Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Vundo and OIN infections...please see scans [CLOSED]

Started by Dunsparce4Prez , Jul 10 2008 01:21 AM

  • This topic is locked This topic is locked

#1
Dunsparce4Prez
Posted 10 July 2008 - 01:21 AM

Dunsparce4Prez

    New Member

  • Member
  • Pip
  • 2 posts
(EDIT) - Half my logs were cut off my first post...trying again.

I followed the guide on how to remove Outerinfo popups and it seems to have worked, however I'm still getting popup ads for Antispyware software. Kind of ironic, I think. Also, it said to post my logs here so someone could look for other malware, so here you go. Thanks a lot also, this problem has been plaguing me for months.

NOTE: These are all post wipe. I used SUPERAntispyware like the guide said to.

----------------------------------------------Scan log

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 07/10/2008 at 02:48 AM

Application Version : 4.15.1000

Core Rules Database Version : 3501
Trace Rules Database Version: 1492

Scan type : Complete Scan
Total Scan Time : 00:57:44

Memory items scanned : 470
Memory threats detected : 7
Registry items scanned : 5227
Registry threats detected : 219
File items scanned : 81978
File threats detected : 548

Adware.Vundo Variant/Resident
C:\WINDOWS\SYSTEM32\JKHFD.DLL
C:\WINDOWS\SYSTEM32\JKHFD.DLL

Adware.ClickSpring/Resident
C:\PROGRA~1\CROSOF~1.NET\WWEXEC~1.EXE
C:\PROGRA~1\CROSOF~1.NET\WWEXEC~1.EXE
C:\WINDOWS\SYSTEM32\JRGSBWR.DLL
C:\WINDOWS\SYSTEM32\JRGSBWR.DLL

Adware.ClickSpring-Variant
C:\PROGRA~1\COMMON~1\STEM32~1\MSCONFIG.EXE
C:\PROGRA~1\COMMON~1\STEM32~1\MSCONFIG.EXE
C:\WINDOWS\Prefetch\MSCONFIG.EXE-1F2C2067.pf

Trojan.Downloader-NewJuan/VM
C:\WINDOWS\SYSTEM32\NJWLUP.DLL
C:\WINDOWS\SYSTEM32\NJWLUP.DLL

MyWay Search Assistant Computers
C:\PROGRAM FILES\MYWAYSA\SRCHASDE\1.BIN\DESRCAS.DLL
C:\PROGRAM FILES\MYWAYSA\SRCHASDE\1.BIN\DESRCAS.DLL
HKLM\Software\Classes\CLSID\{4D25F921-B9FE-4682-BF72-8AB8210D6D75}
HKCR\CLSID\{4D25F921-B9FE-4682-BF72-8AB8210D6D75}
HKCR\CLSID\{4D25F921-B9FE-4682-BF72-8AB8210D6D75}
HKCR\CLSID\{4D25F921-B9FE-4682-BF72-8AB8210D6D75}\InprocServer32
HKCR\CLSID\{4D25F921-B9FE-4682-BF72-8AB8210D6D75}\InprocServer32#ThreadingModel
HKCR\CLSID\{4D25F921-B9FE-4682-BF72-8AB8210D6D75}\Programmable
HKLM\Software\Classes\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}
HKCR\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}
HKCR\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}
HKCR\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}\Control
HKCR\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}\InprocServer32
HKCR\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}\InprocServer32#ThreadingModel
HKCR\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}\MiscStatus
HKCR\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}\MiscStatus\1
HKCR\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}\ProgID
HKCR\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}\Programmable
HKCR\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}\TypeLib
HKCR\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}\Version
HKCR\CLSID\{4D25F924-B9FE-4682-BF72-8AB8210D6D75}\VersionIndependentProgID
HKLM\Software\Classes\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}
HKCR\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}
HKCR\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}
HKCR\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}\InprocServer32
HKCR\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}\InprocServer32#ThreadingModel
HKCR\CLSID\{4D25F926-B9FE-4682-BF72-8AB8210D6D75}\Programmable
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D25F921-B9FE-4682-BF72-8AB8210D6D75}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks#{4D25F926-B9FE-4682-BF72-8AB8210D6D75}
HKU\S-1-5-21-3593748837-2473308856-2469138285-1007\Software\Microsoft\Internet Explorer\URLSearchHooks#{4D25F926-B9FE-4682-BF72-8AB8210D6D75}
HKU\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks#{4D25F926-B9FE-4682-BF72-8AB8210D6D75}

