-F1570C02FAAD};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00C9C6A4-1889-46BC-B73A-F4DDCC042735};"Found Adware.Vundo";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00C9D850-244D-10E1-B3C9-10805E499D95};"Found Adware.ContextuAd";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00DBDAC8-4691-4797-8E6A-7C6AB89BC441};"Found Downloader.ConHook.l";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00F1D395-4744-40f0-A611-980F61AE2C59};"Found Adware.DrSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{01667638-ABC1-4753-81FE-5E89FEA93EB6};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{01d8d081-0f76-4ab5-b5e4-9b23a709670e};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{01E69986-A054-4C52-ABE8-EF63DF1C5211};"Found Adware.CramToolbar";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{01EB5130-FC0C-4d75-B9CE-4801B1B854F5};"Found Adware.Begin2Search";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{020B1227-417D-4682-9AC3-61F43CB5B6B1};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{037CE595-57CB-4EB5-9775-97BC112F3BB3};"Found Trojan.Bomka";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{06170642-fa65-4fb6-ac79-5f235cb99bc2};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{064D7349-A77F-B038-ADF3-F789A75B907C};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{06849E9F-C8D7-4D59-B87D-784B7D6BE083};"Found Logger.Agent.io";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{06EECACB-F7C6-4ab9-B6AE-2DC4ED4588BB};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{086AE192-23A6-48D6-96EC-715F53797E85};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{08A312BB-5409-49FC-9347-54BB7D069AC6};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0940292B-4CA0-70A8-794E-09E449B611D4};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0A00D11E-B1E7-44b5-AD88-C9190876AAC4};"Found Adware.Dyibar";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0A51FD8D-6835-4212-B796-AFC24F4D108A};"Found Adware.CreatrixMedia";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0be87caf-1c8e-43c7-a476-5af1a2f5a43f};"Found Adware.AntiVermins";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0cd726ec-f1f5-4210-9011-ee6b5332a279};"Found Adware.AntiVermins";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0D2DEF3A-F4F1-42EC-AC4F-132E7BA6E292};"Found Adware.MWSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0D4C7057-EAD2-44C6-AD18-9092905F28F1};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0e4e5110-a772-4c4a-a7dc-137fe10abd6e};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{105F49FF-DD33-D18C-D260-41E413DA143F};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{11111111-2222-3333-4444-555555555555};"Found Adware.Casino";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{11904CE8-632A-4856-A7CC-00B33FE71BD8};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{11A4CA8C-A8B9-49c2-A6D3-3F64C9EEBAE6};"Found Adware.Shorty";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{11F09AFD-75AD-4E51-AB43-E09E9351CE16};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{12355F3E-90C3-41AA-8705-15969AF7F210};"Found Adware.Webdir";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{125494B2-ACAD-414C-98B9-452F3EF7703A};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{13146842-6251-5625-3072-548536364311};"Found Logger.Goldun.an";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{13589181-4F0D-4553-B9F8-B4B72172C139};"Found Adware.Vundo";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{13693777-5b9d-4afc-99f1-650f569a0eb0};"Found Adware.AntiVermins";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1395A06F-EEA0-4445-BA0C-E8B56B48E244};"Found Adware.CramToolbar";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{150FA160-130D-451F-B863-B655061432BA};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{159C2E51-9823-11D2-8DDC-D84A1B4ACD4D};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{166D5965-3523-FD3D-7653-2DD44AC66EB8};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{16DF666F-BA95-4F41-B396-1381C2BA66F4};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{17AF3D30-061C-15C3-F3DD-FF77212FA819};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{17DA0C9E-4A27-4ac5-BB75-5D24B8CDB972};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{18A2085F-FEEA-41D4-A5B5-E595B830B77D};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{18F57D30-EF36-4C0E-9343-7BFA6DF79B4A};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{192c5b4a-3efd-40c7-9f99-c472deb8efc0};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{197B8CA4-E215-46DD-8F33-E0544A80E5C4};"Found Adware.SafeSurfing";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1A8E8BF9-BC1C-41DD-5D9A-CEB7C14ABF94};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1AC5C88A-DEA7-462b-A232-04AF5CA42E7E};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1ADBCCE8-CF84-441E-9B38-AFC7A19C06A4};"Found Adware.ActivShopper";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1B68470C-2DEF-493B-8A4A-8E2D81BE4EA5};"Found Downloader.Delf";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1B9CB0F8-118B-49C1-956D-B703E976F8E3};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1C4DA27D-4D52-4465-A089-98E01BB725CA};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1c78ab3f-a857-482e-80c0-3a1e5238a565};"Found Adware.Isearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1CA480CD-C0E5-4548-874E-B85B17905B3A};"Found Trojan.Zlob.f";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1E6CE4CD-161B-4847-B8BF-E2EF72299D69};"Found Logger.Sters";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1efd4366-6676-4af7-a88a-872a49e2601d};"Found Adware.AntiVermins";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1F48AA48-C53A-4E21-85E7-AC7CC6B5FFB1};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1F48AA48-C53A-4E21-85E7-AC7CC6B5FFB2};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{202a961f-23ae-42b1-9505-ffe3c818d717};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{20929603-21DB-477C-BA6F-0B8E70B3C8A0};"Found Adware.CramToolbar";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{20A3D913-30EF-4E69-B3F7-93B3F1FB9D5C};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2178F3FB-2560-458F-BDEE-631E2FE0DFE4};"Found Adware.WinAntiVirus";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2296428D-C133-4928-B76A-A200FF409572};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{22DFEAE8-9AD2-4FC6-9CBA-A6566CA3B6EB};"Found Adware.Begin2search";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2305D8B7-B649-4C65-BA03-4C8B05213E1A};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2353FCBC-012D-487B-8BF3-865C0929FBEB};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2439DCBB-DA51-FB1C-927A-CC1E586A8D00};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{250cb705-b9f5-4c77-a8c0-8d9d436fcff4};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2513A321-CB50-4C5F-91C5-80342AFACFB1};"Found Adware.TitanShieldAntispyware";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{25A3C995-10C8-474B-A167-99460AB4AB2B};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{25E1A054-1262-459F-9F14-BF06148F4253};"Found Trojan.Bomka";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{27150f81-0877-42e9-af13-55e5a3439a26};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{279A1B41-6CAC-4ABF-B39C-72C8E489F685};"Found Adware.AdBlaster";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{285B5CCD-C3F0-4EB6-9632-7D0A3C3AF824};"Found Adware.iLookup";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{28DFFB3C-A6C2-481B-B8D7-AD205DECBA6E};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2A7372BA-656A-409A-B76D-F2B2B2DC6B1F};"Found Adware.Vundo";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2C22DB59-3DF9-D9D9-9537-D534316B3458};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2C5B5226-045D-4A46-B4FC-228B0891FEEC};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2D38A51A-23C9-48a1-A33C-48675AA2B494};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2D8C4BF1-05FB-44D2-B6A1-CE7D740FC755};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2DC9D850-144D-11E1-B3C9-10805E499D93};"Found Adware.ContextuAd";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2DEA8791-C2B7-48E1-8992-8E8E6A6FE789};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2E16DA2D-3194-4b72-AF4E-FD8597CFAFDC};"Found Hijacker.MorwillSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2E246FAE-8420-11D9-870D-000C2917DE7F};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2E9CAFF6-30C7-4208-8807-E79D4EC6F806};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3050F4D8-6D62-11CE-AF61-013309406392};"Found Trojan.BindFil.g";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3050F4D8-6D62-11CE-AF61-E13309406392};"Found Trojan.ZMark.a";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{314120E4-5A05-492C-9BF2-22558CF0F202};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{31615D5C-5126-448A-818A-A7CDFEE85A9B};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{325338F0-AED0-45f6-A0DA-B5B09E6A07ED};"Found Adware.SavingsHound";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{32D481BA-7CF2-3434-A0CE-1686F9FF5DD9};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{344A6FA4-D907-A113-AE32-AD1D33AAF46D};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{34A12A06-48C0-420D-8F11-73552EE9631A};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{364B6276-C6C1-40B6-A6D7-6C48871FD707};"Found Adware.Accoona";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{366B2151-E1C7-44a3-86A3-E5686C2A3D2F};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3820350F-5092-2ADD-8A4C-8DE2C609FAE5};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{382ED25E-FF84-4A00-ACC4-4DDADD62DDDD};"Found Adware.CashDeluxe";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{392BAF48-A26A-45B5-9263-97128E429268};"Found Adware.AdBlaster";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{392D4A36-6ADF-4A99-A820-3014A53E62E3};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{39C78B50-7E98-4AA0-B007-D83114EA6E0F};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{39D3264A-0031-49DB-860D-37647ACCB78A};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{39F25B12-74FF-4079-A51F-1D70F5B08B84};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3b3fa480-138e-47e6-b79a-9a0f7b2846d5};"Found Adware.AntiVermins";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3bb3ddaf-7867-44b1-90fc-ac425344724d};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3BF1F86F-B1A8-489B-8D8B-43781D51411F};"Found Hijacker.