Mobile/PDA About Us Advertise here
User User name Password  
  Not registered yet? Register here.
Lost your password? Click here. 		 
  Home   News   Guides   Downloads   Glossary   Hardware   Profiles   Forums   v4  
 Advertise at AfterDawn.com     Link to us!     Private messages     Compose a private message     List of all updated threads     Threads without replies     Search messages
Wednesday 5.3.2025 / 22:29
Search AfterDawn Forums:        In English   Suomeksi   På svenska
afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > win av virus
Show topics
 
Forums
Forums
WIN AV virus
  Jump to:
 
Posted Message
brinnybug
Newbie
_ 		29. October 2008 @ 01:11 _ Link to this message    Send private message to this user   
Hi,
I hope you can help me. I have this annoying WIN AV virus that wants me to activate a scanner for viruses and things and it wont go away. There are three different apps trying to get me to purchase thier scanners. I downloaded HijackThis and copied and pasted the list below. I also downloaded and ran combofix. I am still recieving these pop ups even after the combofix was ran. Can you help me please?
Thanks!
-Bryn
P.S. Can you give me a walk through on how to find the log for combofix in C:?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:42, on 2008-10-28
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Applications\iebtm.exe
C:\WINDOWS\system32\hkcmd.exe
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Applications\iebtmm.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
C:\Program Files\WAV\wav.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\algg.exe
C:\Program Files\VResLab\VResLab.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCMTR.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\AGRSMMSG.exe
c:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://windiwsfsearch.com
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = http://windiwsfsearch.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://windiwsfsearch.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://windiwsfsearch.com/ie6.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://windiwsfsearch.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://windiwsfsearch.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://windiwsfsearch.com/ie6.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://windiwsfsearch.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://windiwsfsearch.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://windiwsfsearch.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defa...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://ie.redirect.hp.com/svs/rdr?TYPE=3...lion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing)
O2 - BHO: (no name) - {3B7AAEB1-9F3D-4491-9C06-C7165CA8D058} - C:\Program Files\Applications\iebt.dll
O2 - BHO: 512686 helper - {51B15F5A-E98B-4658-B9CB-9307B74773A7} - C:\WINDOWS\system32\512686\512686.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Accelerator Plugin - {656EC4B7-072B-4698-B504-2A414C1F0037} - C:\PROGRA~1\PEOPLE~1\PRPL_I~1.DLL (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: (no name) - {944864A5-3916-46E2-96A9-A2E84F3F1208} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\4.1.805.4472\swg.dll
O2 - BHO: VResLabWarningBHO Class - {B494E7BB-1E33-4922-A947-F74EFF4E714F} - C:\Program Files\VResLab\VResLabWarning.dll (file missing)
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\en-us\msntb.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing)
O3 - Toolbar: Internet Service - {144A6B24-0EBC-4D89-BF09-A06A718E57B5} - C:\Program Files\Applications\iebr.dll (file missing)
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=0
O4 - HKLM\..\Run: [EIbminsprt310] E:\Ibmins\prtStart.exe 11 27 1 19 2007 "E:\Ibmins\prt3140.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Eibminsprt311] E:\ibmins\prtStart.exe 15 50 2 07 2007 "E:\ibmins\prt3140.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe"
O4 - HKLM\..\Run: [ANTIVIRUS] C:\Program Files\WAV\wav.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [VResLab] "C:\Program Files\VResLab\VResLab.exe"
O4 - HKCU\..\Run: [wblogon] C:\WINDOWS\system32\algg.exe
O4 - HKLM\..\Policies\Explorer\Run: [smile] C:\Program Files\Applications\wcs.exe
O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program Files\Applications\iebtm.exe
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O4 - Startup: HP Organize.lnk = ?
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Updates from HP.lnk = C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredit...04YYUS_ZZzer000
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Add To HP Organize... - C:\PROGRA~1\HEWLET~1\HPORGA~1\bin/module.main/favorites\ie_add_to.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.onlyiesettings.com/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.onlyiesettings.com/redirect.php (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O9 - Extra 'Tools' menuitem: Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (HKCU)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008...toUploader5.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {192F9A01-8030-48CE-9BC6-B03DE3E613C6} (PeoplePC Web Installer) - https://www.peoplepc.com/ppcos/ISP60/Download/ppcwebi.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache...tup1.0.0.15.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/...l_v1-0-3-48.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by143fd.bay143.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resourc...lscbase8300.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupd...b?1178130602453
O16 - DPF: {CBD8B1CB-2F5F-415F-93E8-A297B33DCBB2} (CentrinoCheck Control) - http://entriq.vo.llnwd.net/o1/NBCUnivers...eck_1_0_0_4.cab
O22 - SharedTaskScheduler: gey - {ba934431-76af-4c99-93c2-c3d21944a72e} - C:\WINDOWS\system32\gcqltg.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Adobe Systems Incorporated - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe (file missing)
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PsExec (PSEXESVC) - Sysinternals - C:\WINDOWS\PSEXESVC.EXE
O23 - Service: Windows Live OneCare (winss) - Unknown owner - C:\Program Files\Microsoft Windows OneCare Live\winss.exe (file missing)

--
End of file - 18766 bytes
[ + quote]
Advertisement
_ 		__
cdavfrew
Senior Member
_ 		29. October 2008 @ 01:15 _ Link to this message    Send private message to this user   
Hey brinnybug

Before we do anything with Combofix, let's try a scanner.

Please download Superantispyware Free and install it. Follow the prompts and reboot if required.

Launch Superantispyware Free either by running C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.exe or right-click on the SuperAntispyware icon in your task bar (it looks like a bug) and click on Scan for Spyware, Adware, Malware...

Configuring SuperAntispyware

? Click on Preferences.
? In the tab General and Startup, make sure the box Start SuperAntispyware when Windows starts is unchecked. This will prevent SuperAntispyware from starting everytime, because it may interfere with other fixes that may be run.
? Navigate to the tab Scanning Control.
? Make sure only these boxes are checked: 
Close browsers before scanning

Scan for tracking cookies

Terminate memory threats before quarantining

Scan Alternate Data Streams

Use Kernel Direct File Access (recommended)

Use Kernel Direct Registry Access (recommended)

Use Direct Disk Access (recommended)

? Click on Close.

Updating SuperAntispyware

? At the main window, click on Check for Updates....
? Wait for SuperAntispyware to be fully updated.

Scanning Time

? Boot into safe mode by repeatedly pressing the F8 key after you press the power button. If safe mode does not work, tell me and do the scan in normal mode.
? Launch SuperAntispyware.
? At the main window, click on Scan your Computer....
? Make sure all drives (excluding CD drives) are checked, select Perform Complete Scan, and then click on Next.
? Wait for the scan to complete, and then click on Next>. This will quarantine and remove all detected items.
? Reboot your computer.

Post A Log

? Launch SuperAntispyware
? Click on Preferences
? Navigate to the tab Statistics/Logs.
? Choose the latest scan log, and the click on View Log....
? Copy and paste the contents of the log here in your next post.

Best Regards :D

PS: The log should be located at C:\Combofix.txt
[ + quote]
Life is but a dream; you dont feel any pain unless you want to or you fall off the bed.
Success is relative; the more success the more relatives.
A computer once beat me at chess, but it was no match for me at kickboxing.
To be or not to be; thats a dumb question.

brinnybug
Newbie
_ 		29. October 2008 @ 16:10 _ Link to this message    Send private message to this user   
Here is the log from superantispyware. I tried safe mode more than once, It didn' work or I did it wrong. Sorry.
Thanks so much for your help! Is there anything else I need to do?
Thanks,
Bryn

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/29/2008 at 00:57 AM

Application Version : 4.21.1004

Core Rules Database Version : 3613
Trace Rules Database Version: 1599

Scan type : Complete Scan
Total Scan Time : 01:11:44

Memory items scanned : 435
Memory threats detected : 5
Registry items scanned : 7811
Registry threats detected : 794
File items scanned : 142017
File threats detected : 386

Trojan.Dropper/Gen
C:\WINDOWS\SYSTEM32\GCQLTG.DLL
C:\WINDOWS\SYSTEM32\GCQLTG.DLL
HKLM\Software\Classes\CLSID\{ba934431-76af-4c99-93c2-c3d21944a72e}
HKCR\CLSID\{BA934431-76AF-4C99-93C2-C3D21944A72E}
HKCR\CLSID\{BA934431-76AF-4C99-93C2-C3D21944A72E}\InProcServer32
HKCR\CLSID\{BA934431-76AF-4C99-93C2-C3D21944A72E}\InProcServer32#ThreadingModel
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler#{ba934431-76af-4c99-93c2-c3d21944a72e}