Adware.AdSponsor/ISM
C:\PROGRAM FILES\ISM\BNDDRIVE7.DLL
C:\PROGRAM FILES\ISM\BNDDRIVE7.DLL
HKLM\Software\Classes\CLSID\{1ED6A320-8AF3-4f06-868A-9BA95585712E}
HKCR\CLSID\{1ED6A320-8AF3-4F06-868A-9BA95585712E}
HKCR\CLSID\{1ED6A320-8AF3-4F06-868A-9BA95585712E}
HKCR\CLSID\{1ED6A320-8AF3-4F06-868A-9BA95585712E}#AppID
HKCR\CLSID\{1ED6A320-8AF3-4F06-868A-9BA95585712E}\Implemented Categories
HKCR\CLSID\{1ED6A320-8AF3-4F06-868A-9BA95585712E}\Implemented Categories\{00021493-0000-0000-C000-000000000046}
HKCR\CLSID\{1ED6A320-8AF3-4F06-868A-9BA95585712E}\InprocServer32
HKCR\CLSID\{1ED6A320-8AF3-4F06-868A-9BA95585712E}\InprocServer32#ThreadingModel
HKCR\CLSID\{1ED6A320-8AF3-4F06-868A-9BA95585712E}\ProgID
HKCR\CLSID\{1ED6A320-8AF3-4F06-868A-9BA95585712E}\TypeLib
HKCR\CLSID\{1ED6A320-8AF3-4F06-868A-9BA95585712E}\VersionIndependentProgID
HKLM\Software\Classes\CLSID\{8ABA9A9C-8791-4d61-8D5B-BCC9448EA573}
HKCR\CLSID\{8ABA9A9C-8791-4D61-8D5B-BCC9448EA573}
HKCR\CLSID\{8ABA9A9C-8791-4D61-8D5B-BCC9448EA573}
HKCR\CLSID\{8ABA9A9C-8791-4D61-8D5B-BCC9448EA573}#AppID
HKCR\CLSID\{8ABA9A9C-8791-4D61-8D5B-BCC9448EA573}\InprocServer32
HKCR\CLSID\{8ABA9A9C-8791-4D61-8D5B-BCC9448EA573}\InprocServer32#ThreadingModel
HKCR\CLSID\{8ABA9A9C-8791-4D61-8D5B-BCC9448EA573}\ProgID
HKCR\CLSID\{8ABA9A9C-8791-4D61-8D5B-BCC9448EA573}\TypeLib
HKCR\CLSID\{8ABA9A9C-8791-4D61-8D5B-BCC9448EA573}\VersionIndependentProgID
HKLM\Software\Classes\CLSID\{8F9E2BE3-766D-4831-BB0E-766D5B819995}
HKCR\CLSID\{8F9E2BE3-766D-4831-BB0E-766D5B819995}
HKCR\CLSID\{8F9E2BE3-766D-4831-BB0E-766D5B819995}
HKCR\CLSID\{8F9E2BE3-766D-4831-BB0E-766D5B819995}#AppID
HKCR\CLSID\{8F9E2BE3-766D-4831-BB0E-766D5B819995}\InprocServer32
HKCR\CLSID\{8F9E2BE3-766D-4831-BB0E-766D5B819995}\InprocServer32#ThreadingModel
HKCR\CLSID\{8F9E2BE3-766D-4831-BB0E-766D5B819995}\ProgID
HKCR\CLSID\{8F9E2BE3-766D-4831-BB0E-766D5B819995}\TypeLib
HKCR\CLSID\{8F9E2BE3-766D-4831-BB0E-766D5B819995}\VersionIndependentProgID
C:\PROGRAM FILES\QDRDRIVE\QDRDRIVE9.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8ABA9A9C-8791-4d61-8D5B-BCC9448EA573}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8F9E2BE3-766D-4831-BB0E-766D5B819995}
HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\{1ED6A320-8AF3-4f06-868A-9BA95585712E}
HKU\S-1-5-21-3593748837-2473308856-2469138285-1007\Software\Microsoft\Internet Explorer\Explorer Bars\{1ED6A320-8AF3-4F06-868A-9BA95585712E}
HKU\S-1-5-21-3593748837-2473308856-2469138285-1007\Software\antica
HKU\.DEFAULT\Software\BndDrive
HKU\S-1-5-21-3593748837-2473308856-2469138285-1007\Software\BndDrive
HKU\S-1-5-18\Software\BndDrive
C:\Program Files\ISM

Trojan.Vundo/Variant-Installer/A
[VirusScan Online] C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.EXE
C:\PROGRAM FILES\MCAFEE.COM\VSO\MCVSSHLD.EXE
[MCAgentExe] C:\PROGRA~1\MCAFEE.COM\AGENT\MCAGENT.EXE
C:\PROGRA~1\MCAFEE.COM\AGENT\MCAGENT.EXE
[DVDLauncher] C:\PROGRAM FILES\CYBERLINK\POWERDVD\DVDLAUNCHER.EXE
C:\PROGRAM FILES\CYBERLINK\POWERDVD\DVDLAUNCHER.EXE
[MCUpdateExe] C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.EXE
C:\PROGRA~1\MCAFEE.COM\AGENT\MCUPDATE.EXE
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX16B.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX1BF.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX1C0.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX1C3.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX1CC.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX1D3.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX1D6.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX231.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX237.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX23A.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX23E.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX242.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX248.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX24B.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX24E.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX2A6.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX39B.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX3A.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX3A1.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX3A4.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX3A7.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX3AA.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX3B0.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX3B3.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX3B6.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX3B9.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX3BC.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX3BF.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX3C5.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX3C8.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX3CB.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX40.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX41B.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX421.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX424.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX427.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX42A.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX430.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX433.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX436.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX439.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX43C.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX43F.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX44.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX445.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX448.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX44B.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX47.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX51B.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX52D.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX533.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX536.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX539.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX53C.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX542.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX545.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX548.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX54B.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX54E.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX551.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX557.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX55A.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX55D.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX59.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX64.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX65.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX6A.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX6AE.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX6B.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX6B4.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX6B7.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX6BA.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX6BD.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX6C.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX6C3.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX6C6.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX6C9.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX6CC.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX6CF.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX6D2.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX6D8.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX6DB.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX6DE.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX73.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX74.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX7F.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX82.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX88.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX89.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX8A.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX94.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX95.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX9D.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX9E.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCXA3.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCXA6.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCXA7.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCXA8.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCXAF.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCXB8.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCXB9.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCXBA.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCXC2.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCXC8.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCXC9.TMP
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\COMMON FILES\INSTALLSHIELD\UPDATESERVICE\ISUSPM .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS0516~1 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS0516~2 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS0516~3 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS0516~4 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS0A19~1 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS0A19~2 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS0A19~3 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS0A19~4 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS0A1C~1 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS0A1C~2 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS0A1C~3 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS0A1C~4 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS1617~1 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS1617~2 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS1617~3 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS1617~4 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS162B~1 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS162B~2 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS162B~3 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS162B~4 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS18BE~1 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS18BE~2 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS18BE~3 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS18BE~4 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS8492~1 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS8492~2 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS8492~3 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS8492~4 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS849B~1 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS849B~2 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS849B~3 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS849B~4 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS9027~1 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS9027~2 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS9027~3 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS9027~4 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS9028~1 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS9028~2 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS9028~3 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS9028~4 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS9490~1 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS9490~2 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS9490~3 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MS9490~4 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MSF02E~1 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MSF02E~2 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MSF02E~3 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MSF02E~4 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MSKAGENT .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MSKAGENT.EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MSKAGE~1 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MSKAGE~2 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MSKAGE~3 .EXE
C:\PROGRAM FILES\MCAFEE\SPAMKILLER\MSKAGE~4 .EXE
C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCAGENT.EXE
C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCUPDATE.EXE
C:\PROGRAM FILES\MCAFEE.COM\AGENT\MCUPDA~1 .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\PROGRAM FILES\QUICKTIME\QTTASK .EXE
C:\WINDOWS\SYSTEM32\CTFMON.EXE.TMP
C:\WINDOWS\SYSTEM32\LEXPPS.EXE
C:\WINDOWS\Prefetch\LEXPPS.EXE-2E6E3EAF.pf
C:\WINDOWS\Prefetch\MCUPDATE.EXE-32479339.pf

