Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

malware removal [RESOLVED]


  • This topic is locked This topic is locked

#1
jayboy1000

jayboy1000

    Member

  • Member
  • PipPip
  • 18 posts
Hi,
Having followed your advice :

I've installed avg anti virus ...... I'm litterd with trojans/dialers etc.
I've installed : super antispyware (free)
: spyware doctor ( already got lisence)
: Malware bytes (free)
:spyware blaster (free)

AVG still shows infection. I've removed dr.web from my system and also avast. Not sure how you do what you do but pleas do it and have a look at where I'm going wrong.

eternally grateful

Jay


2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
ACDSee
Adobe Flash Player ActiveX
Adobe Reader 8.1.2
Adobe Shockwave Player 11
Agere Systems PCI Soft Modem
ATI Control Panel
ATI Display Driver
AutoCAD 2009 - English
AVG Free 8.0
BitLord 1.1
CDDRV_Installer
Compaq Multimedia Keyboard Software
Cucusoft MPEG/MOV/RM/DivX/AVI to DVD/VCD/SVCD Creator Pro 7.07
DVD Decrypter (Remove Only)
DWG TrueView 2008
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Updater
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Windows Internet Explorer 7 (KB947864)
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB914440)
Hotfix for Windows XP (KB915800)
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Hotfix for Windows XP (KB935448)
HP Extended Capabilities 5.3
HP Imaging Device Functions 5.3
HP Photo Imaging Software
HP Photo Printing Software
HP Photosmart Essential
HP PSC & OfficeJet 5.3.B
HP Share-to-Web
HP Software Update
HP Solution Center & Imaging Support Tools 5.3
HP Update
ImageMixer VCD2
Intel® PRO Network Connections Drivers
InterVideo WinDVD Player
IrfanView (remove only)
iTunes
J2SE Runtime Environment 5.0
Java™ 6 Update 2
Java™ 6 Update 3
Java™ 6 Update 5
KhalSetup
Logitech Desktop Messenger
Logitech iTouch Software
Logitech MouseWare 9.71
Logitech Resource Center
Logitech SetPoint
MagicDisc 2.6.93
Malwarebytes' Anti-Malware
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft .NET Framework 3.0 Service Pack 1
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Expression Web
Microsoft Expression Web
Microsoft Expression Web MUI (English)
Microsoft Expression Web Service Pack 1 (SP1)
Microsoft Expression Web Service Pack 1 (SP1)
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Professional 2007
Microsoft Office Professional 2007 Trial
Microsoft Office Project 2007 Service Pack 1 (SP1)
Microsoft Office Project 2007 Service Pack 1 (SP1)
Microsoft Office Project MUI (English) 2007
Microsoft Office Project Professional 2007
Microsoft Office Project Professional 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Small Business 2007
Microsoft Office Small Business 2007 Trial
Microsoft Office Visio 2007 Service Pack 1 (SP1)
Microsoft Office Visio 2007 Service Pack 1 (SP1)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Visio Professional 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 6.0 Parser (KB933579)
Nero 8
neroxml
OfficePrinter 2.0
PC-Doctor 5 for Windows
Picture Package
PowerISO
PS2
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
QuickTime
RealPlayer
Registry Mechanic 6.0
Sage Accounts V11.01
Sage MIS 3.01
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Excel 2007 (KB946974)
Security Update for Excel 2007 (KB946974)
Security Update for Excel 2007 (KB946974)
Security Update for Office 2007 (KB947801)
Security Update for Office 2007 (KB947801)
Security Update for Office 2007 (KB947801)
Security Update for Outlook 2007 (KB946983)
Security Update for Outlook 2007 (KB946983)
Security Update for Outlook 2007 (KB946983)
Security Update for Step By Step Interactive Training (KB923723)
Security Update for Visio 2007 (KB947590)
Security Update for Visio 2007 (KB947590)
Security Update for Visio 2007 (KB947590)
Security Update for Visio 2007 (KB947590)
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB917734)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows XP (KB883939)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896422)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
Sony Ericsson PC Suite
Sony USB Driver
Spyware Doctor 5.5
SpywareBlaster 4.0
SUPERAntiSpyware Free Edition
Universal Extractor 1.5
Update for Office 2007 (KB946691)
Update for Office 2007 (KB946691)
Update for Office 2007 (KB946691)
Update for Office 2007 (KB946691)
Update for Office 2007 (KB946691)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb949037)
Update for Outlook 2007 Junk Email Filter (kb949037)
Update for Outlook 2007 Junk Email Filter (kb949037)
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB925720)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB933360)
Update for Windows XP (KB936357)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
VCRedistSetup
VideoLAN VLC media player 0.8.6d
Windows Desktop Search 3.01
Windows Essentials Media Codec Pack 1.0
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Presentation Foundation
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB883667
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888239
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
WinRAR archiver
Worms World Party

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:48:45, on 27/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\PROGRA~1\HEWLET~1\PHOTOS~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Registry Mechanic\RegMech.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\update.exe -silent
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1257293555-3702680850-1884092972-500\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Administrator')
O4 - HKUS\S-1-5-21-1257293555-3702680850-1884092972-500\..\RunOnce: [NeroHomeFirstStart] "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" (User 'Administrator')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewi...oOnlineScan.cab
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - http://a516.g.akamai...cat-no-eula.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx...owserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

--
End of file - 12629 bytes
  • 0

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi can you let me know what AVG reports as the trojan along with the location Ta

Please download Deckard's System Scanner (DSS) and save it to your Desktop.
  • Close all other windows before proceeding.
  • Double-click on dss.exe and follow the prompts.
  • When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.

  • 0

#3
jayboy1000

jayboy1000

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Hope this is what you need.
I'll send the avg log over...... just scanning now.

Thanks Again

Jay

Deckard's System Scanner v20071014.68
Run by Compaq_Owner on 2008-04-27 16:22:34
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
166: 2008-04-27 15:22:48 UTC - RP363 - Deckard's System Scanner Restore Point
165: 2008-04-27 13:46:12 UTC - RP362 - Made by Registry Mechanic
164: 2008-04-27 10:54:33 UTC - RP361 - Installed SUPERAntiSpyware Free Edition
163: 2008-04-27 10:11:03 UTC - RP360 - geek point
162: 2008-04-26 23:50:26 UTC - RP359 - Installed AVG Free 8.0


-- First Restore Point --
1: 2008-01-28 17:30:42 UTC - RP198 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Compaq_Owner.exe) ----------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:26:30, on 27/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe
C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\PROGRA~1\HEWLET~1\PHOTOS~1\HPSHAR~1\hpgs2wnf.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Registry Mechanic\RegMech.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Compaq_Owner\Local Settings\Temporary Internet Files\Content.IE5\D40O8HO9\dss[1].exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Compaq_Owner.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\update.exe -silent
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1257293555-3702680850-1884092972-500\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Administrator')
O4 - HKUS\S-1-5-21-1257293555-3702680850-1884092972-500\..\RunOnce: [NeroHomeFirstStart] "C:\Program Files\Common Files\Nero\Lib\NMFirstStart.exe" (User 'Administrator')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyCasino.com - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewi...oOnlineScan.cab
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - http://a516.g.akamai...cat-no-eula.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx...owserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.m...ash/swflash.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

--
End of file - 12733 bytes

-- File Associations -----------------------------------------------------------

.scr - AutoCADScriptFile - shell\open\command - C:\WINDOWS\system32\notepad.exe "%1"


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 cdrbsdrv - c:\windows\system32\drivers\cdrbsdrv.sys <Not Verified; B.H.A Corporation; B's Recorder GOLD7>
R1 SASDIFSV - c:\program files\superantispyware\sasdifsv.sys
R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R3 SASENUM - c:\program files\superantispyware\sasenum.sys <Not Verified; SuperAdBlocker, Inc.; SuperAntiSpyware>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Nero BackItUp Scheduler 3 - c:\program files\nero\nero8\nero backitup\nbservice.exe


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Files created between 2008-03-27 and 2008-04-27 -----------------------------

2008-04-27 12:27:09 0 d--h----- C:\$AVG8.VAULT$
2008-04-27 11:54:53 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-04-27 11:54:34 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-04-27 11:54:34 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\SUPERAntiSpyware.com
2008-04-27 11:53:06 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-27 11:16:34 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Malwarebytes
2008-04-27 11:14:31 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-27 11:14:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-27 11:14:13 0 d-------- C:\Program Files\Common Files\Download Manager
2008-04-27 02:03:36 0 d-------- C:\Program Files\Trend Micro
2008-04-27 00:51:21 0 d-------- C:\WINDOWS\system32\drivers\Avg
2008-04-27 00:51:20 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\AVGTOOLBAR
2008-04-27 00:50:32 0 d-------- C:\Program Files\AVG
2008-04-27 00:50:30 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-04-26 13:51:57 0 d-------- C:\Program Files\IrfanView
2008-04-25 23:02:03 0 d-------- C:\Program Files\SpywareBlaster
2008-04-25 18:24:57 0 d-------- C:\Program Files\Moss Bay Software
2008-04-25 18:04:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-04-24 20:33:58 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\InstallShield
2008-04-24 18:33:45 77824 --a-----t C:\WINDOWS\system32\DRWEBSP.DLL <Not Verified; Doctor Web, Ltd.; Dr.Web Anti-Virus>
2008-04-23 17:51:40 0 d--h----- C:\WINDOWS\PIF
2008-04-22 20:07:48 0 d-------- C:\WINDOWS\system32\Adobe
2008-04-19 20:48:10 0 d-------- C:\Program Files\DrWeb
2008-04-18 18:58:32 0 d-------- C:\Documents and Settings\Administrator\Application Data\Share-to-Web Upload Folder
2008-04-18 18:57:04 0 d-------- C:\Documents and Settings\Administrator\Application Data\Microsoft
2008-04-18 18:57:04 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2008-04-18 18:57:04 0 d-------- C:\Documents and Settings\Administrator\Application Data\Apple Computer
2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\WINDOWS
2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\Templates
2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\Start Menu
2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\SendTo
2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\Recent
2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\PrintHood
2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\NetHood
2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\My Documents
2008-04-18 18:57:03 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\Favorites
2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\Desktop
2008-04-18 18:57:03 0 d--hs---- C:\Documents and Settings\Administrator\Cookies
2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\Application Data
2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\Application Data\Symantec
2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\Application Data\SampleView
2008-04-18 18:57:03 0 d-------- C:\Documents and Settings\Administrator\Application Data\Real
2008-04-18 18:57:02 782336 --a------ C:\Documents and Settings\Administrator\NTUSER.DAT
2008-04-17 18:05:43 0 d-------- C:\Program Files\World of Warcraft Trial
2008-04-17 17:46:41 0 d-------- C:\Program Files\WoW-2.3.0.7561-enUS
2008-04-17 14:18:47 0 d-------- C:\Documents and Settings\LocalService\Application Data\PC Tools
2008-04-17 14:17:14 0 d-------- C:\Documents and Settings\LocalService\Start Menu
2008-04-17 14:12:35 0 d-------- C:\Documents and Settings\LocalService\Application Data\Adobe
2008-04-17 14:12:04 0 d-------- C:\Documents and Settings\LocalService\Application Data\Google
2008-04-17 14:11:43 0 dr------- C:\Documents and Settings\LocalService\Favorites
2008-04-17 11:57:00 0 d-------- C:\Documents and Settings\Compaq_Owner\DoctorWeb
2008-04-12 15:46:51 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\WinRAR
2008-04-12 14:45:41 0 d-------- C:\Program Files\DVD Decrypter
2008-04-10 23:23:41 0 d-------- C:\Program Files\AutoCAD 2009
2008-04-10 20:04:56 0 d-------- C:\WINDOWS\system32\XPSViewer
2008-04-10 20:04:03 0 d-------- C:\Program Files\Reference Assemblies
2008-04-10 20:00:36 0 d-------- C:\Program Files\Autodesk
2008-04-04 20:23:15 0 d-------- C:\Program Files\Common Files\Blizzard Entertainment
2008-04-01 15:08:49 0 d-------- C:\Program Files\Microsoft Expression
2008-04-01 14:58:33 0 d-------- C:\Program Files\MSBuild
2008-04-01 14:55:09 0 d-------- C:\Program Files\Microsoft Visual Studio 8
2008-03-30 17:20:46 0 d-------- C:\Program Files\PowerISO
2008-03-30 14:47:06 0 d-------- C:\Program Files\MagicDisc
2008-03-30 13:59:46 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\DAEMON Tools
2008-03-30 13:48:08 0 d-------- C:\Program Files\Universal Extractor
2008-03-30 11:02:27 0 d-------- C:\Program Files\Sony


-- Find3M Report ---------------------------------------------------------------

2008-04-27 13:18:09 0 d-------- C:\Program Files\Spyware Doctor
2008-04-27 11:53:06 0 d-------- C:\Program Files\Common Files
2008-04-26 23:48:05 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-04-25 16:23:42 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Image Zone Express
2008-04-17 17:46:41 1283912 --a------ C:\Program Files\WoW-2.3.0.7561-enUS-downloader.exe <Not Verified; Blizzard Entertainment; Blizzard Downloader>
2008-04-16 12:20:20 2216 --a------ C:\Documents and Settings\Compaq_Owner\Application Data\ViewerApp.dat
2008-04-11 00:12:15 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Autodesk
2008-04-10 23:29:28 0 d-------- C:\Program Files\Common Files\Autodesk Shared
2008-03-30 12:58:14 0 d-------- C:\Program Files\QuickTime
2008-03-20 21:49:22 0 d-------- C:\Program Files\Essentials Codec Pack
2008-03-20 21:40:27 0 d-------- C:\Program Files\DivX
2008-03-20 20:11:50 0 d-------- C:\Program Files\GSpot
2008-03-18 10:24:08 0 d-------- C:\Program Files\Windows Media Connect 2
2008-03-17 09:50:04 0 d-------- C:\Program Files\Common Files\PC Tools
2008-03-16 23:01:37 0 d-------- C:\Program Files\Microsoft Silverlight
2008-03-16 22:42:07 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Media Player Classic
2008-03-16 22:31:13 0 d-------- C:\Program Files\Cucusoft
2008-03-16 22:14:51 73728 --a------ C:\WINDOWS\ALCFDRTM.EXE <Not Verified; Realtek Semiconductor Corp.; Realtek ALCFDRTM>
2008-03-13 09:19:15 0 d-------- C:\Program Files\Java
2008-03-10 19:13:45 0 d-------- C:\Documents and Settings\Compaq_Owner\Application Data\Azureus


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
27/04/2008 00:51 2050816 --a------ C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{A057A204-BACC-4D26-9990-79A187E2698E}"= C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [27/04/2008 00:51 2050816]

[-HKEY_CLASSES_ROOT\CLSID\{A057A204-BACC-4D26-9990-79A187E2698E}]
[HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [22/02/2008 05:25]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [07/05/1998 17:04]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [08/01/2005 01:07 C:\WINDOWS\system32\HdAShCut.exe]
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [15/04/2005 05:05]
"SoundMan"="SOUNDMAN.EXE" [04/05/2005 02:43 C:\WINDOWS\SOUNDMAN.EXE]
"AlcWzrd"="ALCWZRD.EXE" [04/05/2005 18:01 C:\WINDOWS\ALCWZRD.EXE]
"Alcmtr"="ALCMTR.EXE" [04/05/2005 02:43 C:\WINDOWS\ALCMTR.EXE]
"KBD"="C:\HP\KBD\KBD.EXE" [03/02/2005 00:44]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [03/01/2005 06:57]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [05/05/2005 01:21]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [14/04/2004 21:43]
"PCDrProfiler"="" []
"PS2"="C:\WINDOWS\system32\ps2.exe" [25/10/2004 23:17]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [11/05/2005 01:50]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [11/05/2005 23:12]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [10/10/2007 20:51]
"RegistryMechanic"="" []
"zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [22/07/2002 03:10]
"EM_EXEC"="C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [09/07/2002 09:50]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [03/01/2005 07:02]
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [23/01/2007 15:44 C:\WINDOWS\KHALMNPR.Exe]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [24/11/2006 01:06]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [28/07/2004 00:50]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [28/07/2004 00:50]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [03/12/2007 15:21]
"CXMon"="C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe" [27/08/2001 11:52]
"Share-to-Web Namespace Daemon"="C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe" [03/07/2001 10:11]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [01/03/2007 15:57]
"Media Codec Update Service"="C:\Program Files\Essentials Codec Pack\update.exe" [08/04/2007 17:44]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [24/08/2007 07:00]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [15/03/2008 00:50]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [27/04/2008 00:50]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [01/02/2008 11:55]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [04/08/2004 13:00]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [27/04/2008 14:36]

C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [24/08/2007 04:45:42]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [18/02/2008 11:25:30]
HP Digital Imaging Monitor.lnk - C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe [11/05/2005 23:23:26]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [05/02/2007 16:39 294400]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [20/12/2006 12:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL 27/04/2008 14:37 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup"


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{949be10e-4208-11dc-8b2e-0013d38a49f6}]
AutoRun\command- J:\setupSNK.exe

*Newly Created Service* - SASDIFSV



-- End of Deckard's System Scanner: finished at 2008-04-27 16:27:37 ------------

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: Intel® Pentium® 4 CPU 3.06GHz
Percentage of Memory in Use: 58%
Physical Memory (total/avail): 1023.36 MiB / 420.29 MiB
Pagefile Memory (total/avail): 2460.39 MiB / 1645.28 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1934.58 MiB

C: is Fixed (NTFS) - 226.88 GiB total, 167.74 GiB free.
D: is Fixed (FAT32) - 5.99 GiB total, 2.54 GiB free.
E: is CDROM (CDFS)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
J: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - ST3250823AS - 232.88 GiB - 2 partitions
\PARTITION0 - Unknown - 6 GiB - D:
\PARTITION1 (bootable) - Installable File System - 226.88 GiB - C:

\\.\PHYSICALDRIVE2 - Generic USB CF Reader USB Device

\\.\PHYSICALDRIVE4 - Generic USB MS Reader USB Device

\\.\PHYSICALDRIVE1 - Generic USB SD Reader USB Device

\\.\PHYSICALDRIVE3 - Generic USB SM Reader USB Device



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.

AV: Spyware Doctor with AntiVirus v4.4.5 (PC Tools)
AV: AVG Anti-Virus Free v8.0 (AVG Technologies)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%ProgramFiles%\\iTunes\\iTunes.exe"="%ProgramFiles%\\iTunes\\iTunes.exe:*:enabled:iTunes"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\Hp\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\Hp\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\Hp\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\Hp\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\Hp\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"="C:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe:*:Enabled:Nero Home"
"C:\\Program Files\\BitLord\\BitLord.exe"="C:\\Program Files\\BitLord\\BitLord.exe:*:Enabled:BitLord"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe"="C:\\Program Files\\Common Files\\Ahead\\Nero Web\\SetupX.exe:*:Enabled:Nero ProductSetup"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe"="C:\\Program Files\\Common Files\\Nero\\Nero Web\\SetupX.exe:*:Enabled:Nero ControlCenter"
"C:\\Program Files\\Azureus\\Azureus.exe"="C:\\Program Files\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"="C:\\Program Files\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Compaq_Owner\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=YOUR-447023AE6B
ComSpec=C:\WINDOWS\system32\cmd.exe
DEFAULT_CA_NR=CA8
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Compaq_Owner
LOGONSERVER=\\YOUR-447023AE6B
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\Program Files\Internet Explorer;;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Python22;C:\Program Files\ATI Technologies\ATI Control Panel;C:\Program Files\Common Files\Teleca Shared;C:\Program Files\Universal Extractor\bin;;C:\PROGRA~1\COMMON~1\MUVEET~1\030625;C:\PROGRA~1\COMMON~1\MUVEET~1\030625;C:\PROGRA~1\MICROS~3\Office12;C:\Program Files\Common Files\Nero\Lib\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 4 Stepping 1, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0401
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SonicCentral=c:\Program Files\Common Files\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\COMPAQ~1\LOCALS~1\Temp
USERDOMAIN=YOUR-447023AE6B
USERNAME=Compaq_Owner
USERPROFILE=C:\Documents and Settings\Compaq_Owner
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Compaq_Owner (admin)
Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\IsUninst.exe -fC:\WINDOWS\orun32.isu
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
--> c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {91120000-0014-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {91120000-00CA-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
ACDSee --> C:\PROGRA~1\ACDSYS~1\ACDSee\UNWISE.EXE C:\PROGRA~1\ACDSYS~1\ACDSee\INSTALL.LOG
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 8.1.2 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player 11 --> C:\WINDOWS\system32\adobe\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Adobe\SHOCKW~1\Install.log
Agere Systems PCI Soft Modem --> agrsmdel
ATI Control Panel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}\setup.exe"
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,[email protected] -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
AutoCAD 2009 - English --> C:\Program Files\AutoCAD 2009\Setup\Setup.exe /P {5783F2D7-7001-0409-0002-0060B0CE6BBA} /M ACAD
AVG Free 8.0 --> C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
BitLord 1.1 --> C:\Program Files\BitLord\uninst.exe
CDDRV_Installer --> MsiExec.exe /I{8CC990CD-87C8-475C-AC32-8A7984E2FCFA}
Compaq Multimedia Keyboard Software --> C:\HP\KBD\KBD.EXE uninstalled
Cucusoft MPEG/MOV/RM/DivX/AVI to DVD/VCD/SVCD Creator Pro 7.07 --> "C:\Program Files\Cucusoft\avi-dvd-pro\unins000.exe"
DVD Decrypter (Remove Only) --> "C:\Program Files\DVD Decrypter\uninstall.exe"
DWG TrueView 2008 --> C:\Program Files\DWG TrueView 2008\Setup\Setup.exe /P {B1A9CD45-A702-4E3B-91ED-8CD562869901} /M AOEM
Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Google Updater --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2 --> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Extended Capabilities 5.3 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Imaging Device Functions 5.3 --> C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP Photo Imaging Software --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Uninstall.isu" -c"C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\hpiunCX.dll
HP Photo Printing Software --> C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Printing\Uninstall.isu" -c"C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Printing\hpiunPC.dll
HP Photosmart Essential --> MsiExec.exe /X{EB21A812-671B-4D08-B974-2A347F0D8F70}
HP PSC & OfficeJet 5.3.B --> "C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
HP Share-to-Web --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{748F4870-8350-11D3-B0BF-080009FB4A19}\Setup.exe" --MAIN -l9
HP Software Update --> MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
HP Solution Center & Imaging Support Tools 5.3 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HP Update --> MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
ImageMixer VCD2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F8C6BABF-0837-4EA0-AD6C-8E5A392A7538}\setup.exe" -l0x9 UNINSTALL
Intel® PRO Network Connections Drivers --> Prounstl.exe
InterVideo WinDVD Player --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
IrfanView (remove only) --> C:\Program Files\IrfanView\iv_uninstall.exe
iTunes --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{523E6F2A-2D59-4D91-90E8-6C49931C9F50}
J2SE Runtime Environment 5.0 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150000}
Java™ 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
Java™ 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java™ 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
KhalSetup --> MsiExec.exe /I{C89C8D86-4423-4A58-AA40-DD259ACE07C1}
Logitech Desktop Messenger --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{900B1197-53F5-4F46-A882-2CFFFE2EEDCB}\setup.exe" -l0x9 UNINSTALL
Logitech iTouch Software --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{036AA4D4-6D32-11D4-9875-00105ACE7734}\setup.exe" -l0x9 UNINSTALL
Logitech MouseWare 9.71 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\setup.exe" -l0x9 -l0009 UNINSTALL
Logitech Resource Center --> C:\PROGRA~1\Logitech\RESOUR~1\rem\UNWISE.EXE /s C:\PROGRA~1\Logitech\RESOUR~1\rem\INSTALL.LOG
Logitech SetPoint --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe" -l0x9 -removeonly
MagicDisc 2.6.93 --> C:\PROGRA~1\MAGICD~1\UNWISE.EXE C:\PROGRA~1\MAGICD~1\INSTALL.LOG
Malwarebytes' Anti-Malware --> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Expression Web --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall WEBDESIGNER /dll ESETUP.DLL
Microsoft Expression Web --> MsiExec.exe /X{90120000-0026-0000-0000-0000000FF1CE}
Microsoft Expression Web MUI (English) --> MsiExec.exe /X{90120000-0026-0409-0000-0000000FF1CE}
Microsoft Expression Web Service Pack 1 (SP1) --> msiexec /package {90120000-0026-0000-0000-0000000FF1CE} /uninstall {9037FDA8-8383-4B6F-859D-D49C3C625225}
Microsoft Expression Web Service Pack 1 (SP1) --> msiexec /package {90120000-0026-0409-0000-0000000FF1CE} /uninstall {DA3B8FC6-8B1D-447A-A5EE-B226DCC10662}
Microsoft Office Access MUI (English) 2007 --> MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007 --> MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007 --> MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007 --> MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007 --> MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007 --> MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007 --> MsiExec.exe /X{90120000-001A-04
  • 0

#4
jayboy1000

jayboy1000

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
here's the avg stuff ....


Scan "Scan whole computer" was finished.
Infections found:;"0"
Infected objects removed or healed;"0"
Not removed or healed.;"0"
Spyware found:;"0"
Spyware removed:;"0"
Not removed:;"0"
Warnings count:;"567"
Information count:;"0"
Scan started:;"27 April 2008, 15:24:01"
Total object scanned:;"837752"
Time needed:;"1 hour(s) 22 minute(s) "
Errors encountered:;"0"

Warnings
File;"Infection";"Result"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00000000-15D9-4736-AB29-131578A45F2B};"Found Adware.Wordsonweb";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00000000-59D4-4008-9058-080011001200};"Found Adware.TitanShieldAntispyware";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00000000-C1EC-0345-6EC2-4D0300000000};"Found Adware.TitanShieldAntispyware";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00000000-F09C-02B4-6EC2-AD0300000000};"Found Adware.TitanShieldAntispyware";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00000001-C003-4A2F-9142-7CB1D78DE6C1};"Found Adware.InternetOptimizer";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00000049-8F91-4D9C-9573-F016E7626484};"Found Adware.Isearch";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00000062-2E5F-4AF7-986E-5B64E0951A96};"Found Adware.BetterInternet";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00027925-0017-4FAF-9539-90E4AC0B9EC5};"Found Adware.IEPlugin";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00110011-4B0B-44D5-9718-90C88817369B};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{002AF282-E42D-4B51-9F70-F1570C02FAAD};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00C9C6A4-1889-46BC-B73A-F4DDCC042735};"Found Adware.Vundo";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00DBDAC8-4691-4797-8E6A-7C6AB89BC441};"Found Downloader.ConHook.l";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{00F1D395-4744-40F0-A611-980F61AE2C59};"Found Adware.DrSearch";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{01B55AFA-F451-474B-9E91-C35B24D02641};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{01D8D081-0F76-4AB5-B5E4-9B23A709670E};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{01E69986-A054-4C52-ABE8-EF63DF1C5211};"Found Adware.CramToolbar";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{01EB5130-FC0C-4D75-B9CE-4801B1B854F5};"Found Adware.Begin2Search";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{020B1227-417D-4682-9AC3-61F43CB5B6B1};"Found Adware.RogueSuspect";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{037CE595-57CB-4EB5-9775-97BC112F3BB3};"Found Trojan.Bomka";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{052B12F7-86FA-4921-8482-26C42316B522};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{05324ED1-05C0-4E3A-A34F-98BFC64426F5};"Found Adware.ErrorSafe";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{06170642-FA65-4FB6-AC79-5F235CB99BC2};"Found Adware.RogueSuspect";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{06849E9F-C8D7-4D59-B87D-784B7D6BE083};"Found Logger.Agent.io";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{06EECACB-F7C6-4ab9-B6AE-2DC4ED4588BB};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{06FE8138-6C67-484F-AB1F-42ABDDD2CBB6};"Found Adware.VirusBurst";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{086AE192-23A6-48D6-96EC-715F53797E85};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{08A312BB-5409-49FC-9347-54BB7D069AC6};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0A00D11E-B1E7-44B5-AD88-C9190876AAC4};"Found Adware.Dyibar";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0A51FD8D-6835-4212-B796-AFC24F4D108A};"Found Adware.CreatrixMedia";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0AD937E7-2F37-4873-A05E-548A67EF1D0E};"Found Adware.FlashEnhancer";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0B9B7B2E-30E3-4C5D-AD2C-C38724979B4B};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0BAD5052-665D-40D4-A9BD-A2891EAAFB42};"Found Adware.VirusBursters";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0BAE99AF-A9F7-4F7E-9C72-2C1CC81BE0FF};"Found Adware.CreatrixMedia";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0C5A0FFF-9164-493B-93E0-17446374E0A0};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0D0FAB5C-2BE4-4126-A28E-828FEBCE1E55};"Found Adware.RogueSuspect";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0D2DEF3A-F4F1-42EC-AC4F-132E7BA6E292};"Found Adware.MWSearch";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0D4C7057-EAD2-44C6-AD18-9092905F28F1};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0D9EB558-0666-479E-868A-21B1D1A53BD1};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0E4E5110-A772-4C4A-A7DC-137FE10ABD6E};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0EDC6C20-A31C-11DB-8AB9-0800200C9A66};"Found Adware.RogueSuspect";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{0F25878F-F8AE-5D5D-2BB7-31B5F803290D};"Found Adware.RogueSuspect";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{11111111-2222-3333-4444-555555555555};"Found Adware.Casino";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{11111111-2222-408A-9842-CDBE1C6D37EB};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{11853D5F-F894-4CC7-BBC3-FC7A9DCFD896};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{11904CE8-632A-4856-A7CC-00B33FE71BD8};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{11A4CA8C-A8B9-49C2-A6D3-3F64C9EEBAE6};"Found Adware.Shorty";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{11F09AFD-75AD-4E51-AB43-E09E9351CE16};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{125494B2-ACAD-414C-98B9-452F3EF7703A};"Found Adware.RogueSuspect";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{13146842-6251-5625-3072-548536364311};"Found Logger.Goldun.an";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{13589181-4F0D-4553-B9F8-B4B72172C139};"Found Adware.Vundo";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{150FA160-130D-451F-B863-B655061432BA};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1559E6C1-7E5E-4461-9457-6A2DEA85EB9F};"Found Adware.VirusBurst";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{159C2E51-9823-11D2-8DDC-D84A1B4ACD4D};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{15ACE85C-0BB1-42D1-9E32-07EB0506675A};"Found Downloader.Small.nl";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{15BA172C-5F41-4CB9-B38D-530FD507997C};"Found Trojan.KillProc.h";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1640DE0E-75E4-4A83-B5D1-2492BC7EBA8F};"Found Adware.RogueSuspect";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{16875E09-927B-4494-82BD-158A1CD46BA0};"Found Downloader.Delf.vt";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{168CF174-6DAB-461C-A761-A7ADFA5A5719};"Found Adware.VirusBurst";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{16A770A0-0E87-4278-B748-2460D64A8386};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{16DF666F-BA95-4F41-B396-1381C2BA66F4};"Found Adware.Virtumonde";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{17253725-2463-2796-3683-279268379362};"Found Trojan.Goldun.u";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{17DA0C9E-4A27-4AC5-BB75-5D24B8CDB972};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{184B0A26-4C9C-4757-ABF5-4B6AF71F9A45};"Found Adware.ErrorSafe";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{18A41B20-E519-47A1-B545-FFC200730E9B};"Found Adware.ErrorSafe";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{18F57D30-EF36-4C0E-9343-7BFA6DF79B4A};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{192C5B4A-3EFD-40C7-9F99-C472DEB8EFC0};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{197A85BC-BD97-4404-A702-95E556E4DAEB};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{197B8CA4-E215-46DD-8F33-E0544A80E5C4};"Found Adware.SafeSurfing";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1A01A98C-4F25-42E1-971A-185CF63569B2};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1A1DDC19-5893-43AB-A73F-F41A0F34D115};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1A29A79A-B9C8-44A9-BEDF-7FADDE3CF33F};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1AC5C88A-DEA7-462B-A232-04AF5CA42E7E};"Found Adware.RogueSuspect";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1ADBCCE8-CF84-441E-9B38-AFC7A19C06A4};"Found Adware.ActivShopper";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1B68470C-2DEF-493B-8A4A-8E2D81BE4EA5};"Found Downloader.Delf";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1B689522-64CD-46A3-B454-BCB4A7F55E78};"Found Hijacker.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1B9CB0F8-118B-49C1-956D-B703E976F8E3};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1BB87441-6B7F-4B60-885C-B7AF9F9AFDE3};"Found Adware.Affilred";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1C044AAD-7955-4CBD-8175-501A165C4E5D};"Found Trojan.Conhook.b";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1C4DA27D-4D52-4465-A089-98E01BB725CA};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1C78AB3F-A857-482E-80C0-3A1E5238A565};"Found Adware.Isearch";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1CA480CD-C0E5-4548-874E-B85B17905B3A};"Found Trojan.Zlob.f";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1D1B2879-99FF-11E3-8D96-D7ACAC95952A};"Found Logger.PerfectKeylogger";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1E6CE4CD-161B-4847-B8BF-E2EF72299D69};"Found Logger.Sters";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1F48AA48-C53A-4E21-85E7-AC7CC6B5FFB1};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1F48AA48-C53A-4E21-85E7-AC7CC6B5FFB2};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{1F6FE2C2-6040-4645-9053-7F689AFFE176};"Found Adware.RogueSuspect";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2016A466-91A2-43C6-97D8-2FD380F065EF};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{202A961F-23AE-42B1-9505-FFE3C818D717};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{20929603-21DB-477C-BA6F-0B8E70B3C8A0};"Found Adware.CramToolbar";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{20A3D913-30EF-4E69-B3F7-93B3F1FB9D5C};"Found Adware.RogueSuspect";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{21345678-9ABC-DEF0-0FED-CBA987654321};"Found Trojan.PWS.cu";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2178F3FB-2560-458F-BDEE-631E2FE0DFE4};"Found Adware.WinAntiVirus";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{22024DC7-D190-44EC-9D49-AEE5F244A466};"Found Adware.DriveCleaner";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2296428D-C133-4928-B76A-A200FF409572};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{22DFEAE8-9AD2-4FC6-9CBA-A6566CA3B6EB};"Found Adware.Begin2search";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2305D8B7-B649-4C65-BA03-4C8B05213E1A};"Found Adware.Virtumonde";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2353FCBC-012D-487B-8BF3-865C0929FBEB};"Found Adware.Virtumonde";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2439DCBB-DA51-FB1C-927A-CC1E586A8D00};"Found Adware.CoolWebSearch";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{246A2CA8-10D9-4F50-B259-CAFF6619A12E};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{250D1063-5414-4FB0-86D5-AABB7A5D7DA7};"Found Adware.ErrorSafe";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2513A321-CB50-4C5F-91C5-80342AFACFB1};"Found Adware.TitanShieldAntispyware";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2559D0B1-AF60-4BD5-965D-0E51383A6367};"Found Hijacker.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{25B7D2FD-4F71-46D1-801A-7DE323E4EC82};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{25E1A054-1262-459F-9F14-BF06148F4253};"Found Trojan.Bomka";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{27150F81-0877-42E9-AF13-55E5A3439A26};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{27321538-5739-4AA1-B84C-7D18E4383F1F};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{27A7FB75-FB40-4f94-BCF6-4945BCC8BAAF};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{27AC09EE-C20B-4BA4-8E27-F1C33D263875};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{285B5CCD-C3F0-4EB6-9632-7D0A3C3AF824};"Found Adware.iLookup";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{28DFFB3C-A6C2-481B-B8D7-AD205DECBA6E};"Found Adware.Virtumonde";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2A0176FE-008B-4706-90F5-BBA532A49731};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2A7372BA-656A-409A-B76D-F2B2B2DC6B1F};"Found Adware.Vundo";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2ACF3ADD-34A1-4F2F-99CF-CC69785D1E90};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2B334C22-40CA-438F-913A-61A8105C4CCD};"Found Adware.ErrorSafe";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2BE26361-58A2-4836-BE57-B838F02FEC3F};"Found Adware.VirusBurst";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2D38A51A-23C9-48A1-A33C-48675AA2B494};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2DC9D850-044D-11E1-B3C9-00805E499D93};"Found Adware.ContextuAd";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2DC9D850-144D-11E1-B3C9-10805E499D93};"Found Adware.ContextuAd";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2DEA8791-C2B7-48E1-8992-8E8E6A6FE789};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2E16DA2D-3194-4B72-AF4E-FD8597CFAFDC};"Found Hijacker.MorwillSearch";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2E246FAE-8420-11D9-870D-000C2917DE7F};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{2E9CAFF6-30C7-4208-8807-E79D4EC6F806};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3050F4D8-6D62-11CE-AF61-013309406392};"Found Trojan.BindFil.g";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3050F4D8-6D62-11CE-AF61-E13309406392};"Found Trojan.ZMark.a";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{31615D5C-5126-448A-818A-A7CDFEE85A9B};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{325338F0-AED0-45f6-A0DA-B5B09E6A07ED};"Found Adware.SavingsHound";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{330A77C2-C15A-43B5-055C-B4E35EAED279};"Found Adware.RogueSuspect";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{34A12A06-48C0-420D-8F11-73552EE9631A};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{364B6276-C6C1-40B6-A6D7-6C48871FD707};"Found Adware.Accoona";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{366B2151-E1C7-44A3-86A3-E5686C2A3D2F};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3820350F-5092-2ADD-8A4C-8DE2C609FAE5};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{382ED25E-FF84-4A00-ACC4-4DDADD62DDDD};"Found Adware.CashDeluxe";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{392BAF48-A26A-45B5-9263-97128E429268};"Found Adware.AdBlaster";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{39C78B50-7E98-4AA0-B007-D83114EA6E0F};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{39D3264A-0031-49DB-860D-37647ACCB78A};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{39F25B12-74FF-4079-A51F-1D70F5B08B84};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3A4E6FF3-BF59-446E-9DC8-731BCE2F349A};"Found Trojan.Banker.q";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3AAC4C68-AFC8-11DB-80EF-8AF955D89593};"Found Adware.RogueSuspect";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3BAA1AD8-EE49-4772-BF0B-F55083E0F7AA};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3BF1F86F-B1A8-489B-8D8B-43781D51411F};"Found Hijacker.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3C767C6B-602D-4B9B-829D-A3DC5B2D89DD};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3CEFF6CD-6F08-4E4D-BCCD-FF7415288C3B};"Found Adware.TitanShieldAntispyware";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3D00A39C-655B-428B-AEB2-2FBA03DCC49C};"Found Adware.RogueSuspect";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3D782BB3-F2A5-11D3-BF4C-000000000000};"Found Adware.ActivShopper";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3E290290-1728-4C1E-863A-AA12526333F6};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3E422F49-1566-40D3-B43D-077EF739AC32};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3E4563A4-2A9B-4912-BE38-906A0CB702CC};"Found Adware.FastFind";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3E9B951E-6F72-431B-82CF-4A9FBF2F53BC};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3EBDDEDC-85D1-462F-B875-F013A8EA7B8D};"Found Adware.Virtumonde";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3ED9FFDA-79DB-4B2D-99B7-16EA3C4A3A92};"Found Adware.Henbang";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3F2BBC05-40DF-11D2-9455-00104BC936FF};"Found Adware.RogueSuspect";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3FDE0CB5-619F-4227-8961-F2D7ED15B88E};"Found Adware.CramToolbar";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{3FE36807-69ED-45D1-B9BE-85C0E3F75B6A};"Found Adware.Virtumonde";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4006DCA3-433D-4FC8-AC36-42DA7797DCB7};"Found Adware.eZula";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4022F902-ABC7-4C79-924F-BB26F1D355A2};"Found Adware.Dyibar";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{405132A4-5DD1-4BA8-A181-95C8D435093A};"Found Adware.VipSearcher";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{408F660A-9465-44A3-B557-8709DFD992BC};"Found Adware.RogueSuspect";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4136C3F6-7636-49BF-A122-D4DA53B1ADDF};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4145B998-6511-46de-A873-FD1DBD053164};"Found Adware.SurfComp";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{41943050-65CC-454B-81E4-9C8A9D7CBAEA};"Found Adware.ContextuAd";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{41ED67C9-2734-4094-AD92-32F9EFEB5CC7};"Found Adware.Virtumonde";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4233AC08-A2C4-4742-A0B4-83719613D62C};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{426F81A5-0B8C-4948-8115-11606FD3F389};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{429E4B60-3CEC-43C3-A53B-501C25F7F5FD};"Found Adware.Vundo";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{43DB73EB-4C90-4418-B6AD-10DB22016908};"Found Adware.ErrorSafe";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{44240BB5-BD7D-4D49-A1AA-8AB0F3D3CB44};"Found Trojan.Small.anm";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4487598C-2EC7-43A2-870E-6D8D720FDD9F};"Found Adware.SafeSurfing";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4508E20C-ACAD-11D2-9FC0-00550076E06F};"Found Adware.2Search";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{46D387E9-41FC-4F71-A7C3-B0BEB3568F00};"Found Adware.DigitalNames";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4700F4B2-EB75-07EF-2853-5B264BD6E7DB};"Found Adware.CoolWebSearch";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4734044C-7427-43D8-ADBE-DF942E52BEF2};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{479FD0CF-5BE9-4C63-8CDA-B6D371C67BD5};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{49256FE8-6394-4ACE-939C-22F35CA042AD};"Found Adware.ZippyLookup";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4A25D449-2BAA-4426-A992-D18CA70CF5A9};"Found Trojan.Kolweb.b";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4A85F02A-CCD3-4E96-9BB1-7ACE7D0B9C23};"Found Adware.Virtumonde";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4AA76F27-81BC-4C3F-9F24-CB99349C8CC9};"Found Adware.ErrorSafe";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4AA870AC-8427-42A4-B92E-ECD956197489};"Found Adware.BetterInternet";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4B0485A1-C853-42F0-9018-8ACC9A8598B7};"Found Adware.MetaStop";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4D993022-0899-4599-B4B6-0F887D0802E6};"Found Adware.VirusBurst";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4DA2EE61-6399-4C39-AEB9-0D990E610D29};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4DA4616D-7E6E-4FD9-A2D5-B6C535733E22};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4E7BD74F-2B8D-469E-8DBC-A42EB79CB428};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4E7BD74F-2B8D-469E-8EEC-EF64B787BB38};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4E7BD74F-2B8D-469E-9AFF-FD78A790AF2C};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D};"Found Adware.2020Search";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4E7BD74F-2B8D-469E-AB8C-E56FA49CA83A};"Found Adware.CursorZone";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4E7BD74F-2B8D-469E-C1F2-F063A09BB32A};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4E7BD74F-2B8D-469E-C68A-8D2CF4D5FA7D};"Found Adware.SearchGuard";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4EB548E5-1FB1-4F83-B49F-A3101FE5FC97};"Found Adware.VirusBurst";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4F4E2384-42AD-4FE4-B966-B6D50C7BF90A};"Found Adware.ErrorSafe";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4FA2B39B-A7DA-983C-68E6-5B095A4118FD};"Found Adware.WorldAntiSpy";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4FBBDFD6-2CA9-4BBA-93E4-AADF75321BCA};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{4FC003C3-87A0-489C-85CD-878246EB2D18};"Found Adware.VirusBursters";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5054F860-748D-4840-B7B4-DDDB428421AF};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5240864B-FDFE-4563-3514-463926792311};"Found Logger.Goldun.ac";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5284AC2A-EF00-4750-9B82-B5B907D26536};"Found Adware.ErrorSafe";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{52B1DFC7-AAFC-4362-B103-868B0683C697};"Found Adware.Vundo";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{55BE9F0D-6CAF-4C3E-B125-5A13A8C9D0EC};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{56262124-6251-5625-3072-548536364311};"Found Logger.Goldun.aa";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{56B60F70-057F-4150-98B1-29572DF422F0};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5753791B-F607-48CA-814E-91C14D081F9E};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{575A5AE9-B68E-4BEB-BACB-FE430448C654};"Found Adware.CoolWebSearch";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{57A70350-87D9-4EA2-B3AC-C1C1B5296035};"Found Adware.ContextuAd";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{588599F4-DE26-4C28-BA14-F4EB17E33481};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{58D324EE-2062-6566-1F57-2A699079E447};"Found Adware.CoolWebSearch";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{58DBCE03-FFC3-4452-AB1D-C19EE9825A50};"Found Hijacker.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{58F07DD3-924D-4141-BC74-299F523A95F1};"Found Adware.WebDir";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{59399E33-FB54-48AB-8AE4-AE108B36DAB4};"Found Adware.ErrorSafe";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{59879FA4-4790-461C-A1CC-4EC4DE4CA483};"Found Adware.RXToolbar";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{59F12660-2B92-4554-98F9-87295AD8A0CE};"Found Hijacker.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5A5B6916-ED71-4531-8018-E792DD44156E};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5B4AB8E2-6DC5-477A-B637-BF3C1A2E5993};"Found Adware.Isearch";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5B55C4E3-C179-BA0B-B4FD-F2DB862D6202};"Found Adware.RogueSuspect";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5BED3930-2E9E-76D8-BACC-80DF2188D455};"Found Adware.CouponBar";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5C00AF50-9737-4A0F-B728-8F751EB85E43};"Found Adware.ContextuAd";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5C4F2CBC-F32D-4A03-9812-86F39379811B};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5CAC4E80-A015-41C8-8796-047BE272AC04};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5D0F16E6-47DF-11DA-8802-00024493948B};"Found Adware.CashDeluxe";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5D4831E0-5A7C-4A46-AFD5-A79AB8CE36C2};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5D647E9C-6B37-4636-9A78-DADB1EB93BDF};"Found Adware.CtxPopup";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5EB7CB50-E375-4718-B4C0-9AD12EFA2F84};"Found Downloader.Agent.rs";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5EDB03AF-0341-4E96-9E9B-3171522E4BAF};"Found Adware.FlashEnhancer";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5F6BBD8A-18CF-4D55-8B4C-C9B4C9328DFE};"Found Adware.RogueSuspect";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5F938C17-FBC7-4A3C-8526-85E5B1A1F762};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{5FCA4D4F-CBDD-4263-3814-463926792311};"Found Logger.Goldun.ae";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6001CDF7-6F45-471B-A203-0225615E35A7};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{60371670-81B9-4D06-9C42-4DEC1AABE62B};"Found Hijacker.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6076D2B1-634C-4685-843B-F826045EA5DC};"Found Adware.VirusBurst";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{61468245-A343-CF27-3452-44DF4679BDF1};"Found Trojan.Goldun.v";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{616D4040-5712-4F0F-BCF1-5C6420A99E14};"Found Hijacker.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{62457936-6381-6170-3572-468926792311};"Found Logger.Goldun.ed";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{62960D20-6D0D-1AB4-4BF1-95B0B5B8783A};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{631F7200-642E-11DB-BD13-0800200C9A66};"Found Adware.RogueSuspect";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{634BE415-DA12-496B-B89E-329B73C4807F};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6379A99A-9102-446C-A837-0623E1810D75};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{65194BCE-CBDD-4263-3814-463926792311};"Found Logger.Goldun.h";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{654DCF3A-00ED-422E-BDA2-D7FA69261CE9};"Found Adware.EZtracks";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6570B782-1A41-4053-B2C9-12C7FCF0D84D};"Found Adware.VirusBurst";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{659E147E-BD03-4605-988C-AA6D7EA497CA};"Found Adware.Virtumonde";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{65E9801C-0472-47F9-85A0-8442D47A82B0};"Found Adware.Virtumonde";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6671A431-5C3D-463D-A7CF-5587F9B7E191};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{67270207-B9EE-4D26-9270-860FDB060CA1};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{67982BB7-0F95-44C5-92DC-E3AF3DC19D6D};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{68397934-9ABC-DEF0-0FED-FAD682644311};"Found Trojan.Goldun.E";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6A512BF7-EC78-4E8D-9841-6C02E8FA9838};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6A66CC28-F0A2-FCBC-D3D5-1EA3001ED26A};"Found Adware.RogueSuspect";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6ABF54E1-3C4A-11D8-8169-00C02623048A};"Found Adware.ezCyberSearch";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6AC3806F-8B39-4746-9C38-6B01CB7331FF};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6AD686B9-AB56-4EBC-A804-9F70B55B4577};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6AE02E1C-8859-4F57-9097-5A55A56A4CAF};"Found Adware.MyTool";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6AE7418B-229F-4A2C-AE1B-D5962888F02D};"Found Adware.ErrorSafe";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6BDE1669-B490-48E3-B668-456314F2D6C3};"Found Adware.DuDuAccelerator";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6DA975EA-CBB4-411B-97C0-DB0A892BF2C1};"Found Trojan.Agent.dq";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6DD0BC06-4719-4BA3-BEBC-FBAE6A448152};"Found Adware.Virtumonde";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6E28339B-7A2A-47B6-AEB2-46BA53782359};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6E28339B-7A2A-47B6-AEB2-46BA53782373};"Found Trojan.Wayphisher";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6E28339B-7A2A-47B6-AEB2-46BA53782375};"Found Trojan.Wayphisher";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6E28339B-7A2A-47B6-AEB2-46BA53782378};"Found Trojan.Wayphisher";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6E28339B-7A2A-47B6-AEB2-46BA53782379};"Found Logger.Small.cz";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6E2CE423-B3F7-4DCC-ACF3-8671CC20BFCF};"Found Adware.Vundo";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6EEB621D-02F7-4EE6-B889-C6218BFCFEA8};"Found Adware.Virtumonde";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6EF91405-4FCB-4633-BAB3-FA5B3DC40C3B};"Found Adware.RogueSuspect";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6F3F8C08-2506-4CD0-B1A9-E4A83383CBBB};"Found Adware.Vundo";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{6F71C05E-6C91-4A3A-9146-9C19DA2E4CCE};"Found Adware.Vundo";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{70230839-555C-4862-8D42-BB1E2352502C};"Found Adware.SafeSurfing";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{70305BC2-B289-4209-A344-BE21F22BC930};"Found Adware.VirusBurst";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{703BDF83-2C12-4D20-8BB0-106DDAB01B59};"Found Adware.RogueSuspect";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{70AFF2CB-9DA2-499C-8D15-900729FCE83D};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{716002DB-288C-4BF0-80CD-A467E78D8B55};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{71D1708F-973D-4600-AF01-AD86688403AE};"Found Adware.SafeSurfing";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{723D54C7-7483-4EB8-8EED-CE5B2AEA534D};"Found Adware.RogueSuspect";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{724510C3-F3C8-4FB7-879A-D99F29008A2F};"Found Hijacker.SpyAxe";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{735E980D-45D2-4777-AF82-9923D3C8D3AE};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{736B5468-BDAD-41BE-92D0-22AE2DDF7BCB};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{746455FE-D059-47E7-AF0E-140E03F5A447};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7475D3FD-5D85-49DB-8B9B-6968467B2D80};"Found Adware.InstantBuzz";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{74F25A2C-22B3-4023-8F1A-CA616C30A8B5};"Found Adware.RogueSuspect";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7507739F-BC2E-4DC3-B233-816783C25DC9};"Found Downloader.Delf";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{754FB7D8-B8FE-4810-B363-A788CD060F1F};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{755BBD1A-AA59-456C-AFEB-B4C42C4DCB6F};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{76532682-A5C9-11D8-AE07-00D0591AB78A};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7697DB96-5DA3-44F2-BC97-AD35E5F4CEDC};"Found Adware.Vundo";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{77B2F8DE-CB3F-4B6B-839B-807DD1ADBA1C};"Found Adware.SearchMaid";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{780916B6-00F4-484C-8AF7-A69CEAE0736B};"Found Adware.Virtumonde";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{78364D99-A640-4DDF-B91A-67EFF8373045};"Found Trojan.Brospy.c";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{784AA380-13F2-422E-8540-F2280F1DD4F1};"Found Adware.WorldSearch";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{78653A3E-A63F-42A9-A6FE-7524F4058767};"Found Adware.Virtumonde";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7891DA15-428E-11D7-BCC1-00A024831A8C};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7977A6ED-C4BD-490E-8C58-AA0849CA03A4};"Found Trojan.VB.aft";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{79A002FB-C126-462D-B4A7-81D6B42D1666};"Found Adware.DirectIP";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{79A576C4-B7A9-47EC-B57C-2CE5CA6ECC6A};"Found Adware.Virtumonde";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7A1693A1-AFAF-4F1E-9B05-EEC38A85FBF3};"Found Trojan.Kolweb.b";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7A1A109F-58B3-414B-9829-5F4D9BE5FEDE};"Found Adware.Virtumonde";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7A533235-A128-434B-9F8A-9300A544D191};"Found Adware.CashdeLuxe";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7A7E6D97-B492-4884-9ABB-C31281DCC4F2};"Found Adware.VipSearcher";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7B55BB05-0B4D-44FD-81A6-B136188F5DEB};"Found Adware.TitanShieldAntispyware";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7BE183D2-A42D-4915-BF60-EC86FBF002CF};"Found Adware.VirusBurst";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7BF451AC-2010-4804-B256-DB2F0A8D9EB6};"Found Adware.Vundo";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7CAF96A2-C556-460A-988E-76FC7895D284};"Found Adware.SpyAxe";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7D435027-F646-4BF9-B2C5-0EF4940D5CA2};"Found Adware.ErrorSafe";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7E093FD0-5372-4FD5-9C7B-875668B4CDB2};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7EC618F2-C506-4221-9F56-792B92BF762E};"Found Adware.DriveCleaner";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7FA55359-7223-410F-BC82-EFB3E3DED07F};"Found Adware.VirusBurst";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7FC91C90-8256-4868-B4B1-DACDDC9A4546};"Found Adware.Vundo";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{7FD44536-9DF0-4034-939F-5BD4D98E3187};"Found Adware.Generic";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{8037F7F0-80B6-453A-A7CB-5371A4A09BB8};"Found Adware.Begin2Search";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{80523A67-ABCD-CF37-3352-54DF4479BDF1};"Found Logger.Goldun.w";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{80D484FE-0AA1-4D80-9FF2-5B196084E051};"Found Adware.Virtumonde";"Potentially dangerous object"
HKLM\SOFTWARE\Microsoft\Internet Explorer\A
  • 0

#5
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
A quick question - do you have spyware blaster installed ? As they are all activex modules

Lets have a much deeper look

Download OTScanit to your Desktop and double-click on it to extract the files. It will create a folder named OTScanIt on your desktop.
  • Close ALL OTHER PROGRAMS.
  • Open the OTScanit folder and double-click on OTScanit.exe to start the program.
  • Check the box that says Scan All User Accounts
  • Check the Radio buttons for Files/Folders Created Within 90 Days and Files/Folders Modified Within 90 Days
  • Under Additional Scans check the following:
    • Reg - ActiveX StubPath
    • File - Additional Folder Scans
    • File - Purity Scan
  • Now click the Run Scan button on the toolbar.
  • Let it run unhindered until it finishes.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Click the Format menu and make sure that Wordwrap is not checked. If it is then click on it to uncheck it.
Please attach the log in your next post.

To attach a file, do the following:
  • Click Add Reply
  • Under the reply panel is the Attachments Panel
  • Browse for the attachment file you want to upload, then click the green Upload button
  • Once it has uploaded, click the Manage Current Attachments drop down box
  • Click on Posted Image to insert the attachment into your post

  • 0

#6
jayboy1000

jayboy1000

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Think I got it right.

p.s downloading this file produced another trojan Generic9.ACFR

I've put it in the vault..... please advise



Attached File  OTScanIt.Txt   234.36KB   149 downloads
  • 0

#7
jayboy1000

jayboy1000

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Sorry...... yes i do have the blaster. installed last night after reading g2g advice.
  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Methinks AVG is getting a bit overzealous here. In my registry I have 33804 items under that key and most are put there by Spywareblaster. OTScanit is malware free although some of the files do have the appearance of malware

The deep scan showed no problems - how is your system running now

I am now checking for some of those keys within my registry, but due to the size it will take a while so I will post back later
  • 0

#9
jayboy1000

jayboy1000

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Hi,

Just trying to send you copy of the virus' in the vault and their location. I can't copy and paste them from the vault and I'm not sure how to reproduce the text other than copy it down by hand and retype. So ..... as that is a bit too protracted and at this point possibly unesecery I'll for now just give the names and if you need more let me know....

Thanks again

Jay

Trojan horse Generic 10.LUZ x2
Trojan horse Generic 9.ACFR

I've not attempted to heal or delete these as yet. I've just put them in the vault untill you've had chance to look at the rest of the info. ( just to refer you back to previous reply . Generic 9.ACFR came in with the scan download. )
  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi again - this one Trojan horse Generic 9.ACFR is a false positive on the OT tool. This one Trojan horse Generic 10.LUZ the only people reporting it is one person on the AVG site, and he has not received a reply. All the Activex components appear to be part of spywareblaster blocking, unless of course you are so badly infected that your machine is unusable (which going by the logs I have seen is not possible) :)

Apart from AVG reporting all the ActiveX how is your computer now ?

As an aside what Spywareblaster does is put elements in your registry with a killbit, thereby stopping them from being installed :)
  • 0

Advertisements


#11
jayboy1000

jayboy1000

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Hi,
Soooo....... basically, other than the luz trojan (which is in the vault (( can i delte them?)) I'm to all intents and purposes , clean?
  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

Soooo....... basically, other than the luz trojan (which is in the vault (( can i delte them?)) I'm to all intents and purposes , clean?

yes you may delete ... In a word...............

Now the best part of the day ----- Your log now appears clean :)

Double click OTScanit once again and you should see a CleanUp! button, press that button, you may get prompted by your firewall that OTScanit wants to contact the internet, allow this, a cleanup.txt will be downloaded, a message dialog will ask you if you want to proceed with the cleanup process, click Yes. This will delete all the tools you have downloaded plus itself

Now to get you off to a good start we will re-set your restore points so that all the bad stuff is gone for good. Then if you need to restore at some stage you will be clean. There are several ways to reset your your restore point but this is my method:

1. Select Start > All Programs > Accessories > System tools > System Restore.
2. On the dialogue box that appears select Create a Restore Point
3. Click NEXT
4. Enter a name e.g. Clean
5. Click CREATE

You now have a clean restore point, to get rid of the bad ones:

1. Select Start > All Programs > Accessories > System tools > Disk Cleanup.
2. In the Drop down box that appears select your main drive e.g. C
3. Click OK
4. The System will do some calculation and the display a dialogue box with TABS
5. Select the More Options Tab.
6. At the bottom will be a system restore box with a CLEANUP button click this
7. Accept the Warning and select OK again, the program will close and you are done

Now that you are clean, to help protect your computer in the future I recommend that you get the following free program: It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To keep your operating system up to date visit

To learn more about how to protect yourself while on the internet read this article by Tony Klien: So how did I get infected in the first place?


Keep safe :)
  • 0

#13
jayboy1000

jayboy1000

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Just a quickie before we part on such a happy ending...... I've not been able to system restore for a short while now..... I thought this may be due to running conflicting anti malware programs. Is this of vital importance before I follow the above instruction or shall I just get on with it ?

Jay
  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
System restore is good to have
Download and Unzip the attached file to your desktop
Right click and select merge
That should reset your system restore


  • 0

#15
jayboy1000

jayboy1000

    Member

  • Topic Starter
  • Member
  • PipPip
  • 18 posts
Hi,
Unfortunately system restore will not allow me to create a restore point. It asks me to reboot and try again. Still not happening. I've not tried the latter half of the instruction yet due to the failure of the first bit... what do you think /
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP