Scan Status: Scan: 1 Start Scan: 04/27/08 18:55:43 Scan Targets: Running Processes;Entry Points;C:\ Virus Definitions: 04/26/08 Scan Count: 175122 Risks Found: 23 Risks resolved: 0 Risks unresolved: 23 Scan Time: 4700 sec Complete Scan: 04/27/08 20:14:04 Resolved Threats: Unresolved Threats: RegistryCleanFix Virus ID: 4294907206 Risk: Med Categories: Security Risk State: Unhandled ----------- Registry: HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\->RegistryCleanFixMFC SpywareIsolator Virus ID: 4294907293 Risk: Med Categories: Security Risk State: Unhandled ----------- Registry: HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run->spywareisolator HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1003\Software\spywareisolator HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\SpywareIsolator Infection: c:\documents and settings\ali.home.000\desktop\sisetup.exe Browser Cache Tracking Cookie Virus ID: 4294909925 Risk: Low Categories: Cookie State: Unhandled ----------- Cookie: Cookie:aslan@server.lon.liveperson.net/hc/66702201 Cookie:aslan@ad.yieldmanager.com/ Cookie:aslan@hits.gureport.co.uk/ Cookie:aslan@server.iad.liveperson.net/hc/29377020 Cookie:aslan@media.adrevolver.com/ Cookie:aslan@server.iad.liveperson.net/ Cookie:aslan@server.lon.liveperson.net/ Cookie:aslan@media.adrevolver.com/adrevolver/ Cookie:aslan@adopt.specificclick.net/ Cookie:aslan@ads.addynamix.com/ Downloader.MisleadApp Virus ID: 40906 Risk: High Categories: Virus State: Unhandled ----------- Process: c:\windows\system32\qdsbsbkj.exe Infection: c:\windows\system32\qdsbsbkj.exe c:\windows\system32\rghqjetq.exe Browser Cache Registry: HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run->pgtsszzp HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run->uvkwluxh Trojan.Vundo.B Virus ID: 28569 Risk: High Categories: Virus State: Unhandled ----------- Infection: c:\windows\system32\hggxvwpj.dll c:\windows\system32\awtursjk.dll Registry: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSEvents.MSEvents HKEY_LOCAL_MACHINE\SOFTWARE\Classes\MSEvents.MSEvents.1 HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44} HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44} HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44} HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44} Browser Cache Registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\hgGxvWPj HKEY_CLASSES_ROOT\CLSID\{64749853-AB2B-40D5-AE35-A9D443730AB7} HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64749853-AB2B-40D5-AE35-A9D443730AB7} HKEY_CLASSES_ROOT\CLSID\{C3F37ECA-A8D9-4633-92C6-FE24C7D16ABA} HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C3F37ECA-A8D9-4633-92C6-FE24C7D16ABA} HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks->{C3F37ECA-A8D9-4633-92C6-FE24C7D16ABA} Downloader.MisleadApp Virus ID: 40906 Risk: High Categories: Virus State: Unhandled ----------- Infection: c:\documents and settings\ali.home.000\local settings\temp\7ed7b500.exe Browser Cache Downloader.MisleadApp Virus ID: 40906 Risk: High Categories: Virus State: Unhandled ----------- Infection: c:\documents and settings\ali.home.000\local settings\temp\8c1f723a.exe Browser Cache Downloader.MisleadApp Virus ID: 40906 Risk: High Categories: Virus State: Unhandled ----------- Infection: c:\documents and settings\ali.home.000\local settings\temp\bb4e2453.exe Browser Cache Downloader.MisleadApp Virus ID: 40906 Risk: High Categories: Virus State: Unhandled ----------- Infection: c:\documents and settings\all users.windows\application data\laxwhylm\lqxwzots.exe Browser Cache Downloader.MisleadApp Virus ID: 40906 Risk: High Categories: Virus State: Unhandled ----------- Infection: c:\documents and settings\aslan\local settings\temp\f8ca78d1.exe Browser Cache Downloader.Zlob!gen.2 Virus ID: 38013 Risk: High Categories: Virus State: Unhandled ----------- File: C:\SDFix\backups\backups.zip Downloader.Zlob!gen.2 Virus ID: 38013 