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3BF6C840-4D12-4FB5-88A2-E2BC03461DC2};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3C767C6B-602D-4B9B-829D-A3DC5B2D89DD};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3CEFF6CD-6F08-4E4D-BCCD-FF7415288C3B};"Found Adware.TitanShieldAntispyware";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3D00A39C-655B-428B-AEB2-2FBA03DCC49C};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3D782BB3-F2A5-11D3-BF4C-000000000000};"Found Adware.ActivShopper";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3e186ce2-1abb-45d6-a4b9-4fcd11fbb014};"Found Adware.AntiVermins";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3E290290-1728-4C1E-863A-AA12526333F6};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3E422F49-1566-40D3-B43D-077EF739AC32};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3E9B951E-6F72-431B-82CF-4A9FBF2F53BC};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3EBDDEDC-85D1-462F-B875-F013A8EA7B8D};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3ED9FFDA-79DB-4B2D-99B7-16EA3C4A3A92};"Found Adware.Henbang";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3FDE0CB5-619F-4227-8961-F2D7ED15B88E};"Found Adware.CramToolbar";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3FE36807-69ED-45D1-B9BE-85C0E3F75B6A};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4006DCA3-433D-4FC8-AC36-42DA7797DCB7};"Found Adware.eZula";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4022F902-ABC7-4C79-924F-BB26F1D355A2};"Found Adware.Dyibar";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{408F660A-9465-44A3-B557-8709DFD992BC};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4136C3F6-7636-49bf-A122-D4DA53B1ADDF};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4145B998-6511-46de-A873-FD1DBD053164};"Found Adware.SurfComp";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{41ED67C9-2734-4094-AD92-32F9EFEB5CC7};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{426F81A5-0B8C-4948-8115-11606FD3F389};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{429E4B60-3CEC-43C3-A53B-501C25F7F5FD};"Found Adware.Vundo";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{42F16135-D0A4-43A2-990C-27FCABD9C19F};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{42fc3840-020c-4e93-a34c-4df1a6330fbb};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{43DF1CEE-70B3-4E2D-A740-4AC468786207};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44};"Found Trojan.Small.anm";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{44b2f61f-7081-4b93-ae50-cd568548e4a7};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4508E20C-ACAD-11D2-9FC0-00550076E06F};"Found Adware.2Search";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4700F4B2-EB75-07EF-2853-5B264BD6E7DB};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{47fbd835-e417-48f6-a04d-7b702c5052c5};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{489b338e-e4ab-489a-91d4-69970a541cf9};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4A25D449-2BAA-4426-A992-D18CA70CF5A9};"Found Trojan.Kolweb.b";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4a2aacf3-adf6-11d5-98a9-00e018981b9e};"Found Adware.NewDotNet";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4A85F02A-CCD3-4E96-9BB1-7ACE7D0B9C23};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4AA870AC-8427-42a4-B92E-ECD956197489};"Found Adware.BetterInternet";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4af8e04f-0d5e-4c3f-ba67-81b685584c12};"Found Adware.AntiVermins";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4D31CCA1-C42B-4796-851F-CA8ED4CD2A7E};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4DA2EE61-6399-4C39-AEB9-0D990E610D29};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4DA4616D-7E6E-4FD9-A2D5-B6C535733E22};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4E7BD74F-2B8D-469E-8DBC-A42EB79CB428};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4E7BD74F-2B8D-469E-8EEC-EF64B787BB38};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4E7BD74F-2B8D-469E-9AFF-FD78A790AF2C};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D};"Found Adware.2020Search";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4E7BD74F-2B8D-469E-AB8C-E56FA49CA83A};"Found Adware.CursorZone";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4E7BD74F-2B8D-469E-C0FF-FD67B79CAF2C};"Found Adware.NewDotNet";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4E7BD74F-2B8D-469E-C1F2-F063A09BB32A};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4E7BD74F-2B8D-469E-C68A-8D2CF4D5FA7D};"Found Adware.SearchGuard";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4FBBDFD6-2CA9-4BBA-93E4-AADF75321BCA};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4fc003c3-87a0-489c-85cd-878246eb2d18};"Found Adware.VirusBursters";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5054F860-748D-4840-B7B4-DDDB428421AF};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{514CDFE1-5B4B-0907-2D78-0540364AC64B};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5240864B-FDFE-4563-3514-463926792311};"Found Logger.Goldun.ac";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5284AC2A-EF00-4750-9B82-B5B907D26536};"Found Adware.ErrorSafe";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{52B1DFC7-AAFC-4362-B103-868B0683C697};"Found Adware.Vundo";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{55BE9F0D-6CAF-4c3e-B125-5A13A8C9D0EC};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{56262124-6251-5625-3072-548536364311};"Found Logger.Goldun.aa";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{56F1D444-11BF-4879-A12B-79CF0177F038};"Found Adware.180Solutions";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5753791B-F607-48CA-814E-91C14D081F9E};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{575A5AE9-B68E-4BEB-BACB-FE430448C654};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{57A70350-87D9-4EA2-B3AC-C1C1B5296035};"Found Adware.ContextuAd";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{58D324EE-2062-6566-1F57-2A699079E447};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{58DBCE03-FFC3-4452-AB1D-C19EE9825A50};"Found Hijacker.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{58F07DD3-924D-4141-BC74-299F523A95F1};"Found Adware.WebDir";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5929CD6E-2062-44a4-B2C5-2C7E78FBAB38};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{59879FA4-4790-461c-A1CC-4EC4DE4CA483};"Found Adware.RXToolbar";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{598CA4D5-6870-47F0-B513-E3EFBA809B22};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{59F12660-2B92-4554-98F9-87295AD8A0CE};"Found Hijacker.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5A5B6916-ED71-4531-8018-E792DD44156E};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5A7CBCDC-9228-4104-A57D-738CE50FBA4F};"Found Adware.Onban";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5B4AB8E2-6DC5-477A-B637-BF3C1A2E5993};"Found Adware.Isearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5BED3930-2E9E-76D8-BACC-80DF2188D455};"Found Adware.CouponBar";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5D647E9C-6B37-4636-9A78-DADB1EB93BDF};"Found Adware.CtxPopup";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5E05EA9F-1EA7-4D0B-A09B-D5E29EC758B9};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5EB7CB50-E375-4718-B4C0-9AD12EFA2F84};"Found Downloader.Agent.rs";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5EDB03AF-0341-4e96-9E9B-3171522E4BAF};"Found Adware.FlashEnhancer";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5eed48aa-f20f-4085-b8f8-57724b7c5b08};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5F1ABCDB-A875-46c1-8345-000000002012};"Found Adware.MyToolbar";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5F6BBD8A-18CF-4D55-8B4C-C9B4C9328DFE};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5FCA4D4F-CBDD-4263-3814-463926792311};"Found Logger.Goldun.ae";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5FFCA022-FA50-3120-C21F-E6C00C517716};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6001CDF7-6F45-471b-A203-0225615E35A7};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{60371670-81B9-4d06-9C42-4DEC1AABE62B};"Found Hijacker.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{60426198-175D-BEDA-44CF-B55B868D0088};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{61468245-A343-CF27-3452-44DF4679BDF1};"Found Trojan.Goldun.v";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{616D4040-5712-4F0F-BCF1-5C6420A99E14};"Found Hijacker.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{61CA3AF6-2E10-18DB-BB89-818F7430DD7E};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{62457936-6381-6170-3572-468926792311};"Found Logger.Goldun.ed";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{627aeb80-5854-4436-bb57-79e51c7491c1};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{62960D20-6D0D-1AB4-4BF1-95B0B5B8783A};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{630CBF61-54CC-4AC3-97B0-D4071345807C};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{636ff82a-830a-42ea-938b-6dc78b2ac30c};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6379A99A-9102-446C-A837-0623E1810D75};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{65194BCE-CBDD-4263-3814-463926792311};"Found Logger.Goldun.h";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{65424A8F-4E15-3395-EB24-27E676B5BB58};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{659E147E-BD03-4605-988C-AA6D7EA497CA};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{65E9801C-0472-47F9-85A0-8442D47A82B0};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6604595C-B90A-8BCC-F8EF-5C2F9611D23F};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6671A431-5C3D-463d-A7CF-5587F9B7E191};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6756557E-2E2D-E94B-9AA3-E2A680369B4B};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{68FF9E0F-2E96-4467-87FA-1A8B9734C7E7};"Found Adware.SpyBlocs";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6A512BF7-EC78-4e8d-9841-6C02E8FA9838};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6AA092A7-509F-0125-3521-4319AB07EE2B};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6AE02E1C-8859-4F57-9097-5A55A56A4CAF};"Found Adware.MyTool";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6AFB5B8E-ACFD-4489-91B3-DAA1388A31EC};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6c80c5b2-4748-411c-8120-09426f8ed212};"Found Adware.AntiVermins";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6C8A0A93-DD1A-CD26-2851-F52B2569908C};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6d42e870-6d15-4c82-8c78-ecd53ff5b6f0};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6DA975EA-CBB4-411B-97C0-DB0A892BF2C1};"Found Trojan.Agent.dq";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6DD0BC06-4719-4BA3-BEBC-FBAE6A448152};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6E28339B-7A2A-47B6-AEB2-46BA53782373};"Found Trojan.Wayphisher";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6E28339B-7A2A-47B6-AEB2-46BA53782375};"Found Trojan.Wayphisher";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6E28339B-7A2A-47B6-AEB2-46BA53782378};"Found Trojan.Wayphisher";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6E2CE423-B3F7-4DCC-ACF3-8671CC20BFCF};"Found Adware.Vundo";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6EEB621D-02F7-4EE6-B889-C6218BFCFEA8};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6F3F8C08-2506-4CD0-B1A9-E4A83383CBBB};"Found Adware.Vundo";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6F71C05E-6C91-4A3A-9146-9C19DA2E4CCE};"Found Adware.Vundo";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{707b19e6-4207-4d3f-b0a8-319dba2e6b93};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{71D1708F-973D-4600-AF01-AD86688403AE};"Found Adware.SafeSurfing";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{723D54C7-7483-4EB8-8EED-CE5B2AEA534D};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{724510C3-F3C8-4FB7-879A-D99F29008A2F};"Found Hijacker.SpyAxe";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7288c0bd-7f2f-4229-a0c4-3c90a6e2a881};"Found Adware.SpyAxe";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{728E63B0-5165-4E98-9C83-EF987EEB66C9};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{72A58725-2635-4725-8C53-686DFD1FEB8D};"Found Adware.ZeroPopupBar";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7345F548-C9AC-46F7-A350-524964350D25};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{736b5468-bdad-41be-92d0-22ae2ddf7bcb};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{746455FE-D059-47e7-AF0E-140E03F5A447};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{748c9204-6c92-485b-8bf8-3af7ecf03cde};"Found Adware.AntiVermins";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{74CC49F7-EB32-4A08-B204-948962A6E3DB};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7507739F-BC2E-4DC3-B233-816783C25DC9};"Found Downloader.Delf";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{753D7DED-2454-44A3-959D-DC3700FC6B6E};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{754FB7D8-B8FE-4810-B363-A788CD060F1F};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{76532682-A5C9-11D8-AE07-00D0591AB78A};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7675940E-2E8F-CC66-3F3E-33734232EC19};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7697DB96-5DA3-44F2-BC97-AD35E5F4CEDC};"Found Adware.Vundo";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{780916B6-00F4-484C-8AF7-A69CEAE0736B};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{78364D99-A640-4ddf-B91A-67EFF8373045};"Found Trojan.Brospy.c";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{784aa380-13f2-422e-8540-f2280f1dd4f1};"Found Adware.WorldSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{78653A3E-A63F-42A9-A6FE-7524F4058767};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7891DA15-428E-11D7-BCC1-00A024831A8C};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{78ab494d-026f-43a5-8071-e4411fd7859b};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{79A002FB-C126-462D-B4A7-81D6B42D1666};"Found Adware.DirectIP";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{79A576C4-B7A9-47EC-B57C-2CE5CA6ECC6A};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7A1693A1-AFAF-4F1E-9B05-EEC38A85FBF3};"Found Trojan.Kolweb.b";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7A1A109F-58B3-414B-9829-5F4D9BE5FEDE};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7A533235-A128-434B-9F8A-9300A544D191};"Found Adware.CashdeLuxe";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7B55BB05-0B4D-44fd-81A6-B136188F5DEB};"Found Adware.TitanShieldAntispyware";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7B90593A-D195-5D99-A455-BB257F00B873};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7BF451AC-2010-4804-B256-DB2F0A8D9EB6};"Found Adware.Vundo";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7c987433-cab4-499a-a0ce-a518f3c54e96};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7caf96a2-c556-460a-988e-76fc7895d284};"Found Adware.SpyAxe";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7CE5DA5D-F491-C0B6-884D-D9D4A9E4C7E4};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7E093FD0-5372-4FD5-9C7B-875668B4CDB2};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7fa55359-7223-410f-bc82-efb3e3ded07f};"Found Adware.VirusBurst";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7FC91C90-8256-4868-B4B1-DACDDC9A4546};"Found Adware.Vundo";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8037F7F0-80B6-453A-A7CB-5371A4A09BB8};"Found Adware.Begin2Search";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{80D484FE-0AA1-4D80-9FF2-5B196084E051};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{811ABD55-9D94-4892-AB46-11D7DA29B8AE};"Found Downloader.Small.ain";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{815B01A0-BF97-41E9-ACF2-32B76F98A960};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{826B2228-BC09-49F2-B5F8-42CE26B1B712};"Found Downloader.Delf";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{827DC836-DD9F-4A68-A602-5812EB50A834};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{830DE650-EBE7-434F-99AA-8DCBCDACBD7B};"Found Adware.ContextuAd";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8333C319-0669-4893-A418-F56D9249FCA6};"Found Adware.TitanShieldAntispyware";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{83A5F7B7-DC75-44CE-9195-264F41709FA9};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{84695FD5-A8A8-11D8-978E-005022E14DE2};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{84B71424-B020-11D4-B198-000102C6D473};"Found Adware.SpediaSurf";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{85597C9D-3994-4B7F-8CE3-515E632297A1};"Found Adware.Vundo";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{85A77577-A8CA-41b7-AA1E-DDAD4C0B12B1};"Found Adware.LinkMaker";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{86059629-45EE-4AA6-A994-672B68AC8B44};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8670ee50-01f9-47da-ac1e-cf8549e9e521};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{87185E78-A61B-4DB3-965A-3235BBD7A622};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{873EB32D-AE1A-4183-89BD-45A77F761BE4};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{874443fe-aa33-4ebf-a6ac-73208787e62d};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8794ED77-EB91-D293-4349-10E13AF28460};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{88C9975E-3995-4C53-BB17-B893F278049A};"Found Adware.Vundo";"Moved to Virus Vault"
Magnesium
2008-06-13, 03:48
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{88CC91DE-5930-45AD-9E04-6B1233609FEA};"Found Adware.Appoli";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{88D758A3-D33B-45FD-91E3-67749B4057FA};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{88DE3E1B-3D01-4032-9BAE-FD1994A3D7B8};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{893fad3a-931e-4e53-b515-b1426d63799b};"Found Trojan.Puper.aj";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8A321C7D-9CED-45A8-870D-DAE843A45FD0};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8A406068-D45C-40B9-A096-38AC717FB608};"Found Adware.WebDir";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8B309141-83A9-4C92-BCBE-2ADA24058DF0};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8B6DA27E-7F64-4694-8F8F-DC87AB8C6B22};"Found Adware.LinkMaker";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8C56B6CE-C53F-44C4-9BDC-A9BC1711D05A};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8CC5CF9F-B05E-49a8-9540-DD8EAD0A8912};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8D291203-D787-6A2F-2D24-18C37669C147};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8DBF02DA-4360-4A7E-BEA1-347B87816327};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8E13DDE1-E013-47ec-9C4C-27C2F78BDD26};"Found Trojan.Conhook.c";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8EE6BF73-B370-4D13-9126-EB0071178F2E};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8F788E92-2D3C-0712-95AE-97DD507CDBC9};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9068A414-3AF9-4F79-AF1C-E6EA415BAF52};"Found Adware.Vundo";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9148C6A5-5F1A-41EC-B3C2-883FA9F2CBAC};"Found Adware.Vundo";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{91F6D3FF-75DE-A3F4-BDDB-CEAB798A115F};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{92E1B3F7-0546-421E-9835-904D25B7BA66};"Found Adware.VisuaExplorer";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{93C6313C-9DB4-4694-8BD0-E378C573A9AD};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{93CECBB2-6B1B-448D-91B9-72604EF70105};"Found Adware.180Solutions";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{941CA48C-3984-4E7D-AAF8-8755ED76EB50};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{943B96A4-9BF6-42fe-8D0B-4BCA71C3632F};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{944864A5-3916-46E2-96A9-A2E84F3F1208};"Found Adware.Accoona";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9516919A-9D32-4B17-BD14-2CE488599F65};"Found Adware.Adtraffic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{955F5463-ADE2-D5FE-21D2-6229E3C97F02};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{95C60327-8E17-44D6-98EB-7EB70CC606DD};"Found Adware.SafeSurfing";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{96B01A48-1317-4A87-91F7-10116F755705};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{97F56E12-C706-4AEB-9FFB-133C05EE5D38};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{98080AA2-59AE-6225-7B5A-2D623E4CA49F};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{99A753C6-E429-46BD-989E-DD4A21CD059D};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9ad637ef-97f0-4f13-aa24-e84aa5c0e1ce};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9ADE0443-2AB2-4B23-A3F8-AC520773DE12};"Found Adware.Begin2Search";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9BB7E700-4E48-476D-B75C-6F47606BE988};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9C5875B8-93F3-429D-FF34-660B206D897A};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9C691A33-7DDA-4C2F-BE4C-C176083F35CF};"Found Adware.TitanShieldAntispyware";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9D9A7350-46C9-4E3C-92EF-382B5740A1C3};"Found Adware.ContextuAd";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9E69A5DE-24D3-4D3B-8117-5B60439EBFC2};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{9F2C17AC-9AA4-4C3A-82C7-EA7BCF00F03D};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{a19ef336-01d4-48e6-926a-fe7e1c747aed};"Found Adware.MWSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A21022CC-4063-2FB0-2846-65FB99D6E89E};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A30E09EF-197E-B658-38C6-C38B368232DA};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A509347C-461D-D47A-686D-852C0B1D26EE};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{a55c3ba7-db1e-4652-867e-055ceafe8018};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A569F6C9-29F0-43BC-80CF-6BA138C66108};"Found Adware.VirusBurster";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A5845A98-EBDA-4670-9DE6-5201C506E741};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A69B7D98-9DAC-21C6-7ADB-7FF21D28CEC1};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A6F42CAD-2559-48DF-AF30-89E480AF5DFA};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A708A39C-8DA7-4e36-B3B0-0A1FFAFD4B6D};"Found Trojan.KillAV.e";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A708A39C-8DA7-4e36-B3B0-0A1FFAFD4BCD};"Found Trojan.KillAV.e";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A749B4BC-7621-4a80-9220-D0A283367DD5};"Found Adware.FlashEnhancer";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A8B28872-3324-4CD2-8AA3-7D555C872D96};"Found Adware.Softomate";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A8BD6820-6ED7-423E-9558-2D1486B0FEEA};"Found Adware.DeluxeCommunications";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A8E7A7F0-2CF2-EB3D-F788-3CE5C20624D4};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A8EB478A-A3E8-2ECF-B115-9E8F5B3F1ECF};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{A8FB8EB3-183B-4598-924D-86F0E5E37085};"Found Adware.WhyPPC";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{AC212FB9-3883-461E-A559-37A4F6100FB0};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{AC9382D7-F0ED-4350-B7A7-4A383A1A93B0};"Found Adware.Vundo";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{AE21A223-C4CA-43D7-9764-4FC6DF529F4D};"Found Adware.7000n";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{AE22AFE5-1EF4-4D25-9E23-D2825FB17DA1};"Found Adware.Henbang";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{ae4026cc-b7ba-48e8-8fb3-2c35099670a1};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{aed6f6a3-183c-488d-9f90-23db99f56e7f};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{AF43C96A-216D-7D7A-AF61-0018C6061DD0};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{AF7FCAFB-9FDB-4F5E-BAC6-68BDEE61D6C6};"Found Adware.Vundo";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{b0f4bc0f-eaea-43b5-8ce6-dad3cc9b29a2};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B212D577-05B7-4963-911E-4A8588160DFA};"Found Trojan.Delf.nj";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B313D637-F405-4052-AC37-E2119AB3C8F8};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B49DA3DF-E569-423d-BDEA-8F89128E8107};"Found Trojan.Foron";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B4BF9C14-1EE5-510F-78CB-D256DA9572AA};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B5141620-C2B2-4D95-9F0F-134D99C87AB0};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B53455DB-5527-4041-AC41-F86E6947AA47};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B54BFA47-D897-49CA-9657-05EC9F80A32B};"Found Adware.QuickMetaSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B5F3970B-745E-46AC-B890-E08F69777D80};"Found Adware.Searchforit";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{b6a0aa8a-7cb1-44f0-ace7-7a69739c8674};"Found Adware.VirusBurster";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{b7f4f12c-aa9d-421a-a9a6-cc5ff952a4a4};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{B8B55274-0F9A-41E5-9067-A3539BD9E860};"Found Trojan.Agent.dj";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{b8ccdd47-38e4-4cd2-b7fa-3b4b690f74bd};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{BA94F81E-99FC-40E1-824C-BAA00B575F4A};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{bb0d5adc-028d-4185-9288-722ddce2c757};"Found Adware.Isearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{bb720bab-2f75-456b-a850-04d77b20f6b8};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{BBBD3E11-D201-46C9-8471-091D33159287};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{BBBE1C1A-89F7-4AF6-ABD1-F8FBCFA47408};"Found Adware.Able2know";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{BBF8DC95-3A2E-5656-D1C3-B52D78BB35FD};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{BC18EDB1-7152-4300-9435-4B195A2401DF};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{bcfd6185-8c88-45db-9a5f-3659b05e8bd5};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{BE2ED590-CA49-46B5-8CCE-244FB2E0D1AA};"Found Adware.WebDir";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{BEF178EB-79D6-4BFA-8213-6FB8EA4769C8};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{bf1ced2c-4b3f-4079-a330-864eda5a4cff};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C15DFCFB-3D1C-4E50-AAC7-037B016B95F7};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C19C3C4F-004E-8C8D-A093-AB7AC41004E0};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C1FE7C8F-043A-4FAC-AB62-2CC56F7482B1};"Found Adware.Vundo";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{c27d97e9-004b-4f4f-a5b0-b7188ddae024};"Found Adware.AntiVermins";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C2EEB4FA-B6D6-41b9-9CFA-ABA87F862BCB};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{c3176a2c-3119-4f7f-b847-62b5ee6763e5};"Found Adware.AntiVermins";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C370527A-24A7-4583-BE01-72E59000EB17};"Found Adware.AFAEnhance";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C3A64E2B-748B-4CA4-B20C-8C2817E12A6F};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C3DEA25E-A515-4B65-8760-AEE03089F1CD};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C4F147D7-BF25-488E-A12B-EFD43E7029BF};"Found Adware.VisuaExplorer";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5183ABC-EB6E-4E05-B8C9-500A16B6CF94};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C57C2283-6E09-A0F3-2CC1-E4ED822B5340};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5AF2622-8C75-4DFB-9693-23AB7686A456};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C5BF4465-5322-462F-B41F-459F649F3996};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{c668ea18-2d58-b7ff-b81a-5dfb1e599256};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C6A5ED20-49A5-4B92-8131-D6D8C8F107EC};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C75A33FE-50C7-4F0F-81B0-6EB2272022CB};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C7CF1142-0785-4B12-A280-B64681E4D45E};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{c7efdcde-a181-41d0-a551-16f73b398040};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{C89BB48C-15D9-4F4F-803E-95D90F62BE62};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{c95fe080-8f5d-11d2-a20b-00aa003c157a};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{c9b0d3dc-dc2b-4a17-8e34-02cd4c1e573f};"Found Hijacker.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CA356D79-679B-4b4c-8E49-5AF97014F4C1};"Found Adware.Starware";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{cac16e1a-d86b-428a-bb7b-65f2d2bfc160};"Found Adware.AntiVermins";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CBE0D59D-F985-4AC6-8826-FEE957065D42};"Found Adware.Vundo";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CDE9EB54-A08E-4570-B748-13F5DDB5781C};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CE66732C-7845-FB2B-35DA-7B85E11B2DE2};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CE70731D-F28D-4D81-9D61-C8EE60378401};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CE7C3CE2-4B15-11D1-ABED-709549C10000};"Found Adware.RegiFast";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CE7C3CF0-4B15-11D1-0BED-709549C10020};"Found Hijacker.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CE7C3CF0-4B15-11D1-ABED-709549C10000};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CF021F40-3E14-23A5-CBA2-71766C645750};"Found Trojan.Agent.gg";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CF021F40-3E14-23A5-CBA2-717765721306};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CF79DAB6-0AFE-4678-856D-44574D91915C};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D06E2EAE-1922-4A0B-6A7C-8D9E3DE0E708};"Found Adware.SpyLocked";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D1AC752E-883F-4ED8-8828-B618C3A72152};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D2C1986A-FBEC-4472-AABF-6D42F08DBC8E};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D49E9D35-254C-4c6a-9D17-95018D228FF5};"Found Adware.Starware";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D4D5C535-BA95-4327-870D-A33826FDD17A};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D4DFC1D8-2D2E-4962-B0D0-389FBA0F76B5};"Found Hijacker.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D5EFDB0E-4F51-414F-B740-54A5C87A8957};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D6D64CDF-0363-4261-B723-29A3AF365E1D};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D7ABE914-B8CF-4602-9145-6BDAAEDA21AA};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D7E588AB-A5D9-4422-B313-22A3470F9700};"Found Adware.FlashEnhancer";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D940F380-49C7-4A05-9E33-53930AF5768F};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{D9E5F993-FAEC-45B1-84F4-78A5BF27ED89};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{DA7FF3F8-08BE-4CAC-BC00-94D91C6AE7F4};"Found Adware.MWSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{da8da181-7b27-475c-b872-1a77751cc10a};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{daa873d4-958c-453c-81ca-3fe6f3676a87};"Found Downloader.Fugif";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{DC8240DF-E60D-4193-B984-5111847DC7E6};"Found Hijacker.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{DDDC947A-43F1-446A-A257-632F3ABDC212};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{DE23A040-D6AA-43ca-9B86-D9BE3DAA6FE7};"Found Trojan.KillAV.F";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{dea859d7-abb8-4239-b454-6731f4891560};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{e0103cd4-d1ce-411a-b75b-4fec072867f4};"Found Trojan.Puper.ac";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E1412445-4FF8-410e-8D24-F2CF86B171A4};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E14DCE67-8FB7-4721-8149-179BAA4D792C};"Found Trojan.Ciadoor.m";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E2B2B5A1-B48C-4886-A318-723916A01024};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E2DDF680-9905-4dee-8C64-0A5DE7FE133C};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E3788F79-18CF-4D9A-A7B4-1BF43E914A8A};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E3EEBBE8-9CAB-4C76-B26A-747E25EBB4C6};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E40ACE2C-5722-4BFF-BE3E-7741A211D466};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E4703CF2-7F82-4AD7-B317-8EC1CBC9B619};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E52DEDBB-D168-4BDB-B229-C48160800E81};"Found Hijacker.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E694E3DC-723F-40C7-87FE-6FFC222AD122};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E6B4AB50-F423-4EE6-9839-B35DCFCDFA49};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E6D5237D-A6C7-4C83-A67F-F9F15586FA62};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E730189A-9973-4121-B046-AD1C161EC3AF};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E7AFFF2A-1B57-49C7-BF6B-E5123394C970};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E8EDB60C-951E-4130-93DC-FAF1AD25F8E7};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{e944d14a-03aa-43e3-9d0e-4f50c4d1b005};"Found Adware.VirusBurst";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E9817993-83FF-4343-B14E-6CDFB378B21D};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E99D4D0C-EB54-46AF-B62A-3AA1F31D53E5};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{E9CCF15D-4C68-4B5A-9E9A-8E12E4BD39BD};"Found Hijacker.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{EA038DDD-0FE0-41f5-BA60-FC3660529E71};"Found Adware.Ad-Protect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{EA0D26BD-9029-431A-86E0-83152D67828A};"Found Adware.180Solutions";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{EA32FB3B-21C9-42cc-B8EF-01A9B28EDB0D};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{EA806E03-A6B1-205A-117C-013309406392};"Found Trojan.Singu.s";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{eac1accd-7790-4991-a9d2-550806d6d9c3};"Found Adware.AntiVermins";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{EB1CE8AA-7F27-45D3-BA59-37AFBFB4437F};"Found Adware.Vundo";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{EC52BEDA-CCF3-45E1-AFFD-03618DB9F10A};"Found Adware.Able2know";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{EC83B900-B33A-D316-EF7D-013309406392};"Found Trojan.Stoped.b";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{EDBF1BC8-39AB-48EB-A0A9-C75078EB7C8E};"Found Adware.SpyAxe";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{EDE2A2B4-B1CB-4BF8-93D1-154E49284A71};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{EE02B99B-1D55-48bc-B8DB-649A42CE45F6};"Found Adware.CreatrixMedia";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{EEE7178C-BBC3-4153-9DDE-CD0E9AB1B5B6};"Found Trojan.CWSMeup.b";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{ef2aa606-b72e-4a1b-b076-8b148661f3b7};"Found Adware.AntiVermins";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F007E221-018D-4baf-924A-B0E9092F3853};"Found Adware.CreatrixMedia";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F1FABE79-25FC-46de-8C5A-2C6DB9D64333};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F22ABCC8-DA46-6EFF-B0D2-2B1D0647AB7A};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{f31aee4a-1530-4fef-8537-79c6973bff9a};"Found Adware.VirusBurst";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F43BD772-ABDD-43b7-A96A-3E9E61946EC0};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F452FA15-98C9-BD51-AC62-418E0C391EC0};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F5D23930-23C6-440E-AB55-D019E1171539};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F5DE8ADB-4A69-4e56-96AB-823171C8E9D8};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F5F0086E-C12D-DA23-939A-802FE220ADD3};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F6053709-5723-454E-AB9D-7FC7E681AFA5};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{f65b197f-8260-4d52-909a-f70118e646eb};"Found Adware.MWSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F68D4ACF-5F32-4D00-A9D9-62D849AE0451};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F74B358E-6979-40a9-96CD-636C80B87AFF};"Found Trojan.BankAsh.g";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F7D40011-29BB-43EB-9C97-875CE89E9E36};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{F85E86D8-F796-4C97-AAA2-26664A98A42C};"Found Hijacker.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{f9476885-40eb-4405-878a-193baf18ce9b};"Found Adware.AntiVermins";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FA1A6CC3-BE63-4f7c-A455-417D35A67DA6};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FBD2EBD0-E6DF-456E-B300-A4D10A90C683};"Found Trojan.VB.aft";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FBD49452-69E0-4837-91FA-9227A6DD1A83};"Found Adware.Vundo";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FC0F30CD-E949-4148-884E-DC0F3D32EA46};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FC148228-87E1-4D00-AC06-58DCAA52A4D1};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FCADDC14-BD46-408A-9842-CDBE1C6D37EB};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FCBEFCA2-4337-C522-B757-2FED10040650};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{fcf0a3dd-9231-4625-84c6-4810bbe5f54b};"Found Adware.RogueSuspect";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FD9BC004-8331-4457-B830-4759FF704C22};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FDC47F1A-61E1-4AC5-89CA-6B95644953AE};"Found Adware.Virtumonde";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FE6A3E85-0F6C-49AD-8843-68FF44E7EEA9};"Found Adware.SecureServicePack";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FEF0E647-5524-FA9E-07CF-AF79EE6770A0};"Found Adware.CoolWebSearch";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FF1BF4C7-4E08-4A28-A43F-9D60A9F7A880};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FFD2825E-0785-40C5-9A41-518F53A8261F};"Found Adware.TitanShieldAntispyware";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FFF4E223-7019-4CE7-BE03-D7D3C8CCE884};"Found Adware.Shorty";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFA};"Found Trojan.Zapchast";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF};"Found Adware.Generic";"Moved to Virus Vault"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{Y479C6D0-OTRW-U5GH-S1EE-E0AC10B4E666};"Found Adware.Generic";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3zort4s4.default\cookies.txt:\2o7.net.a66c055e;"Found Tracking cookie.2o7";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3zort4s4.default\cookies.txt:\2o7.net.f8075bef;"Found Tracking cookie.2o7";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3zort4s4.default\cookies.txt:\2o7.net.484dbb69;"Found Tracking cookie.2o7";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3zort4s4.default\cookies.txt:\2o7.net.99dac69b;"Found Tracking cookie.2o7";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3zort4s4.default\cookies.txt:\2o7.net.e67f3d3d;"Found Tracking cookie.2o7";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3zort4s4.default\cookies.txt:\2o7.net.1aa86b19;"Found Tracking cookie.2o7";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3zort4s4.default\cookies.txt:\revsci.net.2df99d79;"Found Tracking cookie.Revsci";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3zort4s4.default\cookies.txt:\revsci.net.44927ec;"Found Tracking cookie.Revsci";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3zort4s4.default\cookies.txt:\tacoda.net.e9f57f8;"Found Tracking cookie.Tacoda";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3zort4s4.default\cookies.txt:\revsci.net.3f4566dd;"Found Tracking cookie.Revsci";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3zort4s4.default\cookies.txt:\revsci.net.e9dbeb91;"Found Tracking cookie.Revsci";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3zort4s4.default\cookies.txt:\tacoda.net.c4fe2ebb;"Found Tracking cookie.Tacoda";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3zort4s4.default\cookies.txt:\tacoda.net.27341d57;"Found Tracking cookie.Tacoda";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3zort4s4.default\cookies.txt:\tacoda.net.5935e89;"Found Tracking cookie.Tacoda";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3zort4s4.default\cookies.txt:\tacoda.net.d323296e;"Found Tracking cookie.Tacoda";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3zort4s4.default\cookies.txt:\adopt.euroclick.com.17044b51;"Found Tracking cookie.Euroclick";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3zort4s4.default\cookies.txt:\adopt.euroclick.com.8b1bd7bc;"Found Tracking cookie.Euroclick";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3zort4s4.default\cookies.txt:\adopt.euroclick.com.6d7740f7;"Found Tracking cookie.Euroclick";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3zort4s4.default\cookies.txt:\adopt.euroclick.com.fb764ef7;"Found Tracking cookie.Euroclick";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3zort4s4.default\cookies.txt:\realmedia.com.ef906bac;"Found Tracking cookie.Realmedia";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3zort4s4.default\cookies.txt:\realmedia.com.6b2e2a72;"Found Tracking cookie.Realmedia";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3zort4s4.default\cookies.txt:\realmedia.com.68087763;"Found Tracking cookie.Realmedia";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\3zort4s4.default\cookies.txt;"Found Tracking cookie.2o7";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\doubleclick.net.bf396750;"Found Tracking cookie.Doubleclick";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\2o7.net.29c43642;"Found Tracking cookie.2o7";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\2o7.net.c83bf70;"Found Tracking cookie.2o7";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\2o7.net.484dbb69;"Found Tracking cookie.2o7";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\2o7.net.2e1f9920;"Found Tracking cookie.2o7";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\2o7.net.82ae2df5;"Found Tracking cookie.2o7";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\2o7.net.404851f2;"Found Tracking cookie.2o7";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\2o7.net.5cef2cf7;"Found Tracking cookie.2o7";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\2o7.net.af51ae29;"Found Tracking cookie.2o7";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\revsci.net.55564293;"Found Tracking cookie.Revsci";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\revsci.net.2df99d79;"Found Tracking cookie.Revsci";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\atdmt.com.b3e33b5f;"Found Tracking cookie.Atdmt";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\revsci.net.e9dbeb91;"Found Tracking cookie.Revsci";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\revsci.net.44927ec;"Found Tracking cookie.Revsci";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\revsci.net.3f4566dd;"Found Tracking cookie.Revsci";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\advertising.com.203aa218;"Found Tracking cookie.Advertising";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\advertising.com.525a5fb9;"Found Tracking cookie.Advertising";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\advertising.com.f62113d5;"Found Tracking cookie.Advertising";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\advertising.com.b624fa46;"Found Tracking cookie.Advertising";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\advertising.com.1820df7a;"Found Tracking cookie.Advertising";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\advertising.com.578f243f;"Found Tracking cookie.Advertising";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\advertising.com.c389d0df;"Found Tracking cookie.Advertising";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\advertising.com.9fd771bc;"Found Tracking cookie.Advertising";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\advertising.com.256d7442;"Found Tracking cookie.Advertising";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\advertising.com.bd26dafb;"Found Tracking cookie.Advertising";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\advertising.com.7aa66055;"Found Tracking cookie.Advertising";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\advertising.com.df75d11e;"Found Tracking cookie.Advertising";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\advertising.com.1d4e5ba2;"Found Tracking cookie.Advertising";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\advertising.com.5052f823;"Found Tracking cookie.Advertising";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\advertising.com.59fe967c;"Found Tracking cookie.Advertising";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\advertising.com.589c630f;"Found Tracking cookie.Advertising";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\advertising.com.6fbdd38a;"Found Tracking cookie.Advertising";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\advertising.com.1625f0ab;"Found Tracking cookie.Advertising";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\adrevolver.com.9b9d670a;"Found Tracking cookie.Adrevolver";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\adrevolver.com.f6cfcad4;"Found Tracking cookie.Adrevolver";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\media.adrevolver.com.2be00b0;"Found Tracking cookie.Adrevolver";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\media.adrevolver.com.5fed601d;"Found Tracking cookie.Adrevolver";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\adrevolver.com.61b5dd52;"Found Tracking cookie.Adrevolver";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\mediaplex.com.f652b123;"Found Tracking cookie.Mediaplex";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\tribalfusion.com.9bc3e98f;"Found Tracking cookie.Tribalfusion";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\tribalfusion.com.dcc03271;"Found Tracking cookie.Tribalfusion";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\tribalfusion.com.7610f0e0;"Found Tracking cookie.Tribalfusion";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\tribalfusion.com.8b22ad8c;"Found Tracking cookie.Tribalfusion";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\serving-sys.com.4b416ef8;"Found Tracking cookie.Serving-sys";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\serving-sys.com.606c3d3b;"Found Tracking cookie.Serving-sys";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\serving-sys.com.c9034af6;"Found Tracking cookie.Serving-sys";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\serving-sys.com.400f83f;"Found Tracking cookie.Serving-sys";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\serving-sys.com.6a1cf9e8;"Found Tracking cookie.Serving-sys";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\serving-sys.com.255d6f2f;"Found Tracking cookie.Serving-sys";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\bs.serving-sys.com.5bf1f00f;"Found Tracking cookie.Serving-sys";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\questionmarket.com.3eb5a9f1;"Found Tracking cookie.Questionmarket";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\questionmarket.com.4dd5e426;"Found Tracking cookie.Questionmarket";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\trafficmp.com.37644bdb;"Found Tracking cookie.Trafficmp";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\trafficmp.com.f3e5803e;"Found Tracking cookie.Trafficmp";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\trafficmp.com.e2e71e33;"Found Tracking cookie.Trafficmp";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\trafficmp.com.ae53b8b;"Found Tracking cookie.Trafficmp";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\trafficmp.com.a00e30b4;"Found Tracking cookie.Trafficmp";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\adbrite.com.d5e309c2;"Found Tracking cookie.Adbrite";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\adbrite.com.71beeff9;"Found Tracking cookie.Adbrite";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\adbrite.com.e3b6fcdd;"Found Tracking cookie.Adbrite";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\adbrite.com.ce59db3e;"Found Tracking cookie.Adbrite";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\casalemedia.com.837115b5;"Found Tracking cookie.Casalemedia";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\casalemedia.com.1773afc;"Found Tracking cookie.Casalemedia";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\casalemedia.com.987e6b46;"Found Tracking cookie.Casalemedia";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\casalemedia.com.80ad4799;"Found Tracking cookie.Casalemedia";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\statse.webtrendslive.com.b4ca7df0;"Found Tracking cookie.Webtrendslive";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\adopt.euroclick.com.17044b51;"Found Tracking cookie.Euroclick";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\adopt.euroclick.com.8b1bd7bc;"Found Tracking cookie.Euroclick";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\adopt.euroclick.com.6d7740f7;"Found Tracking cookie.Euroclick";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt:\adopt.euroclick.com.fb764ef7;"Found Tracking cookie.Euroclick";"Healed"
C:\Documents and Settings\Administrator\Application Data\Mozilla\Profiles\default\8dq1ph39.slt\cookies.txt;"Found Tracking cookie.Doubleclick";"Healed"
C:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[2].txt:\ad.yieldmanager.com.539b0606;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[2].txt:\ad.yieldmanager.com.87a9ab5d;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[2].txt:\ad.yieldmanager.com.ff92306;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[2].txt:\ad.yieldmanager.com.b68f2b7b;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[2].txt:\ad.yieldmanager.com.b4be891c;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[2].txt:\ad.yieldmanager.com.e762f029;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[2].txt:\ad.yieldmanager.com.557bf2b0;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[2].txt;"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@adrevolver[2].txt:\adrevolver.com.f6cfcad4;"Found Tracking cookie.Adrevolver";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@adrevolver[2].txt:\adrevolver.com.9b9d670a;"Found Tracking cookie.Adrevolver";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@adrevolver[2].txt;"Found Tracking cookie.Adrevolver";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@adopt.euroclick[2].txt:\adopt.euroclick.com.6d7740f7;"Found Tracking cookie.Euroclick";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@adopt.euroclick[2].txt:\adopt.euroclick.com.17044b51;"Found Tracking cookie.Euroclick";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@adopt.euroclick[2].txt:\adopt.euroclick.com.8b1bd7bc;"Found Tracking cookie.Euroclick";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@adopt.euroclick[2].txt:\adopt.euroclick.com.fb764ef7;"Found Tracking cookie.Euroclick";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@adopt.euroclick[2].txt:\adopt.euroclick.com.891542da;"Found Tracking cookie.Euroclick";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@adopt.euroclick[2].txt:\adopt.euroclick.com.ffe11db7;"Found Tracking cookie.Euroclick";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@adopt.euroclick[2].txt;"Found Tracking cookie.Euroclick";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@advertising[1].txt:\advertising.com.525a5fb9;"Found Tracking cookie.Advertising";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@advertising[1].txt:\advertising.com.b624fa46;"Found Tracking cookie.Advertising";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@advertising[1].txt:\advertising.com.f62113d5;"Found Tracking cookie.Advertising";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@advertising[1].txt:\advertising.com.1820df7a;"Found Tracking cookie.Advertising";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@advertising[1].txt:\advertising.com.203aa218;"Found Tracking cookie.Advertising";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@advertising[1].txt;"Found Tracking cookie.Advertising";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[2].txt:\atdmt.com.b3e33b5f;"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[2].txt;"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@bluestreak[1].txt:\bluestreak.com.bf396750;"Found Tracking cookie.Bluestreak";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@bluestreak[1].txt;"Found Tracking cookie.Bluestreak";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@bs.serving-sys[1].txt:\bs.serving-sys.com.5bf1f00f;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@bs.serving-sys[1].txt;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@bs.serving-sys[2].txt:\bs.serving-sys.com.5bf1f00f;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@bs.serving-sys[2].txt;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@bs.serving-sys[4].txt:\bs.serving-sys.com.5bf1f00f;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@bs.serving-sys[4].txt;"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt:\doubleclick.net.bf396750;"Found Tracking cookie.Doubleclick";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt;"Found Tracking cookie.Doubleclick";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@enhance[1].txt:\enhance.com.2ff9c31e;"Found Tracking cookie.Enhance";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@enhance[1].txt;"Found Tracking cookie.Enhance";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@media.adrevolver[1].txt:\media.adrevolver.com.5fed601d;"Found Tracking cookie.Adrevolver";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@media.adrevolver[1].txt;"Found Tracking cookie.Adrevolver";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@mediaplex[1].txt:\mediaplex.com.f652b123;"Found Tracking cookie.Mediaplex";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@mediaplex[1].txt;"Found Tracking cookie.Mediaplex";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@msnportal.112.2o7[1].txt:\msnportal.112.2o7.net.7225be6f;"Found Tracking cookie.2o7";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@msnportal.112.2o7[1].txt;"Found Tracking cookie.2o7";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@msnportal.112.2o7[2].txt:\msnportal.112.2o7.net.7225be6f;"Found Tracking cookie.2o7";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@msnportal.112.2o7[2].txt;"Found Tracking cookie.2o7";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@msnportal.112.2o7[3].txt:\msnportal.112.2o7.net.7225be6f;"Found Tracking cookie.2o7";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@msnportal.112.2o7[3].txt;"Found Tracking cookie.2o7";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@msnportal.112.2o7[4].txt:\msnportal.112.2o7.net.7225be6f;"Found Tracking cookie.2o7";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@msnportal.112.2o7[4].txt;"Found Tracking cookie.2o7";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@msnportal.112.2o7[5].txt:\msnportal.112.2o7.net.7225be6f;"Found Tracking cookie.2o7";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@msnportal.112.2o7[5].txt;"Found Tracking cookie.2o7";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@overture[2].txt:\overture.com.d727de6f;"Found Tracking cookie.Overture";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@overture[2].txt:\overture.com.52ca467a;"Found Tracking cookie.Overture";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@overture[2].txt;"Found Tracking cookie.Overture";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@revsci[2].txt:\revsci.net.44927ec;"Found Tracking cookie.Revsci";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@revsci[2].txt:\revsci.net.3f4566dd;"Found Tracking cookie.Revsci";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@revsci[2].txt;"Found Tracking cookie.Revsci";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@tacoda[2].txt:\tacoda.net.c4fe2ebb;"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@tacoda[2].txt:\tacoda.net.d323296e;"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@tacoda[2].txt:\tacoda.net.5935e89;"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@tacoda[2].txt:\tacoda.net.27341d57;"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@tacoda[2].txt:\tacoda.net.e9f57f8;"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
C:\Documents and Settings\Administrator\Cookies\administrator@tacoda[2].txt;"Found Tracking cookie.Tacoda";"Moved to Virus Vault"
pskelley
2008-06-13, 04:02
As far as the Sophos link is concerned i have some questionsThat link was there to provide information about the nature of the trojan only.
I should have asked for a new HJT log, I think I have looked at too many logs today. Please do this:
1) From the looks of things, you need the that AVG update. After about a week to be sure nothing needed was quarantined, empty the Virus Vault,
2) We need first to disable TeaTimer that it doesn't interfere with fixes. You can re-enable it when you're clean again:
* Run Spybot-S&D in Advanced Mode.
* If it is not already set to do this Go to the Mode menu select "Advanced Mode"
* On the left hand side, Click on Tools
* Then click on the Resident Icon in the List
* Uncheck "Resident TeaTimer" and OK any prompts.
* Restart your computer.
(leave TT disabled until we finish)
3) Post a new HijackThis log. It will be morning before I respond again, been at this for 15 hours now.
Thanks...Phil
Magnesium
2008-06-15, 17:29
i have another question:
1)so do you want me to empty the Virus VAult right now or just wait a week?
2) I have already disabled TeaTimer in the way you told me too.
3) i will get another HJT log as soon as you answer my first question up there
pskelley
2008-06-15, 17:42
I'll tell you what, why don't you decide since it is your computer. I don't have the time to look at every item AVG quarantined on the small chance the "new" program made a mistake and removed something it should not have, but you can. Since the scan was run several days ago:
Scan started:;"Thursday, June 12, 2008, 6:52:27 PM"
I would say chances are if something quarantined (virus vault) was going to cause a problem, it would have happened by now. You still get to make the call.
Thanks
Magnesium
2008-06-15, 18:08
ok then,
Well now i emptied the Virus Vault and disabled the Tea Timer and here is the new HJT log as you requested:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:59:37 AM, on 6/15/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {232D2677-68EE-4FA1-B988-279EBC8969ED} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {512aa4a5-27a7-48c7-9775-f4565e4fb02a} - C:\WINDOWS\system32\ylyvovy.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7C1A9EB8-8846-4F7E-AE3E-6E87C524091F} - C:\Program Files\NetMeeting\safenury83122.dll (file missing)
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: (no name) - {B08AF244-438F-482C-8B5F-4DE602F15E93} - C:\WINDOWS\system32\dfrn.dll (file missing)
O2 - BHO: (no name) - {BCF30268-E268-4274-80A9-A1CB92B7E72C} - C:\WINDOWS\system32\ssqpp.dll (file missing)
O2 - BHO: (no name) - {D58EE65D-7F45-4683-91D4-23F4FFDC0A7A} - (no file)
O2 - BHO: (no name) - {DC05099A-DA98-48B8-AA39-674A3B6A496A} - C:\Program Files\NetMeeting\safenury4444.dll (file missing)
O2 - BHO: (no name) - {E7B1BD97-3258-4CC4-83E4-10A21EF3F34C} - C:\WINDOWS\system32\gebayvv.dll (file missing)
O2 - BHO: (no name) - {FDFA8B1A-E83D-4B32-BE56-DB52C5A36903} - C:\Program Files\NetMeeting\safenury555077.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - Global Startup: Microsoft Office.lnk.disabled
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\DOCUME~1\ADMINI~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: c:\windows\system32\ldcore.dll,avgrsstx.dll
O20 - Winlogon Notify: efcawuu - efcawuu.dll (file missing)
O20 - Winlogon Notify: gebayvv - gebayvv.dll (file missing)
O20 - Winlogon Notify: vtstsss - vtstsss.dll (file missing)
O20 - Winlogon Notify: winmqx32 - winmqx32.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O24 - Desktop Component 0: (no name) - C:\Program Files\Internet Explorer\bazy.html
--
End of file - 6505 bytes
pskelley
2008-06-15, 18:26
You are or were infected, I can't tell if you have hidden infections without additional scans. Let's start like this:
I am getting conflicting reports on this item:
c:\windows\system32\avgrsstx.dll
Make sure all files and folder are enabled ( instructions 2 ) then scan with:
http://virusscan.jotti.org/ and post the results in your next post.
1) Download ResetTeaTimer.bat to the Desktop
http://downloads.subratam.org/ResetTeaTimer.bat
Double click ResetTeaTimer.bat
to remove all entries set by TeaTimer (and preventing TeaTimer to restore them upon reactivation).
2) How to make files and folders visible:
Click Start > Open My Computer.
Select the Tools menu and click Folder Options.
Select the View Tab. Under the Hidden files and folders heading, select Show hidden files and folders.
Uncheck: Hide file extensions for known file types
Uncheck the Hide protected operating system files (recommended) option.
Click Yes to confirm. Click OK.
You may reverse this for safety when we are finished.
3) Please download ATF Cleaner by Atribune
http://www.atribune.org/public-beta/ATF-Cleaner.exe
Save it to your Desktop. We will use this later.
4) Open HijackThis and choose "Do a system scan only" then check the box in front of these line items:
O2 - BHO: (no name) - {232D2677-68EE-4FA1-B988-279EBC8969ED} - (no file)
O2 - BHO: (no name) - {512aa4a5-27a7-48c7-9775-f4565e4fb02a} - C:\WINDOWS\system32\ylyvovy.dll (file missing)
O2 - BHO: (no name) - {7C1A9EB8-8846-4F7E-AE3E-6E87C524091F} - C:\Program Files\NetMeeting\safenury83122.dll (file missing)
O2 - BHO: (no name) - {B08AF244-438F-482C-8B5F-4DE602F15E93} - C:\WINDOWS\system32\dfrn.dll (file missing)
O2 - BHO: (no name) - {BCF30268-E268-4274-80A9-A1CB92B7E72C} - C:\WINDOWS\system32\ssqpp.dll (file missing)
O2 - BHO: (no name) - {D58EE65D-7F45-4683-91D4-23F4FFDC0A7A} - (no file)
O2 - BHO: (no name) - {DC05099A-DA98-48B8-AA39-674A3B6A496A} - C:\Program Files\NetMeeting\safenury4444.dll (file missing)
O2 - BHO: (no name) - {E7B1BD97-3258-4CC4-83E4-10A21EF3F34C} - C:\WINDOWS\system32\gebayvv.dll (file missing)
O2 - BHO: (no name) - {FDFA8B1A-E83D-4B32-BE56-DB52C5A36903} - C:\Program Files\NetMeeting\safenury555077.dll (file missing)
O20 - AppInit_DLLs: c:\windows\system32\ldcore.dll,avgrsstx.dll
O20 - Winlogon Notify: efcawuu - efcawuu.dll (file missing)
O20 - Winlogon Notify: gebayvv - gebayvv.dll (file missing)
O20 - Winlogon Notify: vtstsss - vtstsss.dll (file missing)
O20 - Winlogon Notify: winmqx32 - winmqx32.dll (file missing)
O24 - Desktop Component 0: (no name) - C:\Program Files\Internet Explorer\bazy.html
Close all programs but HJT and all browser windows, then click on "Fix Checked"
5) Right click Start > Explore and navigate to these files/folders and delete them if there.
c:\windows\system32\ldcore.dll <<< delete that file
6) Run ATF Cleaner
Double-click ATF-Cleaner.exe to run the program.
Click Select All found at the bottom of the list.
Click the Empty Selected button.
Click Exit on the Main menu to close the program.
7) Download Malwarebytes' Anti-Malware to your desktop.
http://www.besttechie.net/tools/mbam-setup.exe
* Double-click mbam-setup.exe and follow the prompts to install the program.
* Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform FULL SCAN, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad. Please save it to a convenient location. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt
* Please post contents of that file & a new HJT log in your next reply.
Include the information from jotti.
Thanks
Magnesium
2008-06-15, 18:34
1) i dont know how to download that .bat file when i click it it gives me a link to some text but there is no save as options pop up
pskelley
2008-06-15, 20:52
Do you have someone with more computer experience you can ask for help with this. All I am asking you to do is run a simple batch file to clean the TeaTimer memory? This is very basic stuff.
Try this, RIGHT click on this link:
1) http://downloads.subratam.org/ResetTeaTimer.bat
2) Choose "Save Target As" in the Save in box make sure it says "Desktop"
Click "Save" in the lower rightcCorner
3) Look on the Desktop for the "ResetTeaTimer"
4) Double click it to run, you will not see anything happen and it will happen in a flash.
Continue with the rest of the instructions.
Thanks
Magnesium
2008-06-15, 22:19
i already downloaded the .bat file but once i double clicked it to run it a black window popped up sayin "Spybot and Teatimer must be closed!! press any key to continue" then right below it after i press a key it says "Finished Press any key to Continue...". Is this normal even though you said it would happen in a flash??
pskelley
2008-06-15, 22:31
No it's not normal, in my post #6 here were the instructions again:
2) We need first to disable TeaTimer that it doesn't interfere with fixes. You can re-enable it when you're clean again:
* Run Spybot-S&D in Advanced Mode.
* If it is not already set to do this Go to the Mode menu select "Advanced Mode"
* On the left hand side, Click on Tools
* Then click on the Resident Icon in the List
* Uncheck "Resident TeaTimer" and OK any prompts.
* Restart your computer.
(leave TT disabled until we finish)
if you did not follow the directions please do so. If that does not work uninstall Spybot S&D completely in Add Remove program. You can reinstall it once the computer is clean.
Magnesium
2008-06-15, 22:52
I followed those directions exactly vbefore i ran teh .bat file and it i keep gettin the same message. I just uninstalled spybot completely and i tried running teh .bat file again but i still get the same message. I know though that TeaTimeer is disabled because when i start a program and etc. no Tea Timer "Allow or Deny" alert pops up.
pskelley
2008-06-15, 23:05
I have already asked you once to get some help from somebody with more computer experience.
If that does not work uninstall Spybot S&D completely in Add Remove program. You can reinstall it once the computer is clean.
There is now no need to execute the ResetTeaTimer.bat Start here:
2) How to make files and folders visible:
and execute the rest of the instructions.
Magnesium
2008-06-16, 01:15
I am getting conflicting reports on this item:
c:\windows\system32\avgrsstx.dll
Make sure all files and folder are enabled ( instructions 2 ) then scan with:
http://virusscan.jotti.org/ and post the results in your next post.
i have already made all files and folders visible as you instructed. But do you want me to run the jotti scan on this: c:\windows\system32\avgrsstx.dll in the "File to upload & scan:" section or run it on "My Computer"(I cant slect "My Computer" when i press the "Browse.." button,so im assuming your mean the "avgrsstx.dll" file)??
pskelley
2008-06-16, 01:28
c:\windows\system32\avgrsstx.dll <<< browse to that file and upload it to:
http://virusscan.jotti.org/ and post the results. If jotti is busy, here are two other free scans.
http://www.kaspersky.com/scanforvirus
http://www.virustotal.com/
Here is what happens, CastleCops says it belongs to AVG 8:
http://www.castlecops.com/o20list-487.html
but look at the Google on the file:
http://www.google.com/search?hl=en&q=avgrsstx.dll+&btnG=Google+Search
I have to know for sure and the only way to find out for sure is to scan the file on your computer.
Thanks
Magnesium
2008-06-16, 03:13
i followed all of these directions as instructed: when you requested that i deete that ldcore.dll file it wasnt there, so i guess it must have been deleted. But the thing is after i ran the fix from HJT my desktop background which was of Mobb Deep(a rap group) it turned all blue(ive had this problem for a long time where i could not adjust the desktop, even when i try to at Properties>Desktop and under background it is tannish and i cannot adjust it instead it is at [None] with a red circle and bar). but anyway here are all logs as requested:
File: avgrsstx.dll
Status:
OK(Note: file has been scanned before. Therefore, this file's scan results will not be stored in the database)
MD5: 42185b132ede421ad40610427453641e
Packers detected:
-
Scanner results
Scan taken on 15 Jun 2008 22:41:46 (GMT)
A-Squared
Found nothing
AntiVir
Found nothing
ArcaVir
Found nothing
Avast
Found nothing
AVG Antivirus
Found nothing
BitDefender
Found nothing
ClamAV
Found nothing
CPsecure
Found nothing
Dr.Web
Found nothing
F-Prot Antivirus
Found nothing
F-Secure Anti-Virus
Found nothing
Fortinet
Found nothing
Ikarus
Found nothing
Kaspersky Anti-Virus
Found nothing
NOD32
Found nothing
Norman Virus Control
Found nothing
Panda Antivirus
Found nothing
Sophos Antivirus
Found nothing
VirusBuster
Found nothing
VBA32
Found nothing
Malwarebytes' Anti-Malware 1.17
Database version: 857
7:57:55 PM 6/15/2008
mbam-log-6-15-2008 (19-57-55).txt
Scan type: Full Scan (A:\|C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|K:\|)
Objects scanned: 105852
Time elapsed: 31 minute(s), 41 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 12
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 9
Files Infected: 65
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{04a38f6b-006f-4247-ba4c-02a139d5531c} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{3c2d2a1e-031f-4397-9614-87c932a848e0} (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\minibugtransporter.minibugtransporterx.1 (Adware.Minibug) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{178d4e6a-ba5a-4ecb-8521-f7b8393fdb97} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\xpre (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\CAC (Malware.Trace) -> Quarantined and deleted successfully.
Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{178d4e6a-ba5a-4ecb-8521-f7b8393fdb97} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{e7b1bd97-3258-4cc4-83e4-10a21ef3f34c} (Trojan.Vundo) -> Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
C:\WINDOWS\system32\zip1 (Malware.Trace) -> Quarantined and deleted successfully.
C:\Program Files\E404 Helper (AdWare.BHO) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\oTt02e (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\Mz08r (Trojan.Downloader) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\SpyGuardPro (Rogue.SpyGuardPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\SpyGuardPro\Logs (Rogue.SpyGuardPro) -> Quarantined and deleted successfully.
C:\Program Files\Common Files\SpyGuardPro (Rogue.SpyGuardPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SalesMonitor (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\All Users\Application Data\SalesMonitor\Data (Rogue.Multiple) -> Quarantined and deleted successfully.
Files Infected:
C:\WINDOWS\system32\dztezfjg.dllbox (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{A590BC37-E2E1-44AA-B828-488587F26BAA}\RP288\A0212047.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\SpyGuardPro\avtasks.dat (Rogue.SpyGuardPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\SpyGuardPro\PGE.dat (Rogue.SpyGuardPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\SpyGuardPro\Logs\av.log (Rogue.SpyGuardPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\SpyGuardPro\Logs\ga6Support.log (Rogue.SpyGuardPro) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Application Data\SpyGuardPro\Logs\update.log (Rogue.SpyGuardPro) -> Quarantined and deleted successfully.
C:\WINDOWS\cookies.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\pac.txt (Malware.Trace) -> Quarantined and deleted successfully.
C:\Install (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrator\Desktop\Online Security Guide.lnk (Rogue.Link) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\ldinfo.ldr (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\blank.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\box_1.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\box_2.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\box_3.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\button_buynow.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\button_freescan.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\cell_bg.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\cell_footer.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\cell_header_block.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\cell_header_remove.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\cell_header_scan.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\detect.htm (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\download_box.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\download_btn.jpg (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\download_now_btn.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\footer_back.jpg (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\header_1.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\header_2.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\header_3.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\header_4.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\header_red_bg.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\header_red_free_scan.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\header_red_free_scan_bg.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\header_red_protect_your_pc.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\infected.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\main_back.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\perfect_cleaner_box.jpg (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\product_1_header.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\product_1_name_small.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\product_2_header.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\product_2_name_small.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\product_3_header.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\product_3_name_small.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\product_features.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\pt.htm (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\rating.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\s_detect.htm (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\screenshot.jpg (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\sep_hor.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\sep_vert.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\shadow.jpg (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\shadow_bg.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\spacer.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\spy_away_box.jpg (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\star.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\star_gray.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\star_gray_small.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\star_small.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\style.css (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\v.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\warning_icon.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\win_logo.gif (Malware.Trace) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\drivers\x.gif (Malware.Trace) -> Quarantined and deleted successfully.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:59:13 PM, on 6/15/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\NETSCAPE\NETSCAPE\NETSCP.EXE
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: (no name) - {BCF30268-E268-4274-80A9-A1CB92B7E72C} - C:\WINDOWS\system32\ssqpp.dll (file missing)
O2 - BHO: (no name) - {D58EE65D-7F45-4683-91D4-23F4FFDC0A7A} - (no file)
O2 - BHO: (no name) - {DC05099A-DA98-48B8-AA39-674A3B6A496A} - C:\Program Files\NetMeeting\safenury4444.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Global Startup: Microsoft Office.lnk.disabled
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\DOCUME~1\ADMINI~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
--
End of file - 5152 bytes
pskelley
2008-06-16, 04:15
Please read and follow the directions carefully:
Read this information:
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
http://www.dslreports.com/forum/r18988985-IS-SpywareTerminator-good-or-bad
http://www.spywarewarrior.com/rogue_anti-spyware.htm#products
Open HijackThis and choose "Do a system scan only" then check the box in front of these line items:
O2 - BHO: (no name) - {BCF30268-E268-4274-80A9-A1CB92B7E72C} - C:\WINDOWS\system32\ssqpp.dll (file missing)
O2 - BHO: (no name) - {D58EE65D-7F45-4683-91D4-23F4FFDC0A7A} - (no file)
O2 - BHO: (no name) - {DC05099A-DA98-48B8-AA39-674A3B6A496A} - C:\Program Files\NetMeeting\safenury4444.dll (file missing)
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
Close all programs but HJT and all browser windows, then click on "Fix Checked"
Run Clean Manager
http://spyware-free.us/tutorials/cleanmgr/
Restart the computer and post a new HijackThis log and tell me about any malware issues.
Thanks
Magnesium
2008-06-16, 05:04
ok i did everything you asked, i also read up on SpywareTerminator from the links you gave me and also looked it up the 2nd link and ive neevr got it from that domain. It was installed from when this computer was reformatted with windows Xp again.
there is still the issue of the desktop when irestarted it the Mobb Deep background came back up but when i check in Properties>Desktop the miniature Computer screen doesnt show the mobb deep picture but rather the plain blue background and still it says [None] which i cannot adjust. Other then this startup was normal.
Here is a new HJTlog as requested:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:57:51 PM, on 6/15/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM\aim.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Global Startup: Microsoft Office.lnk.disabled
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aol toolbar 2.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\DOCUME~1\ADMINI~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 2.0\aoltb.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Administrator\Start Menu\Programs\IMVU\Run IMVU.lnk
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
--
End of file - 4751 bytes
pskelley
2008-06-16, 05:17
Thanks for returning your information and the feedback, that's a clean HijackThis log.
there is still the issue of the desktop when irestarted it the Mobb Deep background came back up but when i check in Properties>Desktop the miniature Computer screen doesnt show the mobb deep picture but rather the plain blue background and still it says [None] which i cannot adjust. Other then this startup was normal.
I have no idea what this is, if it has to do with Windows XP, take it to a Windows XP forum for help:
http://www.bleepingcomputer.com/forums/forum56.html
http://www.techsupportforum.com/microsoft-support/windows-xp-support/
Here is information to help you stay malware free:
Some good information for you:
http://users.telenet.be/bluepatchy/miekiemoes/slowcomputer.html
http://www.microsoft.com/windowsxp/using/helpandsupport/learnmore/tips/mcgill1.mspx
Here is some great information from experts in this field that will help you stay clean and safe online.
http://users.telenet.be/bluepatchy/miekiemoes/prevention.html
http://forums.spybot.info/showthread.php?t=279
http://russelltexas.com/malware/allclear.htm
http://forum.malwareremoval.com/viewtopic.php?t=14
http://www.bleepingcomputer.com/forums/topict2520.html
http://cybercoyote.org/security/not-admin.shtml
http://www.malwarecomplaints.info/
Thanks...pskelley
Safer Networking Forums
http://www.spybot.info/en/donate/index.html
If you are reading this information...thank a teacher,
If you are reading it in English...thank a soldier.
Magnesium
2008-06-16, 07:31
Thanks Pskelley so i guess now i can reinstall spybot and also how do i make all the hidden files that you told me to make visible hidden again???
pskelley
2008-06-16, 15:17
Reverse the instructions you used to unhide them.
http://www.xtra.co.nz/help/0,,4155-1916458,00.html