Adware.ClickSpring
[Sen] C:\PROGRA~1\COMMON~1\STEM32~1\MSCONFIG.EXE
HKLM\Software\Classes\CLSID\{FA32EE1E-2788-7826-FB34-7DA2E6E84BB6}
HKCR\CLSID\{FA32EE1E-2788-7826-FB34-7DA2E6E84BB6}
HKCR\CLSID\{FA32EE1E-2788-7826-FB34-7DA2E6E84BB6}\InprocServer32
HKCR\CLSID\{FA32EE1E-2788-7826-FB34-7DA2E6E84BB6}\InprocServer32#ThreadingModel
HKCR\CLSID\{FA32EE1E-2788-7826-FB34-7DA2E6E84BB6}\Programmable
HKCR\CLSID\{FA32EE1E-2788-7826-FB34-7DA2E6E84BB6}\TypeLib
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FA32EE1E-2788-7826-FB34-7DA2E6E84BB6}
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\!UPDATE.EXE
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\NDR8.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMPORARY INTERNET FILES\CONTENT.IE5\YBV3Y48Y\!UPDATE-4495[1].0000
C:\PROGRAM FILES\COMMON FILES\STEM32~1\MSCONFIG.EXE
C:\Program Files\CROSOF~1.NET\WWEXEC~1.EXE

Trojan.Vundo/Variant-Installer
[load] C:\WINDOWS\SYSTEM32\JKHFD.EXE
C:\WINDOWS\SYSTEM32\JKHFD.EXE
[load] C:\WINDOWS\SYSTEM32\JKHFD.EXE
C:\DOCUMENTS AND SETTINGS\FELICIA MAYFIELD.CAITLYN\LOCAL SETTINGS\TEMP\HALSRV64\SVCHOST.EXE
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\HALSRV64\SVCHOST.EXE
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX2A9.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX2AC.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX3C2.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX3CE.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX3D1.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX412.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX415.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX418.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX442.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX44E.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX451.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX521.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX524.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX527.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX52A.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX554.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX560.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX563.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX6A8.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX6AB.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX6D5.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX6E1.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\RCX6E4.TMP
C:\DOCUMENTS AND SETTINGS\JACOB MAYFIELD\LOCAL SETTINGS\TEMP\REDIST64\SVCHOST.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\TMP02A .EXE
C:\WINDOWS\SYSTEM32\RCX86.TMP
C:\WINDOWS\SYSTEM32\RCX87.TMP
C:\WINDOWS\SYSTEM32\RCX88.TMP
C:\WINDOWS\SYSTEM32\RCXC8.TMP
C:\WINDOWS\SYSTEM32\RCXCC.TMP
C:\WINDOWS\SYSTEM32\RCXD0.TMP
C:\WINDOWS\SYSTEM32\RCXE6.TMP
C:\WINDOWS\SYSTEM32\RCXFA4.TMP
C:\WINDOWS\SYSTEM32\RCXFB.TMP

Adware.MyWebSearch
HKLM\Software\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\InprocServer32
HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\InprocServer32#ThreadingModel
HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\Programmable
C:\PROGRAM FILES\MYWEBSEARCH\SRCHASTT\3.BIN\MWSSRCAS.DLL
HKLM\Software\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\InprocServer32
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\InprocServer32#ThreadingModel
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\Programmable
HKLM\Software\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\InprocServer32
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\InprocServer32#ThreadingModel
C:\PROGRAM FILES\MYWEBSEARCH\BAR\3.BIN\MWSBAR.DLL
HKLM\Software\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\InprocServer32
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\InprocServer32#ThreadingModel
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks#{00A6FAF6-072E-44cf-8957-5838F569A31D}
HKU\S-1-5-21-3593748837-2473308856-2469138285-1007\Software\Microsoft\Internet Explorer\URLSearchHooks#{00A6FAF6-072E-44cf-8957-5838F569A31D}
HKU\S-1-5-18\Software\Microsoft\Internet Explorer\URLSearchHooks#{00A6FAF6-072E-44cf-8957-5838F569A31D}
C:\PROGRAM FILES\MYWEBSEARCH\BAR\2.BIN\MWSOEMON.EXE

Adware.MyWay
HKLM\Software\Classes\CLSID\{014DA6C1-189F-421a-88CD-07CFE51CFF10}
HKCR\CLSID\{014DA6C1-189F-421A-88CD-07CFE51CFF10}
HKCR\CLSID\{014DA6C1-189F-421A-88CD-07CFE51CFF10}
HKCR\CLSID\{014DA6C1-189F-421A-88CD-07CFE51CFF10}\InprocServer32
HKCR\CLSID\{014DA6C1-189F-421A-88CD-07CFE51CFF10}\InprocServer32#ThreadingModel
HKCR\CLSID\{014DA6C1-189F-421A-88CD-07CFE51CFF10}\Programmable
HKCR\CLSID\{014DA6C1-189F-421A-88CD-07CFE51CFF10}\TypeLib
C:\PROGRAM FILES\MYSEARCH\BAR\1.BIN\S4BAR.DLL
HKLM\Software\Classes\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10}
HKCR\CLSID\{014DA6C9-189F-421A-88CD-07CFE51CFF10}
HKCR\CLSID\{014DA6C9-189F-421A-88CD-07CFE51CFF10}
HKCR\CLSID\{014DA6C9-189F-421A-88CD-07CFE51CFF10}\InprocServer32
HKCR\CLSID\{014DA6C9-189F-421A-88CD-07CFE51CFF10}\InprocServer32#ThreadingModel
HKCR\CLSID\{014DA6C9-189F-421A-88CD-07CFE51CFF10}\Programmable
HKCR\CLSID\{014DA6C9-189F-421A-88CD-07CFE51CFF10}\TypeLib
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{014DA6C1-189F-421a-88CD-07CFE51CFF10}
HKLM\Software\Microsoft\Internet Explorer\Toolbar#{014DA6C9-189F-421a-88CD-07CFE51CFF10}
HKCR\TypeLib\{014DA6C0-189F-421a-88CD-07CFE51CFF10}
HKCR\TypeLib\{014DA6C0-189F-421a-88CD-07CFE51CFF10}\1.0
HKCR\TypeLib\{014DA6C0-189F-421a-88CD-07CFE51CFF10}\1.0\0
HKCR\TypeLib\{014DA6C0-189F-421a-88CD-07CFE51CFF10}\1.0\0\win32
HKCR\TypeLib\{014DA6C0-189F-421a-88CD-07CFE51CFF10}\1.0\FLAGS
HKCR\TypeLib\{014DA6C0-189F-421a-88CD-07CFE51CFF10}\1.0\HELPDIR
HKU\S-1-5-21-3593748837-2473308856-2469138285-1007\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser#{014DA6C9-189F-421A-88CD-07CFE51CFF10}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{014DA6C9-189F-421A-88CD-07CFE51CFF10}
HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{014DA6C9-189F-421A-88CD-07CFE51CFF10}

Adware.Vundo Variant
HKLM\Software\Classes\CLSID\{5D0556E0-793B-42C8-BD35-7543F9BAAB56}
HKCR\CLSID\{5D0556E0-793B-42C8-BD35-7543F9BAAB56}
HKCR\CLSID\{5D0556E0-793B-42C8-BD35-7543F9BAAB56}\InprocServer32
HKCR\CLSID\{5D0556E0-793B-42C8-BD35-7543F9BAAB56}\InprocServer32#ThreadingModel
HKLM\Software\Classes\CLSID\{CA4F0D8D-5F2B-4F16-838A-8D52249EAB21}
HKCR\CLSID\{CA4F0D8D-5F2B-4F16-838A-8D52249EAB21}
HKCR\CLSID\{CA4F0D8D-5F2B-4F16-838A-8D52249EAB21}\InprocServer32
HKCR\CLSID\{CA4F0D8D-5F2B-4F16-838A-8D52249EAB21}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\EFCAWWW.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5D0556E0-793B-42C8-BD35-7543F9BAAB56}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA4F0D8D-5F2B-4F16-838A-8D52249EAB21}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks#{CA4F0D8D-5F2B-4F16-838A-8D52249EAB21}
HKCR\CLSID\{CA4F0D8D-5F2B-4F16-838A-8D52249EAB21}

Adware.Tracking Cookie
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@imrworldwide[2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@overture[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@chitika[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@clickbank[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@burstnet[2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@collective-media[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@cpvfeed[2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@myroitracking[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@fastclick[2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@indextools[2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@redorbit[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@tradedoubler[2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][3].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@atdmt[2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@specificclick[2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@systemerrorfixer[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@directtrack[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@adrevolver[2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@enhance[2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@crackle[2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@doubleclick[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@adnetserver[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@mediatraffic[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@antispywaremaster[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@advertising[2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][3].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@mywebsearch[2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@apmebf[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@casalemedia[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@adlegend[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@zedo[2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@serving-sys[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@optimost[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@trustedantivirus[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@toseeka[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@revsci[2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@lynxtrack[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@hitbox[2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@trafficmp[2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@findwhat[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@interclick[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@tribalfusion[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@mediaplex[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@statcounter[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\[email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@adbrite[2].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@exitexchange[2].txt
C:\Documents and Settings\Felicia Mayfield.CAITLYN\Cookies\[email protected][1].txt
C:\Documents and Settings\Felicia Mayfield.CAITLYN\Cookies\[email protected][1].txt
C:\Documents and Settings\Felicia Mayfield.CAITLYN\Cookies\[email protected][1].txt
C:\Documents and Settings\Felicia Mayfield.CAITLYN\Cookies\felicia_mayfield@imrworldwide[2].txt
C:\Documents and Settings\Felicia Mayfield.CAITLYN\Cookies\felicia_mayfield@insightexpressai[2].txt
C:\Documents and Settings\Felicia Mayfield.CAITLYN\Cookies\[email protected][1].txt
C:\Documents and Settings\Felicia Mayfield.CAITLYN\Cookies\[email protected][2].txt
C:\Documents and Settings\Felicia Mayfield.CAITLYN\Cookies\felicia_mayfield@mywebsearch[1].txt
C:\Documents and Settings\Felicia Mayfield.CAITLYN\Cookies\felicia_mayfield@optimost[2].txt
C:\Documents and Settings\Felicia Mayfield.CAITLYN\Cookies\felicia_mayfield@partner2profit[2].txt
C:\Documents and Settings\Felicia Mayfield.CAITLYN\Cookies\felicia_mayfield@traffic[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@cpvfeed[1].txt
C:\Documents and Settings\Jacob Mayfield\Cookies\jacob_mayfield@mediatraffic[2].txt
C:\Documents and Settings\Jacob Mayfield\Local Settings\Temp\Cookies\jacob mayfield@adknowledge[2].txt
C:\Documents and Settings\Jacob Mayfield\Local Settings\Temp\Cookies\jacob mayfield@adlegend[1].txt
C:\Documents and Settings\Jacob Mayfield\Local Settings\Temp\Cookies\jacob mayfield@adultfriendfinder[2].txt
C:\Documents and Settings\Jacob Mayfield\Local Settings\Temp\Cookies\jacob [email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Local Settings\Temp\Cookies\jacob mayfield@atwola[1].txt
C:\Documents and Settings\Jacob Mayfield\Local Settings\Temp\Cookies\jacob mayfield@belnk[1].txt
C:\Documents and Settings\Jacob Mayfield\Local Settings\Temp\Cookies\jacob [email protected][2].txt
C:\Documents and Settings\Jacob Mayfield\Local Settings\Temp\Cookies\jacob mayfield@insightexpressai[1].txt
C:\Documents and Settings\Jacob Mayfield\Local Settings\Temp\Cookies\jacob mayfield@interclick[2].txt
C:\Documents and Settings\Jacob Mayfield\Local Settings\Temp\Cookies\jacob mayfield@nextag[2].txt
C:\Documents and Settings\Jacob Mayfield\Local Settings\Temp\Cookies\jacob [email protected][1].txt
C:\Documents and Settings\Jacob Mayfield\Local Settings\Temp\Cookies\jacob [email protected][2].txt

Adware.WhenU
HKCR\WUSN.1
HKCR\WUSN.1#WUSN_Id

Registry Cleaner Trial
HKCR\Install.Install
HKCR\Install.Install\CLSID
HKCR\Install.Install\CurVer
HKCR\Install.Install.1
HKCR\Install.Install.1\CLSID