Risk: High Categories: Virus State: Unhandled ----------- File: C:\SDFix\backups\backups.zip Downloader.Zlob!gen.2 Virus ID: 38013 Risk: High Categories: Virus State: Unhandled ----------- File: C:\SDFix\backups\backups.zip Downloader.Zlob!gen.2 Virus ID: 38013 Risk: High Categories: Virus State: Unhandled ----------- File: C:\SDFix\backups\backups.zip Downloader.Zlob!gen.2 Virus ID: 38013 Risk: High Categories: Virus State: Unhandled ----------- File: C:\SDFix\backups\backups.zip Downloader.Zlob!gen.2 Virus ID: 38013 Risk: High Categories: Virus State: Unhandled ----------- File: C:\SDFix\backups\backups.zip Trojan.Zlob Virus ID: 4254 Risk: High Categories: Virus State: Unhandled ----------- File: C:\SDFix\backups\backups.zip Downloader.Zlob!gen.2 Virus ID: 38013 Risk: High Categories: Virus State: Unhandled ----------- File: C:\SDFix\backups\backups.zip Downloader.Zlob!gen.2 Virus ID: 38013 Risk: High Categories: Virus State: Unhandled ----------- File: C:\SDFix\backups\backups.zip Downloader.Zlob!gen.2 Virus ID: 38013 Risk: High Categories: Virus State: Unhandled ----------- File: C:\SDFix\backups\backups.zip Trojan.Zlob Virus ID: 4254 Risk: High Categories: Virus State: Unhandled ----------- File: C:\SDFix\backups\backups.zip Trojan.Vundo Virus ID: 28544 Risk: High Categories: Virus State: Unhandled ----------- Process: C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\rundll32.exe Infection: c:\windows\system32\cbxoexyo.dll Registry: HKEY_CLASSES_ROOT\CLSID\{0612F71E-934B-4D92-B8E8-2E29EA78EB03} HKEY_CLASSES_ROOT\CLSID\{2353FCBC-012D-487B-8BF3-865C0929FBEB} HKEY_CLASSES_ROOT\CLSID\{3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} HKEY_CLASSES_ROOT\CLSID\{83A5F7B7-DC75-44CE-9195-264F41709FA9} HKEY_CLASSES_ROOT\CLSID\{CE70731D-F28D-4D81-9D61-C8EE60378401} HKEY_CLASSES_ROOT\CLSID\{FC148228-87E1-4D00-AC06-58DCAA52A4D1} HKEY_CLASSES_ROOT\CLSID\{79A576C4-B7A9-47EC-B57C-2CE5CA6ECC6A} HKEY_CLASSES_ROOT\CLSID\{DAD9C3A5-FB4E-45CD-93EB-2059F4EEF4D1} HKEY_CLASSES_ROOT\CLSID\{DE8BDE42-16D9-4CCC-9F4F-1C3167B82F60} HKEY_CLASSES_ROOT\CLSID\{18898424-E3AB-4BA9-8E8D-5434B1CECA75} HKEY_CLASSES_ROOT\CLSID\{BAD263C7-B253-43D9-A1F7-25A1010E24E2} HKEY_CLASSES_ROOT\MSEvents.MSEvents HKEY_CLASSES_ROOT\MSEvents.MSEvents.1 HKEY_CLASSES_ROOT\IEpl.IEpl HKEY_CLASSES_ROOT\IEpl.IEPl.1 HKEY_CLASSES_ROOT\DPCUpdater.DPCUpdater HKEY_CLASSES_ROOT\DPCUpdater.DPCUpdater.1 HKEY_CLASSES_ROOT\ATLDistrib.ATLDistrib HKEY_CLASSES_ROOT\ATLDistrib.ATLDistrib.1 HKEY_CLASSES_ROOT\RawExecAction.RawExecAction HKEY_CLASSES_ROOT\RawExecAction.RawExecAction.1 HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0612F71E-934B-4D92-B8E8-2E29EA78EB03} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE70731D-F28D-4D81-9D61-C8EE60378401} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC148228-87E1-4D00-AC06-58DCAA52A4D1} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{79A576C4-B7A9-47EC-B57C-2CE5CA6ECC6A} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18898424-E3AB-4BA9-8E8D-5434B1CECA75} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2353FCBC-012D-487B-8BF3-865C0929FBEB} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83A5F7B7-DC75-44CE-9195-264F41709FA9} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DAD9C3A5-FB4E-45CD-93EB-2059F4EEF4D1} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DE8BDE42-16D9-4CCC-9F4F-1C3167B82F60} HKEY_CLASSES_ROOT\CLSID\{827DC836-DD9F-A602-5812EB50A834} HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{827DC836-DD9F-A602-5812EB50A834} HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BAD263C7-B253-43D9-A1F7-25A1010E24E2} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks->{BAD263C7-B253-43D9-A1F7-25A1010E24E2} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0612F71E-934B-4D92-B8E8-2E29EA78EB03} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0612F71E-934B-4D92-B8E8-2E29EA78EB03} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0612F71E-934B-4D92-B8E8-2E29EA78EB03} HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0612F71E-934B-4D92-B8E8-2E29EA78EB03} HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0612F71E-934B-4D92-B8E8-2E29EA78EB03} HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0612F71E-934B-4D92-B8E8-2E29EA78EB03} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2353FCBC-012D-487B-8BF3-865C0929FBEB} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2353FCBC-012D-487B-8BF3-865C0929FBEB} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2353FCBC-012D-487B-8BF3-865C0929FBEB} HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2353FCBC-012D-487B-8BF3-865C0929FBEB} HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2353FCBC-012D-487B-8BF3-865C0929FBEB} HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2353FCBC-012D-487B-8BF3-865C0929FBEB} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3FE36807-69ED-45D1-B9BE-85C0E3F75B6A} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{827DC836-DD9F-A602-5812EB50A834} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{827DC836-DD9F-A602-5812EB50A834} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{827DC836-DD9F-A602-5812EB50A834} HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{827DC836-DD9F-A602-5812EB50A834} HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{827DC836-DD9F-A602-5812EB50A834} HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{827DC836-DD9F-A602-5812EB50A834} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CE70731D-F28D-4D81-9D61-C8EE60378401} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CE70731D-F28D-4D81-9D61-C8EE60378401} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CE70731D-F28D-4D81-9D61-C8EE60378401} HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CE70731D-F28D-4D81-9D61-C8EE60378401} HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CE70731D-F28D-4D81-9D61-C8EE60378401} HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CE70731D-F28D-4D81-9D61-C8EE60378401} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DAD9C3A5-FB4E-45CD-93EB-2059F4EEF4D1} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DAD9C3A5-FB4E-45CD-93EB-2059F4EEF4D1} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DAD9C3A5-FB4E-45CD-93EB-2059F4EEF4D1} HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DAD9C3A5-FB4E-45CD-93EB-2059F4EEF4D1} HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DAD9C3A5-FB4E-45CD-93EB-2059F4EEF4D1} HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DAD9C3A5-FB4E-45CD-93EB-2059F4EEF4D1} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC148228-87E1-4D00-AC06-58DCAA52A4D1} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC148228-87E1-4D00-AC06-58DCAA52A4D1} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC148228-87E1-4D00-AC06-58DCAA52A4D1} HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC148228-87E1-4D00-AC06-58DCAA52A4D1} HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC148228-87E1-4D00-AC06-58DCAA52A4D1} HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC148228-87E1-4D00-AC06-58DCAA52A4D1} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18898424-E3AB-4BA9-8E8D-5434B1CECA75} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18898424-E3AB-4BA9-8E8D-5434B1CECA75} HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18898424-E3AB-4BA9-8E8D-5434B1CECA75} HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18898424-E3AB-4BA9-8E8D-5434B1CECA75} HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18898424-E3AB-4BA9-8E8D-5434B1CECA75} HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18898424-E3AB-4BA9-8E8D-5434B1CECA75} HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run->SysUpd HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run->WindowsUpd HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run->SysUpd HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run->SysUpd HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Run->SysUpd HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run->SysUpd HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run->SysUpd HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run->SysUpd HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run->WindowsUpd HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1004\Software\Microsoft\Windows\CurrentVersion\Run->WindowsUpd HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1006\Software\Microsoft\Windows\CurrentVersion\Run->WindowsUpd HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run->WindowsUpd HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run->WindowsUpd HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run->WindowsUpd HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1003\Software\Microsoft\WindowsUpd HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1004\Software\Microsoft\WindowsUpd HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1006\Software\Microsoft\WindowsUpd HKEY_USERS\S-1-5-19\Software\Microsoft\WindowsUpd HKEY_USERS\S-1-5-20\Software\Microsoft\WindowsUpd HKEY_USERS\.DEFAULT\Software\Microsoft\WindowsUpd HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1003\Software\Microsoft\SysUpd HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1004\Software\Microsoft\SysUpd HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1006\Software\Microsoft\SysUpd HKEY_USERS\S-1-5-19\Software\Microsoft\SysUpd HKEY_USERS\S-1-5-20\Software\Microsoft\SysUpd HKEY_USERS\.DEFAULT\Software\Microsoft\SysUpd HKEY_CLASSES_ROOT\CLSID\{6DD0BC06-4719-4BA3-BEBC-FBAE6A448152} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6DD0BC06-4719-4BA3-BEBC-FBAE6A448152} HKEY_CLASSES_ROOT\CLSID\{A6CEA0E7-6B4D-4CD9-9932-D85705CBC1A9} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6CEA0E7-6B4D-4CD9-9932-D85705CBC1A9} HKEY_LOCAL_MACHINE\Software\Microsoft\DomainService HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1003\Software\Microsoft\aldd HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1004\Software\Microsoft\aldd HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1006\Software\Microsoft\aldd HKEY_USERS\S-1-5-19\Software\Microsoft\aldd HKEY_USERS\S-1-5-20\Software\Microsoft\aldd HKEY_USERS\.DEFAULT\Software\Microsoft\aldd HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1003\Software\Microsoft\rdfa HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1004\Software\Microsoft\rdfa HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1006\Software\Microsoft\rdfa HKEY_USERS\S-1-5-19\Software\Microsoft\rdfa HKEY_USERS\S-1-5-20\Software\Microsoft\rdfa HKEY_USERS\.DEFAULT\Software\Microsoft\rdfa HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1003\Software\Microsoft\CAC HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1004\Software\Microsoft\CAC HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1006\Software\Microsoft\CAC HKEY_USERS\S-1-5-19\Software\Microsoft\CAC HKEY_USERS\S-1-5-20\Software\Microsoft\CAC HKEY_USERS\.DEFAULT\Software\Microsoft\CAC HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1003\Software\Microsoft\affltid HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1004\Software\Microsoft\affltid HKEY_USERS\S-1-5-21-1614895754-1708537768-839522115-1006\Software\Microsoft\affltid HKEY_USERS\S-1-5-19\Software\Microsoft\affltid HKEY_USERS\S-1-5-20\Software\Microsoft\affltid HKEY_USERS\.DEFAULT\Software\Microsoft\affltid HKEY_LOCAL_MACHINE\Software\Microsoft\FCOVM HKEY_LOCAL_MACHINE\Software\Microsoft\RemoveRP HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon->SFCDisable:0 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa->Authentication Packages:... Browser Cache Downloader Virus ID: 26637 Risk: High Categories: Virus State: Unhandled ----------- Infection: c:\windows\installer\{5609c20a-e5b0-40a4-879c-7dda6f233b72}\winmon.dll Browser Cache --------------------------------------------------------------------------