Adware.Media-Codec/ZLob
C:\PROGRAM FILES\APPLICATIONS\IEBTM.EXE
C:\PROGRAM FILES\APPLICATIONS\IEBTM.EXE
C:\PROGRAM FILES\APPLICATIONS\IEBTMM.EXE
C:\PROGRAM FILES\APPLICATIONS\IEBTMM.EXE
[start] C:\PROGRAM FILES\APPLICATIONS\IEBTM.EXE

Trojan.Unclassified/ALGG
C:\WINDOWS\SYSTEM32\ALGG.EXE
C:\WINDOWS\SYSTEM32\ALGG.EXE
[wblogon] C:\WINDOWS\SYSTEM32\ALGG.EXE
C:\WINDOWS\Prefetch\ALGG.EXE-2A7A7D28.pf

Rogue.VirusResponseLab2009
C:\PROGRAM FILES\VRESLAB\VRESLAB.EXE
C:\PROGRAM FILES\VRESLAB\VRESLAB.EXE
[VResLab] C:\PROGRAM FILES\VRESLAB\VRESLAB.EXE
HKLM\Software\Classes\CLSID\{B494E7BB-1E33-4922-A947-F74EFF4E714F}
HKCR\CLSID\{B494E7BB-1E33-4922-A947-F74EFF4E714F}
HKCR\CLSID\{B494E7BB-1E33-4922-A947-F74EFF4E714F}
HKCR\CLSID\{B494E7BB-1E33-4922-A947-F74EFF4E714F}\InprocServer32
HKCR\CLSID\{B494E7BB-1E33-4922-A947-F74EFF4E714F}\InprocServer32#ThreadingModel
HKCR\CLSID\{B494E7BB-1E33-4922-A947-F74EFF4E714F}\ProgID
HKCR\CLSID\{B494E7BB-1E33-4922-A947-F74EFF4E714F}\Programmable
HKCR\CLSID\{B494E7BB-1E33-4922-A947-F74EFF4E714F}\TypeLib
HKCR\CLSID\{B494E7BB-1E33-4922-A947-F74EFF4E714F}\VersionIndependentProgID
HKCR\VResLabWarning.WarningBHO.1
HKCR\VResLabWarning.WarningBHO.1\CLSID
HKCR\VResLabWarning.WarningBHO
HKCR\VResLabWarning.WarningBHO\CLSID
HKCR\VResLabWarning.WarningBHO\CurVer
HKCR\TypeLib\{3ED86073-2FA7-4cf4-810B-28B030671678}
C:\PROGRAM FILES\VRESLAB\VRESLABWARNING.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B494E7BB-1E33-4922-A947-F74EFF4E714F}
C:\Program Files\VRESLAB
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2466A83D-1B81-456E-9766-38C2B7E48210}\RP1049\A0159987.EXE
C:\WINDOWS\Prefetch\VRESLAB.EXE-199B56B7.pf

Adware.MyWebSearch
HKLM\Software\Classes\CLSID\{00A6FAF1-072E-44cf-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\InprocServer32
HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\InprocServer32#ThreadingModel
HKCR\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}\Programmable
C:\PROGRAM FILES\MYWEBSEARCH\SRCHASTT\1.BIN\MWSSRCAS.DLL
HKLM\Software\Classes\CLSID\{00A6FAF6-072E-44cf-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\InprocServer32
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\InprocServer32#ThreadingModel
HKCR\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}\Programmable
HKLM\Software\Classes\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\InprocServer32
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\InprocServer32#ThreadingModel
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\Programmable
HKCR\CLSID\{07B18EA1-A523-4961-B6BB-170DE4475CCA}\TypeLib
HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}
HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}\1.0
HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}\1.0\0
HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}\1.0\0\win32
HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}\1.0\FLAGS
HKCR\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}\1.0\HELPDIR
C:\PROGRAM FILES\MYWEBSEARCH\BAR\1.BIN\MWSBAR.DLL
HKLM\Software\Classes\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\InprocServer32
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\InprocServer32#ThreadingModel
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\Programmable
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\TypeLib
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
HKLM\Software\Microsoft\Internet Explorer\Toolbar#{07B18EA9-A523-4961-B6BB-170DE4475CCA}

Adware.MyWay
HKLM\Software\Classes\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10}
HKCR\CLSID\{014DA6C9-189F-421A-88CD-07CFE51CFF10}
HKCR\CLSID\{014DA6C9-189F-421A-88CD-07CFE51CFF10}
HKCR\CLSID\{014DA6C9-189F-421A-88CD-07CFE51CFF10}\InprocServer32
C:\PROGRAM FILES\MYGLOBALSEARCH\BAR\1.BIN\MGSBAR.DLL

Trojan.FakeAlert-IEBT
HKLM\Software\Classes\CLSID\{144A6B24-0EBC-4D89-BF09-A06A718E57B5}
HKCR\CLSID\{144A6B24-0EBC-4D89-BF09-A06A718E57B5}
HKCR\CLSID\{144A6B24-0EBC-4D89-BF09-A06A718E57B5}
HKCR\CLSID\{144A6B24-0EBC-4D89-BF09-A06A718E57B5}\Implemented Categories
HKCR\CLSID\{144A6B24-0EBC-4D89-BF09-A06A718E57B5}\Implemented Categories\{00021493-0000-0000-C000-000000000046}
HKCR\CLSID\{144A6B24-0EBC-4D89-BF09-A06A718E57B5}\InprocServer32
HKCR\CLSID\{144A6B24-0EBC-4D89-BF09-A06A718E57B5}\InprocServer32#ThreadingModel
C:\PROGRAM FILES\APPLICATIONS\IEBR.DLL
HKLM\Software\Classes\CLSID\{3B7AAEB1-9F3D-4491-9C06-C7165CA8D058}
HKCR\CLSID\{3B7AAEB1-9F3D-4491-9C06-C7165CA8D058}
HKCR\CLSID\{3B7AAEB1-9F3D-4491-9C06-C7165CA8D058}#www
HKCR\CLSID\{3B7AAEB1-9F3D-4491-9C06-C7165CA8D058}\InprocServer32
HKCR\CLSID\{3B7AAEB1-9F3D-4491-9C06-C7165CA8D058}\InprocServer32#ThreadingModel
C:\PROGRAM FILES\APPLICATIONS\IEBT.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3B7AAEB1-9F3D-4491-9C06-C7165CA8D058}
HKLM\Software\Microsoft\Internet Explorer\Toolbar#{144A6B24-0EBC-4D89-BF09-A06A718E57B5}
HKCR\CLSID\{3B7AAEB1-9F3D-4491-9C06-C7165CA8D058}
C:\QOOBOX\QUARANTINE\C\PROGRAM FILES\APPLICATIONS\IEBR.DLL.VIR

Adware.E404 Helper/Variant-AM
HKLM\Software\Classes\CLSID\{51B15F5A-E98B-4658-B9CB-9307B74773A7}
HKCR\CLSID\{51B15F5A-E98B-4658-B9CB-9307B74773A7}
HKCR\CLSID\{51B15F5A-E98B-4658-B9CB-9307B74773A7}
HKCR\CLSID\{51B15F5A-E98B-4658-B9CB-9307B74773A7}\InprocServer32
HKCR\CLSID\{51B15F5A-E98B-4658-B9CB-9307B74773A7}\InprocServer32#ThreadingModel
HKCR\CLSID\{51B15F5A-E98B-4658-B9CB-9307B74773A7}\ProgID
HKCR\CLSID\{51B15F5A-E98B-4658-B9CB-9307B74773A7}\Programmable
HKCR\CLSID\{51B15F5A-E98B-4658-B9CB-9307B74773A7}\TypeLib
HKCR\CLSID\{51B15F5A-E98B-4658-B9CB-9307B74773A7}\VersionIndependentProgID
HKCR\z444.z444mgr.1
HKCR\z444.z444mgr.1\CLSID
HKCR\z444.z444mgr
HKCR\z444.z444mgr\CLSID
HKCR\z444.z444mgr\CurVer
HKCR\TypeLib\{E63648F7-3933-440E-AAAA-A8584DD7B7EB}
C:\WINDOWS\SYSTEM32\512686\512686.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51B15F5A-E98B-4658-B9CB-9307B74773A7}
C:\QOOBOX\QUARANTINE\C\WINDOWS\SYSTEM32\512686\512686.DLL.VIR
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2466A83D-1B81-456E-9766-38C2B7E48210}\RP1051\A0163461.DLL

Adware.Accoona
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{944864A5-3916-46E2-96A9-A2E84F3F1208}
C:\PROGRAM FILES\FILESUBMIT\EYES OF TERROR800\ATOOLBAR400005.EXE

Trojan.Smitfraud Variant/IE Anti-Spyware
HKLM\Software\Microsoft\Internet Explorer\Extensions\{9034A523-D068-4BE8-A284-9DF278BE776E}

Adware.Tracking Cookie
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@imrworldwide[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@test.coremetrics[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@counter.hitslink[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@media.adrevolver[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@insightexpressai[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@mediaplex[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@collective-media[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@counter.auctionworks[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@realmedia[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@sales.liveperson[8].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@sales.liveperson[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.burstnet[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@statcounter[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@questionmarket[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.realtechnetwork[3].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@stats.sellmosoft[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@partner2profit[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@paypal.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@casalemedia[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@server.iad.liveperson[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@eyewonder[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@perf.overture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@iad.liveperson[3].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@fastclick[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.gametoplist[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@discount-trailers[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@specificclick[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@msnportal.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@stats.adbrite[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@xiti[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wgkycnajkfo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@hitbox[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@statse.webtrendslive[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjlygoazsap.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@sales.liveperson[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tribalfusion[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@kontera[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.realtechnetwork[5].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adopt.specificclick[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@apmebf[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@citi.bridgetrack[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@revsci[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@serving-sys[3].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@cc.bridgetrack[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.burstbeacon[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@richmedia.yahoo[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjny-1odzac.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@data.coremetrics[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adrevolver[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tremor.adbureau[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@optimize.indieclick[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@socialmedia[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@advertising[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@videoegg.adbureau[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@server.iad.liveperson[3].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@burstnet[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@webmd.122.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.realtechnetwork[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.lookery[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@clickshift[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@discountramps[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.pointroll[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@bluestreak[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@dimemag.advertserve[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@zedo[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.lookery[3].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adserver.easyad[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@revenue[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.cnn[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-foxsports.hitbox[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-dig.hitbox[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@dallasnews.dotconnectmedia[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@valueclick[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adlegend[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@247realmedia[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@sales.liveperson[7].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@hearstmagazines.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-equifax.hitbox[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@trafficmp[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@media.adrevolver[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@bs.serving-sys[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tacoda[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adinterax[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adbrite[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@brightcove.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@blockbuster.112.2o7[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@view.atdmt[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adserving.autotrader[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@media6degrees[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@reduxads.valuead[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@4.adbrite[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@rocku.adbureau[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.adbrite[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@partners.tattomedia[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@exitexchange[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wcmyshdzadp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@doubleclick[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-techtarget.hitbox[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@5.go.globaladsales[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@rotator.adjuggler[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@atdmt[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.gmodules[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@icc.intellisrv[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-myspaceinc.hitbox[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@anad.tacoda[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adopt.euroclick[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ad.yieldmanager[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@msnbc.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@stats.jamon[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-fxcm.hitbox[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@provolabs.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tradedoubler[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfmiakajggq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@equifax.adbureau[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@myaccount.peoplepc[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@riverdeep.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@track.bestbuy[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@media.hotels[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@iacas.adbureau[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@s.clickability[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@azjmp[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-akronbeacon.hitbox[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@gostats[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@nextag[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@libertymutual.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-paxinternet.hitbox[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.fatpenguinmedia[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adnetserver[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@atwola[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@americafirstcreditunion.122.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@wpni.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@xmedia.live.advance[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@indexstats[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@cbsdigitalmedia.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@network.realmedia[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@clicksor[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-verizon.hitbox[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.as4x.tmcs[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@mywebsearch[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@fpmads.diabloadult[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.clickmanage[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.addynamix[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@app.insightgrit[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adecn[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@overture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@edge.ru4[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@myaccount.verizonwireless[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.bridgetrack[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@sportingnews.122.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@anat.tacoda[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@goclick[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@fortunecity[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-foundation.hitbox[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@maxim.122.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@bet.burstnet[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@msnaccountservices.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@sparknetworks.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@media.mtvnservices[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@interclick[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@eas.apm.emediate[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@bfast[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@nebuad.adjuggler[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@publishers.clickbooth[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@counter.inkfrog[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adserver.adreactor[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.vlaze[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@iad.liveperson[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@newaccounts.freewebs[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@viamtvcom.112.2o7[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@te.kontera[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@cf-db02.clickfacts[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adfi.adbureau[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@media.brandreachsys[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@dominionenterprises.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@roiservice[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.3dstats[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ad.doubleclick[3].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@landing.trafficz[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.as4x.tmcs.ticketmaster[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfmikpc5efp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@nike.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.bigcatcountry[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@scot.valueclick[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.us.e-planning[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@CA4S7VUF.txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@006.free-counters.co[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@enhance[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@sales.liveperson[5].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.mediashaperonline[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.traderonline[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@thunderbolt.adjuggler[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adserving.contextualmarketplace[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@viacom.adbureau[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@viacomedycentralrl.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@hulu.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@roi.clicklab[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ad.flux[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@qnsr[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@cardfinder.capitalone[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adultfriendfinder[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@server.iad.liveperson[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@afe.specificclick[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@thechronicleofhighereducation.122.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@csi.valueclick[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@cbs.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@glb.adtechus[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@bigcatcountry[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@clickbank[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@moroch.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.movieweb[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.ookla[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@lynxtrack[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.monster[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@keywordmax[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@dynamic.media.adrevolver[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-traderpublishing.hitbox[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-space.hitbox[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@antispywaremaster[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@c1.zedo[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@affiliate.eadvtracker[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@trvlnet.adbureau[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@CA3XCGR5.txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ad.doubleclick[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.easy-forex[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@usatoday1.112.2o7[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adtech[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@sales.liveperson[4].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@myroitracking[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@stat.youku[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adcowebmedia[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@dotconnectmedia[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@virusresponse2009[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@counter.marketplaceadvisor.channeladvisor[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@earthlink.122.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@stats.fresho[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@bizrate[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@bnkicom.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-cardomain.hitbox[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@account.live[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tripod[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@leeenterprises.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@web4.realtracker[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@viavh1com.112.2o7[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjlokhc5mlp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfl4ckdzmbp.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@a.websponsors[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@at.atwola[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-comcast.hitbox[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ad1.clickhype[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ad2.pl.mediainter[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@advertising.goldseek[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adserver.adtechus[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@yadro[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.deliveringtma[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@directtrack[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adinsert.buddymedia[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.usenext[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@specificmedia[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@rotator.dex.adjuggler[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.costumediscounters[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@viamtvnvideo.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@server.iad.liveperson[6].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@track.ihispano[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjkyskd5wdq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@rambler[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@lstat.youku[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.nba[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@counter.surfcounters[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-autodesk.hitbox[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@dmtracker[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.artsopolis[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.sup[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@rm.yieldmanager[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@hypertracker[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tagiq.clickforensics[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ontarget.122.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@nitropayouts.directtrack[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@server.iad.liveperson[4].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@CA4WWIH7.txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@snagajob.122.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads3.blastro[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@zionsbank.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@crackberry[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjnygkdzmkp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@CARIHCJ1.txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@sales.liveperson[9].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@centralmediaserver[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjk4enc5mkp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-rodale.hitbox[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@l1.qsstats[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wgmysndpkdo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@newyorkandcompany.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@clicket[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@CA8D4KN6.txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@chitika[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@backcountry[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-fxsolutions.hitbox[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@media.photobucket[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.ireport[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wdk4oldpehp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@fasttrackwatcher[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@list[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.belstat[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.googleadservices[7].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tns-counter[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjnyqoazcap.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.cellfish[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wflikpdjseo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wgkoolc5wgq.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ehg-rivals.hitbox[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@s5.shinystat[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@northwestairlines.112.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wgkoulajmco.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.googleadservices[11].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@mobileentertainment.directtrack[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@precisionclick[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjlougazgko.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@server.iad.liveperson[7].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@cgm.adbureau[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wfkiegazodo.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wgkiuhdzakp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjkokodzodo.stats.esomniture[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@spylog[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@stat.onestat[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@playonclick[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adknowledge[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@link.mercent[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@CAP5YVS6.txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tracking.foundry42[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@yieldmanager[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@pcvirusremover2008[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@media.cardomain[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@sales.liveperson[6].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@adtrafficstats[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@stats.trafficpayouts[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@CAINT4C0.txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.widgetbucks[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@stats2.clicktracks[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjliwndpwbp.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@affiliates.commissionaccount[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wdk4qhcpcgq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.googleadservices[6].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wdkyunajsho.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.funadvice[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@costumediscounters[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.discountstarwarscostumes[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjliwiczohq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.socialtrack[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjlieidpiep.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@e-2dj6wjnygidpmeq.stats.esomniture[2].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.costumediscounters[3].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@celebrateexpress.122.2o7[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@us.adserver.yahoo[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ads.peer39[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@tracking.foundry42[3].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@ad.fed.msn[1].txt
C:\Documents and Settings\HP_Owner\Cookies\hp_owner@www.googleadservices[1].txt

Adware.MyWebSearch/FunWebProducts
HKU\S-1-5-21-1516019560-2937420181-2054999257-1009\SOFTWARE\Fun Web Products
HKLM\SOFTWARE\Fun Web Products
HKLM\SOFTWARE\Fun Web Products#JpegConversionLib
HKLM\SOFTWARE\Fun Web Products#CacheDir
HKLM\SOFTWARE\Fun Web Products\MSNMessenger
HKLM\SOFTWARE\Fun Web Products\MSNMessenger#DLLFile
HKLM\SOFTWARE\Fun Web Products\MSNMessenger#DLLDir
HKLM\SOFTWARE\Fun Web Products\ScreenSaver
HKLM\SOFTWARE\Fun Web Products\ScreenSaver#ImagesDir
HKLM\SOFTWARE\Fun Web Products\ScreenSaver#PM
HKLM\SOFTWARE\Fun Web Products\Settings
HKLM\SOFTWARE\Fun Web Products\Settings\AvatarSmallBtn
HKLM\SOFTWARE\Fun Web Products\Settings\AvatarSmallBtn#LastHTMLMenuURL
HKLM\SOFTWARE\Fun Web Products\Settings\AvatarSmallBtn#HTMLMenuRevision
HKLM\SOFTWARE\Fun Web Products\Settings\AvatarSmallBtn#ETag
HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn
HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn#LastHTMLMenuURL
HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn#HTMLMenuRevision
HKLM\SOFTWARE\Fun Web Products\Settings\CursorManiaBtn#ETag
HKLM\SOFTWARE\Fun Web Products\Settings\FunBuddyIconBtn
HKLM\SOFTWARE\Fun Web Products\Settings\FunBuddyIconBtn#LastHTMLMenuURL
HKLM\SOFTWARE\Fun Web Products\Settings\FunBuddyIconBtn#HTMLMenuRevision
HKLM\SOFTWARE\Fun Web Products\Settings\FunBuddyIconBtn#ETag
HKLM\SOFTWARE\Fun Web Products\Settings\MyFunCardsIMBtn
HKLM\SOFTWARE\Fun Web Products\Settings\MyFunCardsIMBtn#LastHTMLMenuURL
HKLM\SOFTWARE\Fun Web Products\Settings\MyFunCardsIMBtn#HTMLMenuRevision
HKLM\SOFTWARE\Fun Web Products\Settings\MyFunCardsIMBtn#ETag
HKLM\SOFTWARE\Fun Web Products\Settings\Promos
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextNone.numActive
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextNone.0
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyFreqNone
HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextUninstalled.numActive
HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn
HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#HTMLMenuPosDeleted
HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#LastHTMLMenuURL
HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#HTMLMenuRevision
HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#ETag
HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#iexplore.exe.pos
HKLM\SOFTWARE\Fun Web Products\Settings\SmileyCentralBtn#yahoomessenger.exe.pos
HKU\S-1-5-21-1516019560-2937420181-2054999257-1009\SOFTWARE\FunWebProducts
HKLM\SOFTWARE\FunWebProducts
HKLM\SOFTWARE\FunWebProducts\Installer
HKLM\SOFTWARE\FunWebProducts\Installer#Dir
HKLM\SOFTWARE\FunWebProducts\Installer#CurInstall
HKLM\SOFTWARE\FunWebProducts\Installer#sr
HKLM\SOFTWARE\FunWebProducts\Installer#pl
HKLM\SOFTWARE\FunWebProducts\Installer#CheckForConnection
HKLM\SOFTWARE\FunWebProducts\Installer#CacheDir
HKLM\SOFTWARE\FunWebProducts\Installer\downloaded
HKU\S-1-5-21-1516019560-2937420181-2054999257-1009\SOFTWARE\MyWebSearch
HKLM\SOFTWARE\MyWebSearch
HKLM\SOFTWARE\MyWebSearch\bar
HKLM\SOFTWARE\MyWebSearch\bar#Maximized
HKLM\SOFTWARE\MyWebSearch\bar#Visible
HKLM\SOFTWARE\MyWebSearch\bar#pid
HKLM\SOFTWARE\MyWebSearch\bar#un
HKLM\SOFTWARE\MyWebSearch\bar#tiec
HKLM\SOFTWARE\MyWebSearch\bar#Dir
HKLM\SOFTWARE\MyWebSearch\bar#PluginPath
HKLM\SOFTWARE\MyWebSearch\bar#CurInstall
HKLM\SOFTWARE\MyWebSearch\bar#SettingsDir
HKLM\SOFTWARE\MyWebSearch\bar#sr
HKLM\SOFTWARE\MyWebSearch\bar#pl
HKLM\SOFTWARE\MyWebSearch\bar#Id
HKLM\SOFTWARE\MyWebSearch\bar#CacheDir
HKLM\SOFTWARE\MyWebSearch\bar#ConfigRevision
HKLM\SOFTWARE\MyWebSearch\bar#ConfigRevisionURL
HKLM\SOFTWARE\MyWebSearch\bar#ConfigDateStamp
HKLM\SOFTWARE\MyWebSearch\bar#HTMLMenuRevision
HKLM\SOFTWARE\MyWebSearch\bar#sscSet
HKLM\SOFTWARE\MyWebSearch\bar#sscLabel
HKLM\SOFTWARE\MyWebSearch\MWSOEMON
HKLM\SOFTWARE\MyWebSearch\MWSOEMON#Version
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG#Version
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG#Path
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG#StandardSmileyDir.AIM
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.numActive
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.numActive2
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.0.old
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.1.old
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.2.old
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.3.old
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.4.old
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.5.old
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.6.old
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.7.old
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.8.old
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.9.old
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.10.old
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.11.old
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#Yahoo.12.old
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.numActive
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.numActive2
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.0.old
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.1.old
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.2.old
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.3.old
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.4.old
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIM.5.old
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.numActive2
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.0
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.1
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.2
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.3
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.4
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#AIMT.5
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.numActive2
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.0
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.1
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.2
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.3
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.4
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.5
HKLM\SOFTWARE\MyWebSearch\MWSOEPLG\Promo#GoogleTalkHTML.6
HKLM\SOFTWARE\MyWebSearch\OEHosts
HKLM\SOFTWARE\MyWebSearch\OEHosts#boscript
HKLM\SOFTWARE\MyWebSearch\SearchAssistant
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#pid
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#Dir
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#esh
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#lsp
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#CurInstall
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#sr
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#pl
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#Id
HKLM\SOFTWARE\MyWebSearch\SearchAssistant#ConfigDateStamp
HKLM\SOFTWARE\MyWebSearch\SkinTools
HKLM\SOFTWARE\MyWebSearch\SkinTools#PlayerPath
HKCR\FunWebProducts.DataControl
HKCR\FunWebProducts.DataControl\CLSID
HKCR\FunWebProducts.DataControl\CurVer
HKCR\FunWebProducts.DataControl.1
HKCR\FunWebProducts.DataControl.1\CLSID
HKCR\FunWebProducts.HistoryKillerScheduler
HKCR\FunWebProducts.HistoryKillerScheduler\CLSID
HKCR\FunWebProducts.HistoryKillerScheduler\CurVer
HKCR\FunWebProducts.HistoryKillerScheduler.1
HKCR\FunWebProducts.HistoryKillerScheduler.1\CLSID
HKCR\FunWebProducts.HistorySwatterControlBar
HKCR\FunWebProducts.HistorySwatterControlBar\CLSID
HKCR\FunWebProducts.HistorySwatterControlBar\CurVer
HKCR\FunWebProducts.HistorySwatterControlBar.1
HKCR\FunWebProducts.HistorySwatterControlBar.1\CLSID
HKCR\FunWebProducts.HTMLMenu
HKCR\FunWebProducts.HTMLMenu\CLSID
HKCR\FunWebProducts.HTMLMenu\CurVer
HKCR\FunWebProducts.HTMLMenu.1
HKCR\FunWebProducts.HTMLMenu.1\CLSID
HKCR\FunWebProducts.HTMLMenu.2
HKCR\FunWebProducts.HTMLMenu.2\CLSID
HKCR\FunWebProducts.IECookiesManager
HKCR\FunWebProducts.IECookiesManager\CLSID
HKCR\FunWebProducts.IECookiesManager\CurVer
HKCR\FunWebProducts.IECookiesManager.1
HKCR\FunWebProducts.IECookiesManager.1\CLSID
HKCR\FunWebProducts.KillerObjManager
HKCR\FunWebProducts.KillerObjManager\CLSID
HKCR\FunWebProducts.KillerObjManager\CurVer
HKCR\FunWebProducts.KillerObjManager.1
HKCR\FunWebProducts.KillerObjManager.1\CLSID
HKCR\FunWebProducts.PopSwatterBarButton
HKCR\FunWebProducts.PopSwatterBarButton\CLSID
HKCR\FunWebProducts.PopSwatterBarButton\CurVer
HKCR\FunWebProducts.PopSwatterBarButton.1
HKCR\FunWebProducts.PopSwatterBarButton.1\CLSID
HKCR\FunWebProducts.PopSwatterSettingsControl
HKCR\FunWebProducts.PopSwatterSettingsControl\CLSID
HKCR\FunWebProducts.PopSwatterSettingsControl\CurVer
HKCR\FunWebProducts.PopSwatterSettingsControl.1
HKCR\FunWebProducts.PopSwatterSettingsControl.1\CLSID
HKCR\MyWebSearch.ChatSessionPlugin
HKCR\MyWebSearch.ChatSessionPlugin\CLSID
HKCR\MyWebSearch.ChatSessionPlugin\CurVer
HKCR\MyWebSearch.ChatSessionPlugin.1
HKCR\MyWebSearch.ChatSessionPlugin.1\CLSID
HKCR\MyWebSearch.HTMLPanel
HKCR\MyWebSearch.HTMLPanel\CLSID
HKCR\MyWebSearch.HTMLPanel\CurVer
HKCR\MyWebSearch.HTMLPanel.1
HKCR\MyWebSearch.HTMLPanel.1\CLSID
HKCR\MyWebSearch.OutlookAddin
HKCR\MyWebSearch.OutlookAddin\CLSID
HKCR\MyWebSearch.OutlookAddin\CurVer
HKCR\MyWebSearch.OutlookAddin.1
HKCR\MyWebSearch.OutlookAddin.1\CLSID
HKCR\MyWebSearch.PseudoTransparentPlugin
HKCR\MyWebSearch.PseudoTransparentPlugin\CLSID
HKCR\MyWebSearch.PseudoTransparentPlugin\CurVer
HKCR\MyWebSearch.PseudoTransparentPlugin.1
HKCR\MyWebSearch.PseudoTransparentPlugin.1\CLSID
HKCR\MyWebSearchToolBar.SettingsPlugin
HKCR\MyWebSearchToolBar.SettingsPlugin\CLSID
HKCR\MyWebSearchToolBar.SettingsPlugin\CurVer
HKCR\MyWebSearchToolBar.SettingsPlugin.1
HKCR\MyWebSearchToolBar.SettingsPlugin.1\CLSID
HKCR\MyWebSearchToolBar.ToolbarPlugin
HKCR\MyWebSearchToolBar.ToolbarPlugin\CLSID
HKCR\MyWebSearchToolBar.ToolbarPlugin\CurVer
HKCR\MyWebSearchToolBar.ToolbarPlugin.1
HKCR\MyWebSearchToolBar.ToolbarPlugin.1\CLSID
HKCR\ScreenSaverControl.ScreenSaverInstaller
HKCR\ScreenSaverControl.ScreenSaverInstaller\CLSID
HKCR\ScreenSaverControl.ScreenSaverInstaller\CurVer
HKCR\ScreenSaverControl.ScreenSaverInstaller.1
HKCR\ScreenSaverControl.ScreenSaverInstaller.1\CLSID
HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\Control
HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\InprocServer32
HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\InprocServer32#ThreadingModel
HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\MiscStatus
HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\MiscStatus\1
HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\ProgID
HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\Programmable
HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\TypeLib
HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\Version
HKCR\CLSID\{07B18EAB-A523-4961-B6BB-170DE4475CCA}\VersionIndependentProgID
HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}
HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\InprocServer32
HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\InprocServer32#ThreadingModel
HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\ProgID
HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\Programmable
HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\TypeLib
HKCR\CLSID\{0F8ECF4F-3646-4C3A-8881-8E138FFCAF70}\VersionIndependentProgID
HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}\TreatAs
HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}
HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Implemented Categories
HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Implemented Categories\{00021493-0000-0000-C000-000000000046}
HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\InprocServer32
HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\InprocServer32#ThreadingModel
HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Instance
HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Instance#CLSID
HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Instance\InitPropertyBag
HKCR\CLSID\{1E0DE227-5CE4-4ea3-AB0C-8B03E1AA76BC}\Instance\InitPropertyBag#Url
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\Control
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\InprocServer32
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\InprocServer32#ThreadingModel
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\MiscStatus
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\MiscStatus\1
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\ProgID
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\Programmable
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\TypeLib
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\Version
HKCR\CLSID\{25560540-9571-4D7B-9389-0F166788785A}\VersionIndependentProgID
HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}\InprocServer32
HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}\InprocServer32#ThreadingModel
HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}\ProgID
HKCR\CLSID\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}\VersionIndependentProgID
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\Control
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\InprocServer32
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\InprocServer32#ThreadingModel
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\MiscStatus
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\MiscStatus\1
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\ProgID
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\Programmable
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\TypeLib
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\Version
HKCR\CLSID\{3E720452-B472-4954-B7AA-33069EB53906}\VersionIndependentProgID
HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}
HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\InprocServer32
HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\InprocServer32#ThreadingModel
HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\ProgID
HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\Programmable
HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\TypeLib
HKCR\CLSID\{53CED2D0-5E9A-4761-9005-648404E6F7E5}\VersionIndependentProgID
HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\InprocServer32
HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\InprocServer32#ThreadingModel
HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\ProgID
HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\Programmable
HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\TypeLib
HKCR\CLSID\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}\VersionIndependentProgID
HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}
HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\Control
HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32
HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32#ThreadingModel
HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus
HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus\1
HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\Programmable
HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\TypeLib
HKCR\CLSID\{7473D292-B7BB-4f24-AE82-7E2CE94BB6A9}\Version
HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}
HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\Control
HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32
HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32#ThreadingModel
HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus
HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus\1
HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\ProgID
HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\Programmable
HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\TypeLib
HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\Version
HKCR\CLSID\{7473D294-B7BB-4f24-AE82-7E2CE94BB6A9}\VersionIndependentProgID
HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}
HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\Control
HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32
HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\InprocServer32#ThreadingModel
HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus
HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\MiscStatus\1
HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\Programmable
HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\TypeLib
HKCR\CLSID\{7473D296-B7BB-4f24-AE82-7E2CE94BB6A9}\Version
HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}
HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}\InprocServer32
HKCR\CLSID\{84DA4FDF-A1CF-4195-8688-3E961F505983}\InprocServer32#ThreadingModel
HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}
HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\InprocServer32
HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\InprocServer32#ThreadingModel
HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\ProgID
HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\Programmable
HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\TypeLib
HKCR\CLSID\{8E6F1832-9607-4440-8530-13BE7C4B1D14}\VersionIndependentProgID
HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}
HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}\InprocServer32
HKCR\CLSID\{938AA51A-996C-4884-98CE-80DD16A5C9DA}\InprocServer32#ThreadingModel
HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}\InprocServer32
HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}\InprocServer32#ThreadingModel
HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}\ProgID
HKCR\CLSID\{98D9753D-D73B-42D5-8C85-4469CDA897AB}\VersionIndependentProgID
HKCR\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179}
HKCR\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179}\TreatAs
HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}
HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\InprocServer32
HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\InprocServer32#ThreadingModel
HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\MiscStatus
HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\MiscStatus\1
HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\ProgID
HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\Programmable
HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\TypeLib
HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\Version
HKCR\CLSID\{9FF05104-B030-46FC-94B8-81276E4E27DF}\VersionIndependentProgID
HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3}
HKCR\CLSID\{A4730EBE-43A6-443e-9776-36915D323AD3}\TreatAs
HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}
HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}\InprocServer32
HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}\InprocServer32#ThreadingModel
HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}\Programmable
HKCR\CLSID\{A9571378-68A1-443d-B082-284F960C6D17}\TypeLib
HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}
HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}\InprocServer32
HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}\InprocServer32#ThreadingModel
HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}\ProgID
HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}\Programmable
HKCR\CLSID\{ADB01E81-3C79-4272-A0F1-7B2BE7A782DC}\VersionIndependentProgID
HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}
HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\InprocServer32
HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\InprocServer32#ThreadingModel
HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\MiscStatus
HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\MiscStatus\1
HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\ProgID
HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\Programmable
HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\TypeLib
HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\Version
HKCR\CLSID\{B813095C-81C0-4E40-AA14-67520372B987}\VersionIndependentProgID
HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}
HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\InprocServer32
HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\InprocServer32#ThreadingModel
HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\MiscStatus
HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\MiscStatus\1
HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\ProgID
HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\Programmable
HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\TypeLib
HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\Version
HKCR\CLSID\{C9D7BE3E-141A-4C85-8CD6-32461F3DF2C7}\VersionIndependentProgID
HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}
HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\InprocServer32
HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\InprocServer32#ThreadingModel
HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\ProgID
HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\Programmable
HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\TypeLib
HKCR\CLSID\{CFF4CE82-3AA2-451F-9B77-7165605FB835}\VersionIndependentProgID
HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}
HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}\InprocServer32
HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}\InprocServer32#ThreadingModel
HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}\Programmable
HKCR\CLSID\{D9FFFB27-D62A-4D64-8CEC-1FF006528805}\TypeLib
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\Control
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\InprocServer32
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\InprocServer32#ThreadingModel
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\MiscStatus
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\MiscStatus\1
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\ProgID
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\Programmable
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\TypeLib
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\Version
HKCR\CLSID\{E79DFBCA-5697-4fbd-94E5-5B2A9C7C1612}\VersionIndependentProgID
HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}\1.0
HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}\1.0\0
HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}\1.0\0\win32
HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}\1.0\FLAGS
HKCR\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}\1.0\HELPDIR
HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}\1.0
HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}\1.0\0
HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}\1.0\0\win32
HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}\1.0\FLAGS
HKCR\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}\1.0\HELPDIR
HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}\1.0
HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}\1.0\0
HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}\1.0\0\win32
HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}\1.0\FLAGS
HKCR\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}\1.0\HELPDIR
HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}
HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}\1.0
HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}\1.0\0
HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}\1.0\0\win32
HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}\1.0\FLAGS
HKCR\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}\1.0\HELPDIR
HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}
HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}\1.0
HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}\1.0\0
HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}\1.0\0\win32
HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}\1.0\FLAGS
HKCR\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}\1.0\HELPDIR
HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}\1.0
HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}\1.0\0
HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}\1.0\0\win32
HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}\1.0\FLAGS
HKCR\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}\1.0\HELPDIR
HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}
HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}\1.0
HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}\1.0\0
HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}\1.0\0\win32
HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}\1.0\FLAGS
HKCR\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}\1.0\HELPDIR
HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}\1.0
HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}\1.0\0
HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}\1.0\0\win32
HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}\1.0\FLAGS
HKCR\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}\1.0\HELPDIR
HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}
HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}\1.0
HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}\1.0\0
HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}\1.0\0\win32
HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}\1.0\FLAGS
HKCR\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}\1.0\HELPDIR
HKCR\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
HKCR\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}\1.0
HKCR\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}\1.0\0
HKCR\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}\1.0\0\win32
HKCR\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}\1.0\FLAGS
HKCR\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}\1.0\HELPDIR
HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid
HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid32
HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\TypeLib
HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\TypeLib#Version
HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid
HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid32
HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\TypeLib
HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\TypeLib#Version
HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\ProxyStubClsid
HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\ProxyStubClsid32
HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\TypeLib
HKCR\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}\TypeLib#Version
HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\ProxyStubClsid
HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\ProxyStubClsid32
HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\TypeLib
HKCR\Interface\{120927BF-1700-43BC-810F-FAB92549B390}\TypeLib#Version
HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\ProxyStubClsid
HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\ProxyStubClsid32
HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\TypeLib
HKCR\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}\TypeLib#Version
HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\ProxyStubClsid
HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\ProxyStubClsid32
HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\TypeLib
HKCR\Interface\{1F52A5FA-A705-4415-B975-88503B291728}\TypeLib#Version
HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\ProxyStubClsid
HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\ProxyStubClsid32
HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\TypeLib
HKCR\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}\TypeLib#Version
HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid
HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32
HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib
HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib#Version
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib
HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\TypeLib#Version
HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\ProxyStubClsid
HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\ProxyStubClsid32
HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\TypeLib
HKCR\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}\TypeLib#Version
HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\ProxyStubClsid
HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\ProxyStubClsid32
HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\TypeLib
HKCR\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}\TypeLib#Version
HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\ProxyStubClsid
HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\ProxyStubClsid32
HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\TypeLib
HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\TypeLib#Version
HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\ProxyStubClsid
HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\ProxyStubClsid32
HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\TypeLib
HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\TypeLib#Version
HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid
HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid32
HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\TypeLib
HKCR\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}\TypeLib#Version
HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid
HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\ProxyStubClsid32
HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\TypeLib
HKCR\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}\TypeLib#Version
HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\ProxyStubClsid
HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\ProxyStubClsid32
HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\TypeLib
HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\TypeLib#Version
HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}\ProxyStubClsid
HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}\ProxyStubClsid32
HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}\TypeLib
HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}\TypeLib#Version
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\ProxyStubClsid32
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib
HKCR\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}\TypeLib#Version
HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid
HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid
HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid
HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid
HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32
HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib
HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\TypeLib#Version
HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\ProxyStubClsid
HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\ProxyStubClsid32
HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\TypeLib
HKCR\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}\TypeLib#Version
HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\ProxyStubClsid
HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\ProxyStubClsid32
HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\TypeLib
HKCR\Interface\{991AAC62-B100-47CE-8B75-253965244F69}\TypeLib#Version
HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\ProxyStubClsid
HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\ProxyStubClsid32
HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\TypeLib
HKCR\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}\TypeLib#Version
HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\ProxyStubClsid
HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\ProxyStubClsid32
HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\TypeLib
HKCR\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}\TypeLib#Version
HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\ProxyStubClsid
HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\ProxyStubClsid32
HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\TypeLib
HKCR\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}\TypeLib#Version
HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\ProxyStubClsid
HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\ProxyStubClsid32
HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\TypeLib
HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\TypeLib#Version
HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\ProxyStubClsid
HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\ProxyStubClsid32
HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\TypeLib
HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\TypeLib#Version
HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\ProxyStubClsid
HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\ProxyStubClsid32
HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\TypeLib
HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\TypeLib#Version
HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid
HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid32
HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib
HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib#Version
HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid
HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid32
HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib
HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\TypeLib#Version
HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\ProxyStubClsid
HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\ProxyStubClsid32
HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\TypeLib
HKCR\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}\TypeLib#Version
HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\ProxyStubClsid
HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\ProxyStubClsid32
HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\TypeLib
HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\TypeLib#Version
HKLM\Software\FocusInteractive
HKLM\Software\FocusInteractive\bar
HKLM\Software\FocusInteractive\bar\Switches
HKLM\Software\FocusInteractive\bar\Switches#incmail.exe
HKLM\Software\FocusInteractive\bar\Switches#msimn.exe
HKLM\Software\FocusInteractive\bar\Switches#msn.exe
HKLM\Software\FocusInteractive\bar\Switches#outlook.exe
HKLM\Software\FocusInteractive\bar\Switches#waol.exe
HKLM\Software\FocusInteractive\bar\Switches#aim.exe
HKLM\Software\FocusInteractive\bar\Switches#icq.exe
HKLM\Software\FocusInteractive\bar\Switches#icqlite.exe
HKLM\Software\FocusInteractive\bar\Switches#msmsgs.exe
HKLM\Software\FocusInteractive\bar\Switches#msnmsgr.exe
HKLM\Software\FocusInteractive\bar\Switches#ypager.exe
HKLM\Software\FocusInteractive\bar\Switches#au
HKLM\Software\FocusInteractive\bar\Switches#mwsSrcAs.dll
HKLM\Software\FocusInteractive\bar\Switches#ok
HKLM\Software\FocusInteractive\bar\Switches#od
HKLM\Software\FocusInteractive\bar\Switches#nk
HKLM\Software\FocusInteractive\bar\Switches#nd
HKLM\Software\FocusInteractive\Email-IM
HKLM\Software\FocusInteractive\Email-IM\0
HKLM\Software\FocusInteractive\Email-IM\0#Toolbar
HKLM\Software\FocusInteractive\Email-IM\0#AppName
HKLM\Software\FocusInteractive\Email-IM\0#Path
HKLM\Software\FocusInteractive\Outlook
HKLM\Software\FocusInteractive\Outlook#MyWebSearch.OutlookAddin
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall#HelpLink
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall#Publisher
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyWebSearch bar Uninstall#UrlInfoAbout

Trojan.Media-Codec
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\System Alert Popup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\System Alert Popup#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\System Alert Popup#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEBrowse Tool
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEBrowse Tool#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEBrowse Tool#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IExplorer Bar
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IExplorer Bar#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IExplorer Bar#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Warning Center
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Warning Center#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Warning Center#UninstallString

Trojan.VideoCach/Gen
HKCR\TypeLib\{A8954909-1F0F-41A5-A7FA-3B376D69E226}
HKCR\TypeLib\{A8954909-1F0F-41A5-A7FA-3B376D69E226}\1.0
HKCR\TypeLib\{A8954909-1F0F-41A5-A7FA-3B376D69E226}\1.0\0
HKCR\TypeLib\{A8954909-1F0F-41A5-A7FA-3B376D69E226}\1.0\0\win32
HKCR\TypeLib\{A8954909-1F0F-41A5-A7FA-3B376D69E226}\1.0\FLAGS
HKCR\TypeLib\{A8954909-1F0F-41A5-A7FA-3B376D69E226}\1.0\HELPDIR
HKCR\Interface\{967A494A-6AEC-4555-9CAF-FA6EB00ACF91}
HKCR\Interface\{967A494A-6AEC-4555-9CAF-FA6EB00ACF91}\ProxyStubClsid
HKCR\Interface\{967A494A-6AEC-4555-9CAF-FA6EB00ACF91}\ProxyStubClsid32
HKCR\Interface\{967A494A-6AEC-4555-9CAF-FA6EB00ACF91}\TypeLib
HKCR\Interface\{967A494A-6AEC-4555-9CAF-FA6EB00ACF91}\TypeLib#Version
HKCR\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}
HKCR\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}\ProxyStubClsid
HKCR\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}\ProxyStubClsid32
HKCR\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}\TypeLib
HKCR\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}\TypeLib#Version

Trojan.Media-Codec/V4
HKCR\multimediaControls.chl
HKCR\multimediaControls.chl\CLSID

Adware.E404 Helper/Hij
HKCR\CLSID\e405.e405mgr
HKCR\CLSID\e405.e405mgr#UserId
HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}
HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0
HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\0
HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\0\win32
HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\FLAGS
HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\HELPDIR
HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}
HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\ProxyStubClsid
HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\ProxyStubClsid32
HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\TypeLib
HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\TypeLib#Version

Rogue.Windows AntiVirus 2008
C:\Program Files\WAV\Uninstall.exe
C:\Program Files\WAV\WAV.exe
C:\Program Files\WAV\WAV1.dat
C:\Program Files\WAV
C:\WINDOWS\Prefetch\WAV.EXE-1272C412.pf

Rogue.FakeAlert
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2466A83D-1B81-456E-9766-38C2B7E48210}\RP1049\A0159988.DLL

Trojan.Unclassified-Packed/Suspicious
C:\SYSTEM VOLUME INFORMATION\_RESTORE{2466A83D-1B81-456E-9766-38C2B7E48210}\RP1051\A0163443.DLL
[ + quote]
brinnybug
Newbie
_ 		29. October 2008 @ 16:17 _ Link to this message    Send private message to this user   
This is what I copied and pasted from C:combofix.txt
Not sure if this is what you were looking for...
Thanks!
Bryn

ComboFix 08-10-28.01 - HP_Owner 2008-10-28 21:05:42.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.195 [GMT -6:00]
Running from: C:\Documents and Settings\HP_Owner\Desktop\Combo-Fix.exe
* Created a new restore point
.
[ + quote]
cdavfrew
Senior Member
_ 		30. October 2008 @ 00:50 _ Link to this message    Send private message to this user   
Hey brinnybug

Please post the entire Combofix log, as the combofix log you posted is not complete.

Best Regards :D
[ + quote]
Life is but a dream; you dont feel any pain unless you want to or you fall off the bed.
Success is relative; the more success the more relatives.
A computer once beat me at chess, but it was no match for me at kickboxing.
To be or not to be; thats a dumb question.

brinnybug
Newbie
_ 		30. October 2008 @ 10:29 _ Link to this message    Send private message to this user   
Here is my combofix log. Sorry I didn't have it right the first time. Thanks for your patience:D
-Bryn

ComboFix 08-10-30.04 - HP_Owner 2008-10-30 0:03:13.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.169 [GMT -6:00]
Running from: C:\Documents and Settings\HP_Owner\Desktop\Combo-Fix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Applications\iebt.dll
C:\WINDOWS\system32\512686\512686.dll
.
---- Previous Run -------
.
C:\Documents and Settings\HP_Owner\My Documents\My Documents.url
C:\Documents and Settings\HP_Owner\My Documents\My Pictures\My Pictures.url
C:\Documents and Settings\HP_Owner\My Documents\My Videos\My Video.url
C:\Program Files\Applications\iebr.dll
C:\Program Files\Applications\iebu.exe
C:\Program Files\Applications\myd.ico
C:\Program Files\Applications\mym.ico
C:\Program Files\Applications\myp.ico
C:\Program Files\Applications\myv.ico
C:\Program Files\Applications\ot.ico
C:\Program Files\Applications\ts.ico
C:\Program Files\Applications\wcm.exe
C:\Program Files\Applications\wcs.exe
C:\Program Files\Mozilla Firefox\plugins\NPMyGlSh.dll
C:\Program Files\myglobalsearch
C:\Program Files\myglobalsearch\bar\1.bin\M9FFXTBR.JAR
C:\Program Files\myglobalsearch\bar\1.bin\M9FFXTBR.MANIFEST
C:\Program Files\myglobalsearch\bar\1.bin\M9NTSTBR.JAR
C:\Program Files\myglobalsearch\bar\1.bin\M9NTSTBR.MANIFEST
C:\Program Files\myglobalsearch\bar\1.bin\M9PLUGIN.DLL
C:\Program Files\myglobalsearch\bar\1.bin\NPMYGLSH.DLL
C:\Program Files\myglobalsearch\bar\Cache\00A1D784
C:\Program Files\myglobalsearch\bar\Cache\00A1DFA2
C:\Program Files\myglobalsearch\bar\Cache\00A1E0DB.bin
C:\Program Files\myglobalsearch\bar\Cache\00A1E417.bin
C:\Program Files\myglobalsearch\bar\Cache\00A1E5CD.bin
C:\Program Files\myglobalsearch\bar\Cache\files.ini
C:\Program Files\myglobalsearch\bar\History\search
C:\Program Files\myglobalsearch\bar\Settings\prevcfg.htm
C:\WINDOWS\Downloaded Program Files\setup.inf
C:\WINDOWS\IE4 Error Log.txt
C:\WINDOWS\system32\512686
C:\WINDOWS\system32\512686\512686.dll
C:\WINDOWS\system32\wav.cpl
D:\Autorun.inf

.
((((((((((((((((((((((((( Files Created from 2008-09-28 to 2008-10-30 )))))))))))))))))))))))))))))))
.

2008-10-28 23:20 . 2008-10-28 23:20 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-10-28 23:19 . 2008-10-28 23:19 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2008-10-28 23:19 . 2008-10-28 23:19 <DIR> d-------- C:\Documents and Settings\HP_Owner\Application Data\SUPERAntiSpyware.com
2008-10-28 22:20 . 2008-10-28 22:20 <DIR> d-------- C:\Program Files\Lavasoft
2008-10-28 22:20 . 2008-10-28 22:20 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-10-28 22:19 . 2008-10-28 23:18 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-10-28 21:41 . 2008-10-28 21:41 <DIR> d-------- C:\Program Files\Trend Micro
2008-10-28 21:12 . 2008-10-29 10:00 <DIR> d-------- C:\WINDOWS\system32\512686
2008-10-28 19:51 . 2008-10-28 19:51 <DIR> d-------- C:\WINDOWS\system32\scripting
2008-10-28 19:51 . 2008-10-28 19:51 <DIR> d-------- C:\WINDOWS\l2schemas
2008-10-28 19:50 . 2008-10-28 19:50 <DIR> d-------- C:\WINDOWS\system32\bits
2008-10-28 19:45 . 2008-10-28 19:51 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2008-10-28 19:35 . 2008-10-28 19:35 <DIR> d-------- C:\WINDOWS\EHome
2008-10-28 13:39 . 2008-10-28 23:39 <DIR> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-10-28 13:38 . 2008-10-29 10:00 <DIR> d-------- C:\Program Files\Applications
2008-10-23 20:59 . 2008-10-15 10:34 337,408 --------- C:\WINDOWS\system32\dllcache\netapi32.dll
2008-10-15 04:09 . 2008-09-08 04:41 333,824 --------- C:\WINDOWS\system32\dllcache\srv.sys
2008-10-15 04:08 . 2008-08-14 04:11 2,189,184 --------- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-10-15 04:08 . 2008-08-14 04:09 2,145,280 --------- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-10-15 04:08 . 2008-08-14 03:33 2,066,048 --------- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-10-15 04:08 . 2008-08-14 03:33 2,023,936 --------- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-10-15 04:08 . 2008-09-15 06:12 1,846,400 --------- C:\WINDOWS\system32\dllcache\win32k.sys
2008-10-10 11:21 . 2008-10-10 11:21 <DIR> d-------- C:\Program Files\AnswerWorks 4.0
2008-10-10 11:12 . 2008-10-10 11:22 <DIR> d-------- C:\Program Files\AutoCAD 2006
2008-10-10 11:10 . 2008-10-10 11:23 <DIR> d-------- C:\Program Files\Common Files\Autodesk Shared
2008-10-10 11:10 . 2008-10-10 11:10 <DIR> d-------- C:\Program Files\Autodesk
2008-09-27 22:53 . 2008-10-29 12:19 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-09-23 19:11 . 2008-09-23 19:11 <DIR> d--hs---- C:\found.001
2008-09-22 10:40 . 2008-09-22 10:40 <DIR> d-------- C:\Program Files\Interbank FX Trader 4
2008-09-22 10:21 . 2008-09-22 10:21 <DIR> d-------- C:\Program Files\Candleworks
2008-09-22 10:00 . 2008-10-10 00:02 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-09-22 10:00 . 2008-09-22 10:00 1,409 --a------ C:\WINDOWS\QTFont.for
2008-09-04 15:02 . 2008-09-04 15:02 <DIR> d-------- C:\4a87f6866f5aa95e6191b3

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-29 20:02 3,645 ----a-w C:\WINDOWS\viassary-hp.reg
2008-10-10 17:12 --------- d-----w C:\Documents and Settings\All Users\Application Data\Autodesk
2008-09-28 04:54 --------- d-----w C:\Program Files\Google
2008-09-25 15:48 --------- d-----w C:\Program Files\Lexmark 1200 Series
2008-09-08 10:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-05-18 04:32 776,728 ----a-w C:\Program Files\kSolo_Install.exe
2008-01-15 05:10 6,880 ----a-w C:\Documents and Settings\HP_Owner\Application Data\wklnhst.dat
2007-05-30 08:42 1,051,008 ----a-w C:\Program Files\SetupOneCare.exe
2006-12-07 17:26 360,448 ----a-w C:\Program Files\Uninstall My Web Search.dll
2003-08-05 17:41 53,248 ----a-w C:\WINDOWS\inf\ap561.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-06-26 1207080]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2005-02-10 1937408]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 15360]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2007-03-06 5181440]
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-06-11 4670968]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-01-23 126976]
"HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-02-25 245760]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-14 253952]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2005-06-03 180269]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2005-02-28 1385472]
"mmtask"="c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe" [2004-01-26 53248]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 132496]
"Adobe Version Cue CS2"="C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe" [2005-04-04 856064]
"Acrobat Assistant 7.0"="C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe" [2008-04-23 483328]
"Lexmark 1200 Series"="C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe" [2006-03-16 57344]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-12-06 282624]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-09-11 218032]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-12-09 7311360]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-12-09 86016]
"High Definition Audio Property Page Shortcut"="HDAudPropShortcut.exe" [2004-03-17 C:\WINDOWS\system32\Hdaudpropshortcut.exe]
"nwiz"="nwiz.exe" [2005-12-09 C:\WINDOWS\system32\nwiz.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2007-03-06 5181440]

C:\Documents and Settings\HP_Owner\Start Menu\Programs\Startup\
HP Organize.lnk - C:\Program Files\Hewlett-Packard\HP Organize\bin\displayAgent.exe [2005-06-03 36864]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000002}\SC_Acrobat.exe [2006-12-08 25214]
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-24 29696]
AutoCAD Startup Accelerator.lnk - C:\Program Files\Common Files\Autodesk Shared\acstart16.exe [2005-03-05 10872]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-04 258048]
Updates from HP.lnk - C:\Program Files\Updates from HP\309731\Program\Updates from HP.exe [2005-06-03 45056]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 16:28 352256 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Updates from HP\\309731\\Program\\Updates from HP.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"= C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"= C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"= C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"C:\\Program Files\\Adobe\\Adobe Version Cue CS2\\bin\\VersionCueCS2.exe"=
"C:\\WINDOWS\\system32\\LEXPPS.EXE"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Microsoft Games\\Age of Empires II\\EMPIRES2.ICD"=
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

S3 DNINDIS5;DNINDIS5 NDIS Protocol Driver;C:\PROGRA~1\Belkin\BELKIN~1.11G\DNINDIS5.SYS [ ]
S3 jnv4_mib;jnv4_mib;C:\DOCUME~1\HP_Owner\LOCALS~1\Temp\jnv4_mib.sys [ ]
.
Contents of the 'Scheduled Tasks' folder

2007-05-30 C:\WINDOWS\Tasks\MP Scheduled Quick Scan.job
- C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MpCmdRun.exe []

2008-10-30 C:\WINDOWS\Tasks\User_Feed_Synchronization-{17F8DCFD-5593-4B5E-9D9B-2C0178A7F9F8}.job
- C:\WINDOWS\system32\msfeedssync.exe [2006-10-17 12:58]
.
- - - - ORPHANS REMOVED - - - -

URLSearchHooks-(Default) - (no file)
HKLM-Run-My Web Search Bar Search Scope Monitor - C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe
HKLM-Run-EIbminsprt310 - E:\Ibmins\prtStart.exe
HKLM-Run-Eibminsprt311 - E:\ibmins\prtStart.exe
HKLM-Run-OneCareUI - C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe
HKLM-Run-ANTIVIRUS - C:\Program Files\WAV\wav.exe
HKLM-Explorer_Run-smile - C:\Program Files\Applications\wcs.exe


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\HP_Owner\Application Data\Mozilla\Firefox\Profiles\2sizziyl.default\
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-30 00:08:58
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
.
**************************************************************************
.
Completion time: 2008-10-30 0:16:15 - machine was rebooted [HP_Owner]
ComboFix-quarantined-files.txt 2008-10-30 06:16:11

Pre-Run: 111,543,037,952 bytes free
Post-Run: 111,773,454,336 bytes free

219 --- E O F --- 2008-10-29 02:01:18
[ + quote]
xtend
Newbie
_ 		30. October 2008 @ 12:00 _ Link to this message    Send private message to this user   
run combo fix and smitfraud fix in safe mode . then run spybot 1.4 with all of the updates downloaded except any that mention 1.6 .in other words don't update to 1.6 on spybot . it will run in safe mode or normal mode .you can use hijack this if need be also undll from nod32 works very well .
[ + quote]
Advertisement
_ 		__
 
_
cdavfrew
Senior Member
_ 		31. October 2008 @ 02:30 _ Link to this message    Send private message to this user   
Hey brinnybug

Please post a new HijackThis log, and then tell me what problems you have left. It looks like Combofix and Superantispyware together took out most of your malware.

Best Regards :D

PS: No offense to xtend, but please ignore xtend's advice.
[ + quote]
Life is but a dream; you dont feel any pain unless you want to or you fall off the bed.
Success is relative; the more success the more relatives.
A computer once beat me at chess, but it was no match for me at kickboxing.
To be or not to be; thats a dumb question.

afterdawn.com > forums > software, operating systems and more > windows - virus and spyware problems > win av virus
 

Digital video: AfterDawn.com | AfterDawn Forums
Music: MP3Lizard.com
Gaming: Blasteroids.com | Blasteroids Forums | Compare game prices
Software: Software downloads
Blogs: User profile pages
RSS feeds: AfterDawn.com News | Software updates | AfterDawn Forums
International: AfterDawn in Finnish | AfterDawn in Swedish | AfterDawn in Norwegian | download.fi
Navigate: Search | Site map
About us: About AfterDawn Ltd | Advertise on our sites | Rules, Restrictions, Legal disclaimer & Privacy policy
Contact us: Send feedback | Contact our media sales team
 
  © 1999-2025 by AfterDawn Ltd.

  IDG TechNetwork