Trojan.NetMon/DNSChange
HKLM\SYSTEM\CurrentControlSet\Services\Network Monitor
HKLM\SYSTEM\CurrentControlSet\Services\Network Monitor#Type
HKLM\SYSTEM\CurrentControlSet\Services\Network Monitor#Start
HKLM\SYSTEM\CurrentControlSet\Services\Network Monitor#ErrorControl
HKLM\SYSTEM\CurrentControlSet\Services\Network Monitor#ImagePath
HKLM\SYSTEM\CurrentControlSet\Services\Network Monitor#DisplayName
HKLM\SYSTEM\CurrentControlSet\Services\Network Monitor#ObjectName
HKLM\SYSTEM\CurrentControlSet\Services\Network Monitor\Security
HKLM\SYSTEM\CurrentControlSet\Services\Network Monitor\Security#Security
HKLM\SYSTEM\CurrentControlSet\Services\Network Monitor\Enum
HKLM\SYSTEM\CurrentControlSet\Services\Network Monitor\Enum#0
HKLM\SYSTEM\CurrentControlSet\Services\Network Monitor\Enum#Count
HKLM\SYSTEM\CurrentControlSet\Services\Network Monitor\Enum#NextInstance
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR#NextInstance
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#Service
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#Legacy
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#ConfigFlags
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#Class
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#ClassGUID
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_NETWORK_MONITOR\0000#DeviceDesc
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A394E835-C8D6-4B4B-884B-D2709059F3BE}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A394E835-C8D6-4B4B-884B-D2709059F3BE}#Contact
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A394E835-C8D6-4B4B-884B-D2709059F3BE}#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A394E835-C8D6-4B4B-884B-D2709059F3BE}#DisplayVersion
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A394E835-C8D6-4B4B-884B-D2709059F3BE}#NoModify
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A394E835-C8D6-4B4B-884B-D2709059F3BE}#NoRemove
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A394E835-C8D6-4B4B-884B-D2709059F3BE}#NoRepair
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A394E835-C8D6-4B4B-884B-D2709059F3BE}#UninstallString
C:\Program Files\Network Monitor

Trojan.cmdService
HKLM\SYSTEM\CurrentControlSet\Services\cmdService
HKLM\SYSTEM\CurrentControlSet\Services\cmdService#Type
HKLM\SYSTEM\CurrentControlSet\Services\cmdService#Start
HKLM\SYSTEM\CurrentControlSet\Services\cmdService#ErrorControl
HKLM\SYSTEM\CurrentControlSet\Services\cmdService#ImagePath
HKLM\SYSTEM\CurrentControlSet\Services\cmdService#DisplayName
HKLM\SYSTEM\CurrentControlSet\Services\cmdService#ObjectName
HKLM\SYSTEM\CurrentControlSet\Services\cmdService\Security
HKLM\SYSTEM\CurrentControlSet\Services\cmdService\Security#Security
HKLM\SYSTEM\CurrentControlSet\Services\cmdService\Enum
HKLM\SYSTEM\CurrentControlSet\Services\cmdService\Enum#0
HKLM\SYSTEM\CurrentControlSet\Services\cmdService\Enum#Count
HKLM\SYSTEM\CurrentControlSet\Services\cmdService\Enum#NextInstance
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3877C2CD-F137-4144-BDB2-0A811492F920}
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3877C2CD-F137-4144-BDB2-0A811492F920}#Contact
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3877C2CD-F137-4144-BDB2-0A811492F920}#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3877C2CD-F137-4144-BDB2-0A811492F920}#DisplayVersion
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3877C2CD-F137-4144-BDB2-0A811492F920}#NoModify
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3877C2CD-F137-4144-BDB2-0A811492F920}#NoRemove
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3877C2CD-F137-4144-BDB2-0A811492F920}#NoRepair
HKLM\SOFTWARE\Microsoft\Windows\CurrentVers

Edited by Dunsparce4Prez, 10 July 2008 - 01:38 AM.

  • 0

Advertisements

#2
Dunsparce4Prez
Posted 10 July 2008 - 01:40 AM

Dunsparce4Prez

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Obviously there's a character limit...didn't see that. I'll try again later.
  • 0

#3
Mike
Posted 10 July 2008 - 08:40 AM

Mike

    Malware Monger

  • Retired Staff
  • 2,745 posts
Hi,

Please download Deckard's System Scanner (DSS) and save it to your Desktop.
  • Close all other windows before proceeding.
  • Double-click on dss.exe and follow the prompts.
  • When it has finished, dss will open two Notepads main.txt and extra.txt -- please copy (CTRL+A and then CTRL+C) and paste (CTRL+V) the contents of main.txt and extra.txt in your next reply.
Note:These logs may be too large to post in one reply, if so, please post extra.txt in a seperate reply.
  • 0

#4
Mike
Posted 15 July 2008 - 03:39 AM

Mike

    Malware Monger

  • Retired Staff
  • 2,745 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP