FixIEDef Copyright (c) 2007-2008 ShadowPuterDude Change Log [2008-07-22] 1.5.1.6012 Registry: [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{401F4B6B-3C36-4E8D-BC07-F46FC6D67D9A}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{401F4B6B-3C36-4E8D-BC07-F46FC6D67D9A}] [2008-07-20] 1.5.1.6010 Files: %SystemDir%\IE_fil.dll %SystemDir%\IE_filter.dll %SystemDir%\IE_flt.dll %SystemDir%\iefil.dll %SystemDir%\iefilter.dll %SystemDir%\ieflt.dll %SystemDir%\iexfil.dll %SystemDir%\iexfilter.dll %SystemDir%\iexflt.dll Registry: [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F65E955E-26C0-42FF-8EE2-443A05EA286A}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F65E955E-26C0-42FF-8EE2-443A05EA286A}] [2008-07-19] 1.5.1.5999 Registry: [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7D76D0EB-AE56-4DF4-AFFC-20AFF4344AC6}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D76D0EB-AE56-4DF4-AFFC-20AFF4344AC6}] [2008-07-18] 1.5.1.5997 Files: %SystemDir%\tbs.dll %SystemDir%\tbsch.dll %SystemDir%\tbsrch.dll %SystemDir%\tbrs.dll %SystemDir%\tbrsch.dll %SystemDir%\tbrsrch.dll %SystemDir%\toolbars.dll %SystemDir%\toolbarsch.dll %SystemDir%\toolbarsrch.dll Registry: [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19B8572F-894F-41E0-9309-00091B688905}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{19B8572F-894F-41E0-9309-00091B688905}] [2008-07-15] 1.5.0.5987 Bug fix - Terminates all instances of Internet Explorer that are running. Before only closed the first instance of Internet Explorer. Bug fix - Terminates all instances of Explorer that are running. Before only closed the the first instance of Explorer. Bug fix - Explorer stays terminated until scan is finished. Terminates all instances of Firefox that are running. Terminates all instances of Opera that are running. Registry: [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4AD3A71E-8ED4-40F5-9A81-69245BDCBB75}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4AD3A71E-8ED4-40F5-9A81-69245BDCBB75}] [2008-07-14] 1.4.20.5985 Registry: [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB055111-4F4F-4730-ADC5-C40EBBFF6E67}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DB055111-4F4F-4730-ADC5-C40EBBFF6E67}] 1.4.20.5983 Files: %SystemDir%\AswBHO.dll %SystemDir%\RichVideoCodec.dll Registry: [-HKEY_CURRENT_USER\Software\RichVideoCodec] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\aswbho.aswplugin] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\aswbho.aswplugin.1] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bhonew.bho] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bhonew.bho.1] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\richvideocodec.videocodec] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\richvideocodec.videocodec.1] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RichVideoCodec.XMLDOMDocumentEventsSi.1] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RichVideoCodec.XMLDOMDocumentEventsSink] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\AswBHO.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\RichVideoCodec.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{A85A2972-D35F-4089-86AE-83DFEF054E23}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{284AAAD9-FDF9-49A3-93ED-9CAE4AA26805}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35DA02A8-1D27-43EB-8088-3210521AA154}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B2DBC9D-7D49-48F4-8DDC-1B15415FF253}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{926A61C9-5C20-4583-ACA7-ACE21088816E}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{949859A7-EB1F-400D-BDBC-C48238BDF788}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB3B8AF6-8886-4525-AAE9-339DA17E23C7}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{11446072-F8F2-4C03-8A8A-D337AD2B13F2}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BAF84F6B-038B-40E2-9688-1E3BF20988D8}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{0EF350A6-8AF0-40B5-ADE7-CB82FD02C3AE}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F8ADE252-1BBA-4FC0-8A0C-3E6E164E13C8}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{284AAAD9-FDF9-49A3-93ED-9CAE4AA26805}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{926A61C9-5C20-4583-ACA7-ACE21088816E}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{949859A7-EB1F-400D-BDBC-C48238BDF788}] [2008-07-11] 1.4.20.5956 Files: %SystemDir%\ie_f.dll %SystemDir%\iefl.dll %SystemDir%\iefltr.dll %SystemDir%\iexp_f.dll %SystemDir%\iexpfl.dll %SystemDir%\iexpfltr.dll %SystemDir%\inte_f.dll %SystemDir%\intefl.dll %SystemDir%\intefltr.dll Registry: [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B2AE9C0-1555-4C92-905A-531532F15698}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B2AE9C0-1555-4C92-905A-531532F15698}] [2008-07-10] 1.4.20.5944 Registry: [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFE59EC6-5491-4EF3-BA0D-77B0D895B4F7}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFE59EC6-5491-4EF3-BA0D-77B0D895B4F7}] [2008-07-09] 1.4.20.5942 Registry: [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6DDBF417-0774-46AD-940B-6A4D9A039407}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6DDBF417-0774-46AD-940B-6A4D9A039407}] [2008-07-08] 1.4.20.5940 Files: %ProgramFilesDir%\ieantispyware\ieas.exe %ProgramFilesDir%\ieantispyware\ieas.db2 %ProgramFilesDir%\ieantispyware\ieas.db3 %ProgramFilesDir%\ieantispyware\uninst.exe %ProgramsDir%\ie antispyware ?.?.lnk %DesktopDir%\ie antispyware ?.?.lnk %SystemDir%\eps32.dll %SystemDir%\epsbho.dll %SystemDir%\epsdrv.dll %SystemDir%\epson32.dll %SystemDir%\epsonbho.dll %SystemDir%\epsondrv.dll %SystemDir%\navf.dll %SystemDir%\navfilter.dll %SystemDir%\navflt.dll %SystemDir%\nvf.dll %SystemDir%\nvfilter.dll %SystemDir%\nvflt.dll %SystemDir%\nvgf.dll %SystemDir%\nvgfilter.dll %SystemDir%\nvgflt.dll Folders: %ProgramFilesDir%\ieantispyware Registry: [-HKEY_CURRENT_USER\SOFTWARE\ieantispyware] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1AB6932F-92FE-42E6-870C-544AE458EA78}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{87FD33C2-7891-45D5-ACD1-7935F9AEA26B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1AB6932F-92FE-42E6-870C-544AE458EA78}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87FD33C2-7891-45D5-ACD1-7935F9AEA26B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ie antispyware] [2008-07-05] 1.4.20.5916 Files: %SystemDir%\ant_sr.dll %SystemDir%\ant_ss.dll %SystemDir%\antsafe.dll %SystemDir%\avg_sr.dll %SystemDir%\avg_ss.dll %SystemDir%\avgsafe.dll %SystemDir%\avira_sr.dll %SystemDir%\avira_ss.dll %SystemDir%\avirasafe.dll Registry: [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1C1B8A44-61FE-411E-8F33-813A4E2E2984}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C1B8A44-61FE-411E-8F33-813A4E2E2984}] [2008-07-03] 1.4.20.5905 Files: %SystemDir%\agin_bho.dll %SystemDir%\agino32.dll %SystemDir%\agintas.dll %SystemDir%\snop_bho.dll %SystemDir%\snopo32.dll %SystemDir%\snoptas.dll %SystemDir%\wdol_bho.dll %SystemDir%\wdolo32.dll %SystemDir%\wdoltas.dll Registry: [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E014A78F-34DC-4BE5-83BB-58CA12E384B6}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E014A78F-34DC-4BE5-83BB-58CA12E384B6}] [2008-07-02] 1.4.20.5893 Files: %SystemDir%\diga32.dll %SystemDir%\digarox.dll %SystemDir%\digonyx.dll %SystemDir%\psa32.dll %SystemDir%\psarox.dll %SystemDir%\psonyx.dll %SystemDir%\sla32.dll %SystemDir%\slarox.dll %SystemDir%\slonyx.dll Registry: [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6D0386B3-FD72-488E-9740-90355AE21735}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D0386B3-FD72-488E-9740-90355AE21735}] [2008-06-30] 1.4.20.5882 Privilege escalation to that of Administrator added back. Registry: [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B1892F58-1116-4DEC-92AA-577872EC3D3D}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B1892F58-1116-4DEC-92AA-577872EC3D3D}] [2008-06-28] 1.4.19.5880 Files: %SystemDir%\asc94.dll %SystemDir%\ascadio.dll %SystemDir%\ascisys.dll %SystemDir%\domsys.dll %SystemDir%\domview.dll %SystemDir%\domwin.dll %SystemDir%\dop94.dll %SystemDir%\dopadio.dll %SystemDir%\dopisys.dll %SystemDir%\f_sys.dll %SystemDir%\f_view.dll %SystemDir%\f_win.dll %SystemDir%\ks94.dll %SystemDir%\ksadio.dll %SystemDir%\ksisys.dll %SystemDir%\losowa nazwa.dll %SystemDir%\oggsys.dll %SystemDir%\oggview.dll %SystemDir%\oggwin.dll %SystemDir%\om_syssys.dll %SystemDir%\om_sysview.dll %SystemDir%\om_syswin.dll %SystemDir%\xmlsys.dll %SystemDir%\xmlview.dll %SystemDir%\xmlwin.dll %SystemDir%\z_sys.dll %SystemDir%\z_view.dll %SystemDir%\z_win.dll Registry: [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AE578E0-6DF5-41E0-869F-F65A32D2F6BD}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8AE578E0-6DF5-41E0-869F-F65A32D2F6BD}] [2008-06-23] 1.4.19.5850 Files: %SystemDir%\nada16.dll %SystemDir%\nada32.dll %SystemDir%\nada64.dll %SystemDir%\opus16.dll %SystemDir%\opus32.dll %SystemDir%\opus64.dll %SystemDir%\sigma16.dll %SystemDir%\sigma32.dll %SystemDir%\sigma64.dll Registry: [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4937D5D1-2039-409A-BD83-FEC9B39B2356}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{15C7D7AD-A87A-4C0D-9D8B-637FCD3488EF}] [2008-06-20] 1.4.19.5838 Files: %SystemDir%\codef.dll %SystemDir%\coni.dll %SystemDir%\copol.dll %SystemDir%\dadef.dll %SystemDir%\dani.dll %SystemDir%\dapol.dll %SystemDir%\idef.dll %SystemDir%\ini.dll %SystemDir%\ipol.dll Registry: [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{28F51CDA-3BD1-4F06-8F7B-2A881411983F}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2FF811E6-8925-4084-A649-C159955E67E8}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\browser helper objects\{28F51CDA-3BD1-4F06-8F7B-2A881411983F}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\browser helper objects\{2FF811E6-8925-4084-A649-C159955E67E8}] [2008-06-17] 1.4.19.5828 Files: %ProgramsCommonDir%\Malware Protector 2008\How to Register Malware Protector 2008.lnk %ProgramsCommonDir%\Malware Protector 2008\License Agreement.lnk %ProgramsCommonDir%\Malware Protector 2008\Malware Protector 2008.lnk %ProgramsCommonDir%\Malware Protector 2008\Register Malware Protector 2008.lnk %ProgramsCommonDir%\Malware Protector 2008\Uninstall.lnk %ProgramsCommonDir%\Malware Protector 2008.lnk %DesktopCommonDir%\Malware Protector 2008.lnk %AppData%\004849935f13e2079a2977247caf87ffb588545d7c2768b88f.dat %AppData%\shc3skj0ee89\*.* %AppData%\shc3skj0ee89\Quarantine\*.* %AppData%\Microsoft\Internet Explorer\Quick Launch\Malware Protector 2008.lnk %UserProfileDir%\Local Settings\Temp\.tt1.tmp %UserProfileDir%\Local Settings\Temp\.tt2.tmp %UserProfileDir%\Local Settings\Temp\.tt4.tmp %UserProfileDir%\Local Settings\Temp\.tt17D.tmp %ProgramFiles%\shc3skj0ee89\database.dat %ProgramFiles%\shc3skj0ee89\license.txt %ProgramFiles%\shc3skj0ee89\MFC71.dll %ProgramFiles%\shc3skj0ee89\MFC71ENU.DLL %ProgramFiles%\shc3skj0ee89\msvcp71.dll %ProgramFiles%\shc3skj0ee89\msvcr71.dll %ProgramFiles%\shc3skj0ee89\shc3skj0ee89.exe %ProgramFiles%\shc3skj0ee89\shc3skj0ee89.exe.local %ProgramFiles%\shc3skj0ee89\shc3skj0ee89skin.dll %ProgramFiles%s\shc3skj0ee89\Uninstall.exe %WindowsDir%\V0330Mon.exe %WindowsDir%\bak\V0330Mon.exe %WindowsDir%\Downloaded Program Files\setup.inf %SystemDir%\100.tmp %SystemDir%\103.tmp %SystemDir%\106.tmp %SystemDir%\109.tmp %SystemDir%\10C.tmp %SystemDir%\10F.tmp %SystemDir%\112.tmp %SystemDir%\115.tmp %SystemDir%\118.tmp %SystemDir%\11B.tmp %SystemDir%\11E.tmp %SystemDir%\121.tmp %SystemDir%\124.tmp %SystemDir%\127.tmp %SystemDir%\12A.tmp %SystemDir%\12D.tmp %SystemDir%\130.tmp %SystemDir%\133.tmp %SystemDir%\136.tmp %SystemDir%\139.tmp %SystemDir%\13C.tmp %SystemDir%\13F.tmp %SystemDir%\142.tmp %SystemDir%\145.tmp %SystemDir%\148.tmp %SystemDir%\14B.tmp %SystemDir%\14E.tmp %SystemDir%\151.tmp %SystemDir%\154.tmp %SystemDir%\157.tmp %SystemDir%\15A.tmp %SystemDir%\15D.tmp %SystemDir%\160.tmp %SystemDir%\163.tmp %SystemDir%\166.tmp %SystemDir%\169.tmp %SystemDir%\16C.tmp %SystemDir%\16F.tmp %SystemDir%\172.tmp %SystemDir%\195.tmp %SystemDir%\1A0.tmp %SystemDir%\1A3.tmp %SystemDir%\1A6.tmp %SystemDir%\1A9.tmp %SystemDir%\1B0.tmp %SystemDir%\1B3.tmp %SystemDir%\1B6.tmp %SystemDir%\1B9.tmp %SystemDir%\1BC.tmp %SystemDir%\1BF.tmp %SystemDir%\1C2.tmp %SystemDir%\1C5.tmp %SystemDir%\1C8.tmp %SystemDir%\1CB.tmp %SystemDir%\1CE.tmp %SystemDir%\1D1.tmp %SystemDir%\1D4.tmp %SystemDir%\2F.tmp %SystemDir%\9.tmp %SystemDir%\bapdfan.dll %SystemDir%\bapdfim.dll %SystemDir%\bapdfo.dll %SystemDir%\baplsan.dll %SystemDir%\baplsim.dll %SystemDir%\baplso.dll %SystemDir%\basdgan.dll %SystemDir%\basdgim.dll %SystemDir%\basdgo.dll %SystemDir%\blphc5skj0ee89.scr %SystemDir%\bopdfan.dll %SystemDir%\bopdfim.dll %SystemDir%\bopdfo.dll %SystemDir%\boplsan.dll %SystemDir%\boplsim.dll %SystemDir%\boplso.dll %SystemDir%\bosdgan.dll %SystemDir%\bosdgim.dll %SystemDir%\bosdgo.dll %SystemDir%\bupdfan.dll %SystemDir%\bupdfim.dll %SystemDir%\bupdfo.dll %SystemDir%\buplsan.dll %SystemDir%\buplsim.dll %SystemDir%\buplso.dll %SystemDir%\busdgan.dll %SystemDir%\busdgim.dll %SystemDir%\busdgo.dll %SystemDir%\C.tmp %SystemDir%\cecolgda.dll %SystemDir%\cecolgdo.dll %SystemDir%\cecolgdy.dll %SystemDir%\cecolnsa.dll %SystemDir%\cecolnso.dll %SystemDir%\cecolnsy.dll %SystemDir%\cecolpda.dll %SystemDir%\cecolpdo.dll %SystemDir%\cecolpdy.dll %SystemDir%\cedifgda.dll %SystemDir%\cedifgdo.dll %SystemDir%\cedifgdy.dll %SystemDir%\cedifnsa.dll %SystemDir%\cedifnso.dll %SystemDir%\cedifnsy.dll %SystemDir%\cedifpda.dll %SystemDir%\cedifpdo.dll %SystemDir%\cedifpdy.dll %SystemDir%\cmd.pif %SystemDir%\command.pif %SystemDir%\cosysgda.dll %SystemDir%\cosysgdo.dll %SystemDir%\cosysgdy.dll %SystemDir%\cosysnsa.dll %SystemDir%\cosysnso.dll %SystemDir%\cosysnsy.dll %SystemDir%\cosyspda.dll %SystemDir%\cosyspdo.dll %SystemDir%\cosyspdy.dll %SystemDir%\dr.pif %SystemDir%\EC.tmp %SystemDir%\EF.tmp %SystemDir%\F.tmp %SystemDir%\F4.tmp %SystemDir%\F7.tmp %SystemDir%\FA.tmp %SystemDir%\FD.tmp %SystemDir%\lphc5skj0ee89.exe %SystemDir%\papdfan.dll %SystemDir%\papdfim.dll %SystemDir%\papdfo.dll %SystemDir%\paplsan.dll %SystemDir%\paplsim.dll %SystemDir%\paplso.dll %SystemDir%\pasdgan.dll %SystemDir%\pasdgim.dll %SystemDir%\pasdgo.dll %SystemDir%\phc5skj0ee89.bmp %SystemDir%\popdfan.dll %SystemDir%\popdfim.dll %SystemDir%\popdfo.dll %SystemDir%\poplsan.dll %SystemDir%\poplsim.dll %SystemDir%\poplso.dll %SystemDir%\posdgan.dll %SystemDir%\posdgim.dll %SystemDir%\posdgo.dll %SystemDir%\pupdfan.dll %SystemDir%\pupdfim.dll %SystemDir%\pupdfo.dll %SystemDir%\puplsan.dll %SystemDir%\puplsim.dll %SystemDir%\puplso.dll %SystemDir%\pusdgan.dll %SystemDir%\pusdgim.dll %SystemDir%\pusdgo.dll %SystemDir%\secolgda.dll %SystemDir%\secolgdo.dll %SystemDir%\secolgdy.dll %SystemDir%\secolnsa.dll %SystemDir%\secolnso.dll %SystemDir%\secolnsy.dll %SystemDir%\secolpda.dll %SystemDir%\secolpdo.dll %SystemDir%\secolpdy.dll %SystemDir%\sedifgda.dll %SystemDir%\sedifgdo.dll %SystemDir%\sedifgdy.dll %SystemDir%\sedifnsa.dll %SystemDir%\sedifnso.dll %SystemDir%\sedifnsy.dll %SystemDir%\sedifpda.dll %SystemDir%\sedifpdo.dll %SystemDir%\sedifpdy.dll %SystemDir%\sosysgda.dll %SystemDir%\sosysgdo.dll %SystemDir%\sosysgdy.dll %SystemDir%\sosysnsa.dll %SystemDir%\sosysnso.dll %SystemDir%\sosysnsy.dll %SystemDir%\sosyspda.dll %SystemDir%\sosyspdo.dll %SystemDir%\sosyspdy.dll %SystemDir%\sysrest.sys %SystemDir%\tapdfan.dll %SystemDir%\tapdfim.dll %SystemDir%\tapdfo.dll %SystemDir%\taplsan.dll %SystemDir%\taplsim.dll %SystemDir%\taplso.dll %SystemDir%\tasdgan.dll %SystemDir%\tasdgim.dll %SystemDir%\tasdgo.dll %SystemDir%\topdfan.dll %SystemDir%\topdfim.dll %SystemDir%\topdfo.dll %SystemDir%\toplsan.dll %SystemDir%\toplsim.dll %SystemDir%\toplso.dll %SystemDir%\tosdgan.dll %SystemDir%\tosdgim.dll %SystemDir%\tosdgo.dll %SystemDir%\tupdfan.dll %SystemDir%\tupdfim.dll %SystemDir%\tupdfo.dll %SystemDir%\tuplsan.dll %SystemDir%\tuplsim.dll %SystemDir%\tuplso.dll %SystemDir%\tusdgan.dll %SystemDir%\tusdgim.dll %SystemDir%\tusdgo.dll %SystemDir%\V0330Cvw.dll %SystemDir%\xecolgda.dll %SystemDir%\xecolgdo.dll %SystemDir%\xecolgdy.dll %SystemDir%\xecolnsa.dll %SystemDir%\xecolnso.dll %SystemDir%\xecolnsy.dll %SystemDir%\xecolpda.dll %SystemDir%\xecolpdo.dll %SystemDir%\xecolpdy.dll %SystemDir%\xedifgda.dll %SystemDir%\xedifgdo.dll %SystemDir%\xedifgdy.dll %SystemDir%\xedifnsa.dll %SystemDir%\xedifnso.dll %SystemDir%\xedifnsy.dll %SystemDir%\xedifpda.dll %SystemDir%\xedifpdo.dll %SystemDir%\xedifpdy.dll %SystemDir%\xosysgda.dll %SystemDir%\xosysgdo.dll %SystemDir%\xosysgdy.dll %SystemDir%\xosysnsa.dll %SystemDir%\xosysnso.dll %SystemDir%\xosysnsy.dll %SystemDir%\xosyspda.dll %SystemDir%\xosyspdo.dll %SystemDir%\xosyspdy.dll Folders: %ProgramsCommonDir%\Malware Protector 2008 %AppData%\shc3skj0ee89 %AppData%\shc3skj0ee89\Quarantine %ProgramFiles%\shc3skj0ee89 Services: sysrest.sys Registry: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System] "NoDispBackgroundPage"=- "NoDispScrSavPage"=- [-HKEY_LOCAL_MACHINE\software\shcev9j0e1b1] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BhoNew.BhoApp] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BhoNew.BhoApp.1] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5F920865-38C9-40DA-8FCF-D9DC83F84EC5}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BBEEBE4F-3EDA-40F4-A0AB-87593EE49C56}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{967A494A-6AEC-4555-9CAF-FA6EB00ACF91}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CAF9D798-C659-4B9B-8E19-EE27C3D04EE7}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{A8954909-1F0F-41A5-A7FA-3B376D69E226}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\browser helper objects\{5F920865-38C9-40DA-8FCF-D9DC83F84EC5}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\browser helper objects\{BBEEBE4F-3EDA-40F4-A0AB-87593EE49C56}] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "%SystemDir%\V0330Cvw.dll"=- "lphc5skj0ee89"=- "SMshc3skj0ee89"=- [-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\shcev9j0e1b1] [2008-06-13] 1.4.19.5100 Files: %SystemDrive%\0x0409.ini %SystemDrive%\new_log.html %DesktopDir%\Advanced XP Defender.lnk %DesktopDir%\Advanced XP Fixer.lnk %DesktopDir%\Find Drivers with DriverAgent.lnk %DesktopDir%\pac1F.tmp %DesktopDir%\pacB0.tmp %DesktopDir%\SystemDefender.lnk %AppDataDir%\ralyfev.exe %AllUsersAppDataDir%\famoma.bin %AllUsersAppDataDir%\mysi.db %AllUsersAppDataDir%\savequ.pif %AllUsersAppDataDir%\wehuhykyr.bat %ProgramFiles%\antiviirus.exe %ProgramFiles%\tmp1.exe %ProgramFiles%\tmp126593.exe %ProgramFiles%\tmp2.exe %ProgramFiles%\tmp97421.exe %ProgramFiles%\tmp98218.exe %CommonProgramFiles%\debanogado.ban %CommonProgramFiles%\ekudatasug.pif %ProgramFiles%\XPSecurityCenter\xpsecuritycenter.exe %WinDir%\bapost8x.dll %WinDir%\bapost16a.dll %WinDir%\bapost32.dll %WinDir%\basant8x.dll %WinDir%\basant16a.dll %WinDir%\basant32.dll %WinDir%\basect8x.dll %WinDir%\basect16a.dll %WinDir%\basect32.dll %WinDir%\bopost8x.dll %WinDir%\bopost16a.dll %WinDir%\bopost32.dll %WinDir%\bosant8x.dll %WinDir%\bosant16a.dll %WinDir%\bosant32.dll %WinDir%\bosect8x.dll %WinDir%\bosect16a.dll %WinDir%\bosect32.dll %WinDir%\bupost8x.dll %WinDir%\bupost16a.dll %WinDir%\bupost32.dll %WinDir%\busant8x.dll %WinDir%\busant16a.dll %WinDir%\busant32.dll %WinDir%\busect8x.dll %WinDir%\busect16a.dll %WinDir%\busect32.dll %WinDir%\papost8x.dll %WinDir%\papost16a.dll %WinDir%\papost32.dll %WinDir%\pasant8x.dll %WinDir%\pasant16a.dll %WinDir%\pasant32.dll %WinDir%\pasect8x.dll %WinDir%\pasect16a.dll %WinDir%\pasect32.dll %WinDir%\popost8x.dll %WinDir%\popost16a.dll %WinDir%\popost32.dll %WinDir%\posant8x.dll %WinDir%\posant16a.dll %WinDir%\posant32.dll %WinDir%\posect8x.dll %WinDir%\posect16a.dll %WinDir%\posect32.dll %WinDir%\pupost8x.dll %WinDir%\pupost16a.dll %WinDir%\pupost32.dll %WinDir%\pusant8x.dll %WinDir%\pusant16a.dll %WinDir%\pusant32.dll %WinDir%\pusect8x.dll %WinDir%\pusect16a.dll %WinDir%\pusect32.dll %WinDir%\tapost8x.dll %WinDir%\tapost16a.dll %WinDir%\tapost32.dll %WinDir%\tasant8x.dll %WinDir%\tasant16a.dll %WinDir%\tasant32.dll %WinDir%\tasect8x.dll %WinDir%\tasect16a.dll %WinDir%\tasect32.dll %WinDir%\topost8x.dll %WinDir%\topost16a.dll %WinDir%\topost32.dll %WinDir%\tosant8x.dll %WinDir%\tosant16a.dll %WinDir%\tosant32.dll %WinDir%\tosect8x.dll %WinDir%\tosect16a.dll %WinDir%\tosect32.dll %WinDir%\tupost8x.dll %WinDir%\tupost16a.dll %WinDir%\tupost32.dll %WinDir%\tusant8x.dll %WinDir%\tusant16a.dll %WinDir%\tusant32.dll %WinDir%\tusect8x.dll %WinDir%\tusect16a.dll %WinDir%\tusect32.dll %WinDir%\bafozu.dl %WinDir%\braviax.exe %WinDir%\cru629.dat %WinDir%\herinyt.dl %WinDir%\iqexejeloj._dl %WinDir%\sate._dl %WinDir%\timy.scr %WinDir%\tmark2.dat %WinDir%\xodonu._dl %WinDir%\ziwigipiv.dat %SystemDir%\braviax.exe %SystemDir%2\cru629.dat %SystemDir%\iSecurity.cpl %SystemDir%\mlJAqrst.dll %SystemDir%\mssrv32.exe %SystemDir%\NmoqBJjl.ini %SystemDir%\NmoqBJjl.ini2 %SystemDir%\oleefdtg.ini %SystemDir%\pkiirips.ini %SystemDir%\rjqpapil.ini %SystemDir%\univrs32.dat %SystemDir%\Win.dll %SystemDir%\WinCtrl32_0001.dll %SystemDir%\winivstr.exe %SystemDir%\WLCtrl32.dll %SystemDir%\xxyyaXpQ.dll %SystemDir%\drivers\aeH02.sys %SystemDir%\drivers\Twa13.sys %SystemDir%\drivers\vaD82.sys %SystemDir%\drivers\wbD25.sys %WinDir%\Temp\23ilqu41.TMP %WinDir%\Temp\BN2.tmp %WinDir%\Temp\BN3.tmp %WinDir%\Temp\BN4.tmp %WinDir%\Temp\BN5.tmp %WinDir%\Temp\BN8.tmp %WinDir%\Temp\BN9.tmp Folders: %SystemDrive%\iSecurity %ProgramFiles%\iSecurity %ProgramFiles%\XPSecurityCenter %SystemDir%\247880 %SystemDir%\818646 %SystemDir%\824223 %SystemDir%\905757 Services: Microsoft security update service (msupdate) Registry: [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "braviax"=- "Igah"=- "iSecurity applet"=- "KernelFaultCheck"=- "xpsecuritycenter"=- [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "iSecurity"=- "PreBootCheck"=- "UnknownMon"=- [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mlJAqrst] [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WinCtrl32] [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WLCtrl32] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ie.ieplugin] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bapost8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bapost16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bapost32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\basant8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\basant16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\basant32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\basect8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\basect16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\basect32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bopost8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bopost16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bopost32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bosant8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bosant16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bosant32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bosect8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bosect16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bosect32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bupost8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bupost16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bupost32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\busant8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\busant16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\busant32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\busect8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\busect16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\busect32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\papost8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\papost16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\papost32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pasant8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pasant16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pasant32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pasect8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pasect16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pasect32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\popost8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\popost16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\popost32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\posant8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\posant16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\posant32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\posect8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\posect16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\posect32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pupost8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pupost16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pupost32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pusant8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pusant16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pusant32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pusect8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pusect16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pusect32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tapost8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tapost16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tapost32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tasant8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tasant16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tasant32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tasect8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tasect16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tasect32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\topost8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\topost16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\topost32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tosant8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tosant16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tosant32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tosect8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tosect16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tosect32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tupost8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tupost16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tupost32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tusant8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tusant16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tusant32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tusect8x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tusect16a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tusect32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1FBC6925-90A0-404E-83E6-F0FBCC7AD034}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{43D65102-A7BE-4C88-9737-44D2AD81394A}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{465DACD9-7035-4824-AE3E-F883EBE97261}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{50AB4474-F8B5-4F66-BAC5-4251E765B827}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{64C94B46-1079-4C75-BE9B-380F6AE7624C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{67EE7798-F2A0-415C-9473-0F174BD5A8B8}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7DBF8390-552B-4D55-9F62-00D032032691}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{94EDC7BA-1D2A-4DEA-9199-1DEB916BD6F6}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B095AF15-2FB6-4239-95AD-D1E27ECC11C7}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D12A16B5-7FAA-43E8-B9AA-183E76F3FF13}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D3E7C926-6B3C-4F88-8113-AD357C2E208F}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{E913BA95-1ADE-4D25-AC0E-E27BD8E1E43D}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1FBC6925-90A0-404E-83E6-F0FBCC7AD034}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{43D65102-A7BE-4C88-9737-44D2AD81394A}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{465DACD9-7035-4824-AE3E-F883EBE97261}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{50AB4474-F8B5-4F66-BAC5-4251E765B827}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64C94B46-1079-4C75-BE9B-380F6AE7624C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67EE7798-F2A0-415C-9473-0F174BD5A8B8}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7DBF8390-552B-4D55-9F62-00D032032691}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{94EDC7BA-1D2A-4DEA-9199-1DEB916BD6F6}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B095AF15-2FB6-4239-95AD-D1E27ECC11C7}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D12A16B5-7FAA-43E8-B9AA-183E76F3FF13}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3E7C926-6B3C-4F88-8113-AD357C2E208F}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E913BA95-1ADE-4D25-AC0E-E27BD8E1E43D}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{16C65D96-EF19-4439-A6EA-F73A8BEC4DF0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5FD23A1E-7BE2-468E-BBFC-A35447122211}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{82B7DF18-4A9E-42C3-A9AB-B95EF71A7B68}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5FD23A1E-7BE2-468E-BBFC-A35447122210}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6549E485-C533-4E58-BA92-9FBCD2F6E839}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{ABCD178D-419C-442C-9793-88D136C037E6}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FBC6925-90A0-404E-83E6-F0FBCC7AD034}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{43D65102-A7BE-4C88-9737-44D2AD81394A}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{465DACD9-7035-4824-AE3E-F883EBE97261}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50AB4474-F8B5-4F66-BAC5-4251E765B827}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64C94B46-1079-4C75-BE9B-380F6AE7624C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67EE7798-F2A0-415C-9473-0F174BD5A8B8}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DBF8390-552B-4D55-9F62-00D032032691}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{94EDC7BA-1D2A-4DEA-9199-1DEB916BD6F6}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B095AF15-2FB6-4239-95AD-D1E27ECC11C7}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D12A16B5-7FAA-43E8-B9AA-183E76F3FF13}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3E7C926-6B3C-4F88-8113-AD357C2E208F}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E913BA95-1ADE-4D25-AC0E-E27BD8E1E43D}] [2008-06-04] 1.4.16.4411 Files: %SystemDrive%\LOG000001.txt %DesktopDir%\antivirus-2008pro.lnk %DesktopDir%\Error Cleaner.url %DesktopDir%\Privacy Protector.url %DesktopDir%\Spyware&Malware Protection.url %Temp%\rbnpsrv.exe %ProgramFilesDir%\Antivirus 2008 PRO\antivirus-2008pro.exe %WinDir%\atfxqogp.dll %WinDir%\boqnrwdmble.dll %WinDir%\ekaf.exe %WinDir%\vltdfabw.dll %WinDir%\vregfwlx.dll %WinDir%\xmpstean.exe %SystemDir%\BHOVCfhk.ini %SystemDir%\BHOVCfhk.ini2 %SystemDir%\blackster.scr %SystemDir%\clkcnt.txt %SystemDir%\ctfmona.exe %SystemDir%\ctfmonb.bmp %SystemDir%\jejtcvqj.dll %SystemDir%\jqvctjej.ini %SystemDir%\kavo.exe %SystemDir%\kavo0.dll %SystemDir%\khfCVOHB.dll %SystemDir%\pmnmmLDt.dll %SystemDir%\tmp.reg %SystemDir%\tmp.txt %SystemDir%\WinCtrl32.dll %SystemDir%\WinCtrl32.dl_ %SystemDir%\wmvhfefx.ini %SystemDir%\xfefhvmw.dll %SystemDir%\drivers\kfK77.sys %WinDir%\TEMP\BN2.tmp %WinDir%\TEMP\BN3.tmp Folders: %ProgramFilesDir%\Antivirus 2008 PRO Services: Registry: [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "antivirus-2008pro.exe"=- "kava"=- [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{73AB9095-4904-4C64-83D8-01F9F7DDC41}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7EA5E375-6136-496E-9616-E03B4F9EA1C0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AAF635CA-04C2-4EBA-B022-3A2F95A05A62}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{C12FC24B-A7B9-487F-9603-5481EBF00C6F}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73AB9095-4904-4C64-83D8-01F9F7DDC41}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7EA5E375-6136-496E-9616-E03B4F9EA1C0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AAF635CA-04C2-4EBA-B022-3A2F95A05A62}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C12FC24B-A7B9-487F-9603-5481EBF00C6F}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{16C65D96-EF19-4439-A6EA-F73A8BEC4DF0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6549E485-C533-4E58-BA92-9FBCD2F6E839}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73AB9095-4904-4C64-83D8-01F9F7DDC41}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7EA5E375-6136-496E-9616-E03B4F9EA1C0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AAF635CA-04C2-4EBA-B022-3A2F95A05A62}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C12FC24B-A7B9-487F-9603-5481EBF00C6F}] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "antivirus-2008pro.exe"=- "kava"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{EC2B736E-2B50-4709-A63E-F69855335854}"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "3cfd4ca3"=- "advap32"=- "ctfmona"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] "vltdfabw"=- "vregfwlx"=- [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\pmnmmLDt] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WinCtrl32] [2008-05-29] 1.3.15.4335 Performs additional registry edits to ensure that certain registry keys that effect the viewing of hidden files, folders, and protected operating system files and folders have the correct default settings. Files: Folders: Services: Registry: [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{567462FE-24DF-44DC-9D49-D296CDB35844}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7B7F5ACA-0A87-4214-B867-7D9BC8F7EBF5}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{FD36BBE5-1AF4-47D3-8681-2214DD85E152}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{567462FE-24DF-44DC-9D49-D296CDB35844}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7B7F5ACA-0A87-4214-B867-7D9BC8F7EBF5}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD36BBE5-1AF4-47D3-8681-2214DD85E152}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E524CB90-D09F-4785-B3C6-FBD970F14DD5}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{64618114-CAC8-49A9-9462-85B863535410}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{567462FE-24DF-44DC-9D49-D296CDB35844}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7B7F5ACA-0A87-4214-B867-7D9BC8F7EBF5}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD36BBE5-1AF4-47D3-8681-2214DD85E152}] [2008-05-26] 1.3.14.4324 Files: %AppData%\Microsoft\Advisor\advsr.tools %AppData%\Microsoft\Advisor\Publish-NDTI.advisor %AppData%\Microsoft\Advisor\Publish-TBPD.advisor %AppData%\Microsoft\Defender\Microsoft-DDRN.Defender %AppData%\Microsoft\Publishes\Publish-ADLG.filter %AppData%\Microsoft\Publishes\Publish-ADNG.filter %AppData%\Microsoft\Publishes\Publish-BDQG.filter %AppData%\Microsoft\Publishes\Publish-JDNG.filter %AppData%\Microsoft\Publishes\Publish-PDCH.filter %AppData%\Microsoft\Publishes\Publish-RDSG.filter Folder: %AppData%\Microsoft\Advisor %AppData%\Microsoft\Defender %AppData%\Microsoft\Publishes Services: Regisry: [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Microsoft.Advisor] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Microsoft.Defender] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Microsoft.PublishFilters] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Microsoft.RXform] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bho.bho] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{45245B53-72FB-46CA-B5F5-ABA01D9B8E51}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{52AB58CE-9989-41BB-B117-F1BC71D6645A}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{616D534C-3CA8-43AB-B439-618F850F1D2B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{86CE7BAE-CA66-4C38-88BF-B10DAA62D97E}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{A54D5678-4AED-4952-AE73-C543F70B1F94}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D65BAC9F-6E32-4EBF-A50A-3F35A7122022}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F47FF447-48BA-4AD6-94EC-670E5717E3E6}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{FA1D47C4-E13F-4562-B23B-39EF9017BE8B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{45245B53-72FB-46CA-B5F5-ABA01D9B8E51}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{52AB58CE-9989-41BB-B117-F1BC71D6645A}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{616D534C-3CA8-43AB-B439-618F850F1D2B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86CE7BAE-CA66-4C38-88BF-B10DAA62D97E}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A54D5678-4AED-4952-AE73-C543F70B1F94}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D65BAC9F-6E32-4EBF-A50A-3F35A7122022}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F47FF447-48BA-4AD6-94EC-670E5717E3E6}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA1D47C4-E13F-4562-B23B-39EF9017BE8B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E18C3DAF-9841-4340-AFE9-27AB400650AB}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{E48C3DAF-9841-4345-AFE9-27AB400650AB}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45245B53-72FB-46CA-B5F5-ABA01D9B8E51}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{52AB58CE-9989-41BB-B117-F1BC71D6645A}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{616D534C-3CA8-43AB-B439-618F850F1D2B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{86CE7BAE-CA66-4C38-88BF-B10DAA62D97E}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A54D5678-4AED-4952-AE73-C543F70B1F94}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D65BAC9F-6E32-4EBF-A50A-3F35A7122022}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F47FF447-48BA-4AD6-94EC-670E5717E3E6}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FA1D47C4-E13F-4562-B23B-39EF9017BE8B}] [2008-05-18] 1.3.14.4280 Files: %WinDir%\apdogy.dll %WinDir%\apdops.dll %WinDir%\apdoxu.dll %WinDir%\apsagy.dll %WinDir%\apsaps.dll %WinDir%\apsaxu.dll %WinDir%\apunbegy.dll %WinDir%\apunbeps.dll %WinDir%\apunbexu.dll %WinDir%\ikdogy.dll %WinDir%\ikdops.dll %WinDir%\ikdoxu.dll %WinDir%\iksagy.dll %WinDir%\iksaps.dll %WinDir%\iksaxu.dll %WinDir%\ikunbegy.dll %WinDir%\ikunbeps.dll %WinDir%\ikunbexu.dll %WinDir%\oddogy.dll %WinDir%\oddops.dll %WinDir%\oddoxu.dll %WinDir%\odsagy.dll %WinDir%\odsaps.dll %WinDir%\odsaxu.dll %WinDir%\odunbegy.dll %WinDir%\odunbeps.dll %WinDir%\odunbexu.dll Folders: Services: Registry: [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\iebho.BHO] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\apdogy.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\apdops.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\apdoxu.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\apsagy.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\apsaps.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\apsaxu.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\apunbegy.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\apunbeps.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\apunbexu.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ikdogy.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ikdops.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ikdoxu.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\iksagy.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\iksaps.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\iksaxu.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ikunbegy.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ikunbeps.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ikunbexu.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\oddogy.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\oddops.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\oddoxu.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\odsagy.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\odsaps.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\odsaxu.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\odunbegy.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\odunbeps.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\odunbexu.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{09A26406-041E-4FF5-9A88-0574721445B4}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{5F841E5A-AA28-4037-BE7A-96E943E91F4D}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{DD556A76-A85E-4606-9239-40A8B9FC4ECB}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09A26406-041E-4FF5-9A88-0574721445B4}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5F841E5A-AA28-4037-BE7A-96E943E91F4D}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DD556A76-A85E-4606-9239-40A8B9FC4ECB}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{75E2CD3D-EBE9-4D27-8BD2-5449A900A092}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{120C9A20-4C1F-48A2-9BF9-16B30E02E366}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{09A26406-041E-4FF5-9A88-0574721445B4}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5F841E5A-AA28-4037-BE7A-96E943E91F4D}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DD556A76-A85E-4606-9239-40A8B9FC4ECB}] [2008-05-12] 1.3.14.4213 Files: %WinDir%\iebho.dll %WinDir%\losowa nazwa.dll Folders: Services: Registry: [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\iebho.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\losowa nazwa.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{21BC9DFA-3E14-4753-9CBD-16A009AE1144}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{597AED5A-2DEA-431D-BE7E-F03BAB2AFB15}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7445DC17-44B7-4818-A9CB-2BC24E67E8D7}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AC16362B-5EDF-4E46-B7F6-EC24BB76E8C4}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{CF9146DB-16F1-4B79-8DA1-EE14C55D5B06}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F8A0D89E-875F-41AF-83BE-6B5780224682}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21BC9DFA-3E14-4753-9CBD-16A009AE1144}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{597AED5A-2DEA-431D-BE7E-F03BAB2AFB15}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7445DC17-44B7-4818-A9CB-2BC24E67E8D7}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AC16362B-5EDF-4E46-B7F6-EC24BB76E8C4}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF9146DB-16F1-4B79-8DA1-EE14C55D5B06}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F8A0D89E-875F-41AF-83BE-6B5780224682}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21BC9DFA-3E14-4753-9CBD-16A009AE1144}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{597AED5A-2DEA-431D-BE7E-F03BAB2AFB15}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7445DC17-44B7-4818-A9CB-2BC24E67E8D7}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AC16362B-5EDF-4E46-B7F6-EC24BB76E8C4}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CF9146DB-16F1-4B79-8DA1-EE14C55D5B06}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F8A0D89E-875F-41AF-83BE-6B5780224682}] [2008-05-04] 1.3.14.4193 Files: %WinDir%\fas16.dll %WinDir%\fas32.dll %WinDir%\fas64.dll %WinDir%\fk16.dll %WinDir%\fk32.dll %WinDir%\fk64.dll %WinDir%\fop16.dll %WinDir%\fop32.dll %WinDir%\fop64.dll %WinDir%\pnas16.dll %WinDir%\pnas32.dll %WinDir%\pnas64.dll %WinDir%\pnk16.dll %WinDir%\pnk32.dll %WinDir%\pnk64.dll %WinDir%\pnop16.dll %WinDir%\pnop32.dll %WinDir%\pnop64.dll %WinDir%\vidas16.dll %WinDir%\vidas32.dll %WinDir%\vidas64.dll %WinDir%\vidk16.dll %WinDir%\vidk32.dll %WinDir%\vidk64.dll %WinDir%\vidop16.dll %WinDir%\vidop32.dll %WinDir%\vidop64.dll Folders: Services: Registry: [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\video.BHO] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\fas16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\fas32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\fas64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\fk16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\fk32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\fk64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\fop16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\fop32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\fop64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pnas16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pnas32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pnas64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pnk16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pnk32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pnk64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pnop16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pnop32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pnop64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\vidas16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\vidas32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\vidas64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\vidk16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\vidk32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\vidk64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\vidop16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\vidop32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\vidop64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{681147C4-D615-461A-960F-655871E315C3}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{681147C4-D615-461A-960F-655871E315C3}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{748742A2-159F-4DC7-8FD6-5E293708B4A7}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B48CAA94-24B2-475E-B6FF-A5D79C5FDEFD}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{681147C4-D615-461A-960F-655871E315C3}] 1.3.14.4132 Files: %WinDir%\onekad.dll %WinDir%\onekek.dll %WinDir%\onekus.dll %WinDir%\onenasad.dll %WinDir%\onenasek.dll %WinDir%\onenasus.dll %WinDir%\onepad.dll %WinDir%\onepek.dll %WinDir%\onepus.dll %WinDir%\ssvakad.dll %WinDir%\ssvakek.dll %WinDir%\ssvakus.dll %WinDir%\ssvanasad.dll %WinDir%\ssvanasek.dll %WinDir%\ssvanasus.dll %WinDir%\ssvapad.dll %WinDir%\ssvapek.dll %WinDir%\ssvapus.dll %WinDir%\unokad.dll %WinDir%\unokek.dll %WinDir%\unokus.dll %WinDir%\unonasad.dll %WinDir%\unonasek.dll %WinDir%\unonasus.dll %WinDir%\unopad.dll %WinDir%\unopek.dll %WinDir%\unopus.dll Folders: Services: Regitry: [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SSV.SSVHelper] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\onekad.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\onekek.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\onekus.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\onenasad.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\onenasek.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\onenasus.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\onepad.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\onepek.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\onepus.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ssvakad.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ssvakek.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ssvakus.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ssvanasad.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ssvanasek.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ssvanasus.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ssvapad.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ssvapek.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ssvapus.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unokad.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unokek.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unokus.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unonasad.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unonasek.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unonasus.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unopad.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unopek.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unopus.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69F6C0AE-0C78-4999-B6D1-62932A265C5D}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{907C8FB0-1205-4189-99C9-9E8DA884B0B0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{96488BA0-1A53-4583-8AC8-DB77560E8876}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69F6C0AE-0C78-4999-B6D1-62932A265C5D}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{907C8FB0-1205-4189-99C9-9E8DA884B0B0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96488BA0-1A53-4583-8AC8-DB77560E8876}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{96A48B57-D55D-4B03-895D-7EE0281D1929}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5522E65B-6538-431A-BDAF-0B096A3FDD1C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69F6C0AE-0C78-4999-B6D1-62932A265C5D}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{907C8FB0-1205-4189-99C9-9E8DA884B0B0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96488BA0-1A53-4583-8AC8-DB77560E8876}] [2008-04-28] 1.3.14.4055 Files: Folders: Services: Regitry: [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\cdx.VideoStream] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AC16362B-5EDF-4E46-B7F6-EC24BB76E8C4}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AC16362B-5EDF-4E46-B7F6-EC24BB76E8C4}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8107960D-7235-4DBF-A87F-F50D28643F94}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{74C9B719-AC3F-457F-9071-C858F1401C00}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AC16362B-5EDF-4E46-B7F6-EC24BB76E8C4}] [2008-04-27] 1.3.14.4048 Files: %WinDir%\kol.dll %WinDir%\kona.dll %WinDir%\konsal.dll %WinDir%\konsana.dll %WinDir%\konsarad.dll %WinDir%\korad.dll %WinDir%\ksol.dll %WinDir%\ksona.dll %WinDir%\ksorad.dll %WinDir%\olada16.dll %WinDir%\olada32.dll %WinDir%\olada64.dll %WinDir%\olade16.dll %WinDir%\olade32.dll %WinDir%\olade64.dll %WinDir%\olady16.dll %WinDir%\olady32.dll %WinDir%\olady64.dll %WinDir%\olida16.dll %WinDir%\olida32.dll %WinDir%\olida64.dll %WinDir%\olide16.dll %WinDir%\olide32.dll %WinDir%\olide64.dll %WinDir%\olidy16.dll %WinDir%\olidy32.dll %WinDir%\olidy64.dll %WinDir%\olona16.dll %WinDir%\olona32.dll %WinDir%\olona64.dll %WinDir%\olone16.dll %WinDir%\olone32.dll %WinDir%\olone64.dll %WinDir%\olony16.dll %WinDir%\olony32.dll %WinDir%\olony64.dll %WinDir%\podnre.dll %WinDir%\podnru.dll %WinDir%\podnry.dll %WinDir%\pokre.dll %WinDir%\pokru.dll %WinDir%\pokry.dll %WinDir%\ponsadnre.dll %WinDir%\ponsadnru.dll %WinDir%\ponsadnry.dll %WinDir%\ponsakre.dll %WinDir%\ponsakru.dll %WinDir%\ponsakry.dll %WinDir%\ponsaple.dll %WinDir%\ponsaplu.dll %WinDir%\ponsaply.dll %WinDir%\pople.dll %WinDir%\poplu.dll %WinDir%\poply.dll %WinDir%\psodnre.dll %WinDir%\psodnru.dll %WinDir%\psodnry.dll %WinDir%\psokre.dll %WinDir%\psokru.dll %WinDir%\psokry.dll %WinDir%\psople.dll %WinDir%\psoplu.dll %WinDir%\psoply.dll %WinDir%\siada16.dll %WinDir%\siada32.dll %WinDir%\siada64.dll %WinDir%\siade16.dll %WinDir%\siade32.dll %WinDir%\siade64.dll %WinDir%\siady16.dll %WinDir%\siady32.dll %WinDir%\siady64.dll %WinDir%\siida16.dll %WinDir%\siida32.dll %WinDir%\siida64.dll %WinDir%\siide16.dll %WinDir%\siide32.dll %WinDir%\siide64.dll %WinDir%\siidy16.dll %WinDir%\siidy32.dll %WinDir%\siidy64.dll %WinDir%\simku_de16.dll %WinDir%\simku_de32.dll %WinDir%\simku_de64.dll %WinDir%\simku_uk16.dll %WinDir%\simku_uk32.dll %WinDir%\simku_uk64.dll %WinDir%\simku_us16.dll %WinDir%\simku_us32.dll %WinDir%\simku_us64.dll %WinDir%\simop_de16.dll %WinDir%\simop_de32.dll %WinDir%\simop_de64.dll %WinDir%\simop_uk16.dll %WinDir%\simop_uk32.dll %WinDir%\simop_uk64.dll %WinDir%\simop_us16.dll %WinDir%\simop_us32.dll %WinDir%\simop_us64.dll %WinDir%\siona16.dll %WinDir%\siona32.dll %WinDir%\siona64.dll %WinDir%\sione16.dll %WinDir%\sione32.dll %WinDir%\sione64.dll %WinDir%\siony16.dll %WinDir%\siony32.dll %WinDir%\siony64.dll %WinDir%\todnre.dll %WinDir%\todnru.dll %WinDir%\todnry.dll %WinDir%\tokre.dll %WinDir%\tokru.dll %WinDir%\tokry.dll %WinDir%\tonsadnre.dll %WinDir%\tonsadnru.dll %WinDir%\tonsadnry.dll %WinDir%\tonsakre.dll %WinDir%\tonsakru.dll %WinDir%\tonsakry.dll %WinDir%\tonsaple.dll %WinDir%\tonsaplu.dll %WinDir%\tonsaply.dll %WinDir%\tople.dll %WinDir%\toplu.dll %WinDir%\toply.dll %WinDir%\tsodnre.dll %WinDir%\tsodnru.dll %WinDir%\tsodnry.dll %WinDir%\tsokre.dll %WinDir%\tsokru.dll %WinDir%\tsokry.dll %WinDir%\tsople.dll %WinDir%\tsoplu.dll %WinDir%\tsoply.dll %WinDir%\unada16.dll %WinDir%\unada32.dll %WinDir%\unada64.dll %WinDir%\unade16.dll %WinDir%\unade32.dll %WinDir%\unade64.dll %WinDir%\unady16.dll %WinDir%\unady32.dll %WinDir%\unady64.dll %WinDir%\unida16.dll %WinDir%\unida32.dll %WinDir%\unida64.dll %WinDir%\unide16.dll %WinDir%\unide32.dll %WinDir%\unide64.dll %WinDir%\unidy16.dll %WinDir%\unidy32.dll %WinDir%\unidy64.dll %WinDir%\unona16.dll %WinDir%\unona32.dll %WinDir%\unona64.dll %WinDir%\unone16.dll %WinDir%\unone32.dll %WinDir%\unone64.dll %WinDir%\unony16.dll %WinDir%\unony32.dll %WinDir%\unony64.dll %WinDir%\wokrerad.dll %WinDir%\wol.dll %WinDir%\wona.dll %WinDir%\wonsal.dll %WinDir%\wonsana.dll %WinDir%\wonsarad.dll %WinDir%\worad.dll %WinDir%\wsol.dll %WinDir%\wsona.dll %WinDir%\wsorad.dll %WinDir%\zodnre.dll %WinDir%\zodnru.dll %WinDir%\zodnry.dll %WinDir%\zokre.dll %WinDir%\zokru.dll %WinDir%\zokry.dll %WinDir%\zol.dll %WinDir%\zona.dll %WinDir%\zonsadnre.dll %WinDir%\zonsadnru.dll %WinDir%\zonsadnry.dll %WinDir%\zonsakre.dll %WinDir%\zonsakru.dll %WinDir%\zonsakry.dll %WinDir%\zonsal.dll %WinDir%\zonsana.dll %WinDir%\zonsaple.dll %WinDir%\zonsaplu.dll %WinDir%\zonsaply.dll %WinDir%\zonsarad.dll %WinDir%\zople.dll %WinDir%\zoplu.dll %WinDir%\zoply.dll %WinDir%\zorad.dll %WinDir%\zsodnru.dll %WinDir%\zsodnry.dll %WinDir%\zsokre.dll %WinDir%\zsokru.dll %WinDir%\zsokry.dll %WinDir%\zsol.dll %WinDir%\zsona.dll %WinDir%\zsople.dll %WinDir%\zsoplu.dll %WinDir%\zsoply.dll %WinDir%\zsorad.dll %WinDir%\ztsodnre.dll Folders: Services: Regitry: [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\cuskina.AVideo] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{04A67DA5-880B-452F-B193-463452C40B41}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{15977918-3A04-4982-8E45-EDC618371EBE}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{22FEDE76-4017-466D-BDE9-5D3E72EED32C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{414B0283-2228-4F26-8BB3-C2211FA99223}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{5BAD32E6-BB7B-4F57-BB1A-DB0F9C860C4A}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{95E1D855-9232-48F7-80D9-1ADB65B7939C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{BC37F38C-D37C-46FC-AC8D-93ABBCE72947}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{DA40137D-AE41-4148-BFEC-916B326D5BBD}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{E4DA88ED-E01E-4D88-ADC4-A3E1ED557C6A}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F039C188-D8C7-4B6E-B6CC-A5E789B11329}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F856BB9E-855B-498D-883E-3509C550A031}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\kol.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\kona.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\konsal.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\konsana.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\konsarad.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\korad.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ksol.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ksona.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ksorad.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olada16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olada32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olada64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olade16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olade32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olade64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olady16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olady32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olady64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olida16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olida32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olida64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olide16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olide32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olide64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olidy16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olidy32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olidy64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olona16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olona32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olona64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olone16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olone32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olone64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olony16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olony32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olony64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\podnre.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\podnru.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\podnry.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pokre.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pokru.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pokry.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ponsadnre.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ponsadnru.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ponsadnry.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ponsakre.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ponsakru.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ponsakry.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ponsaple.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ponsaplu.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ponsaply.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pople.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\poplu.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\poply.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\psodnru.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\psodnry.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\psokre.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\psokru.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\psokry.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\psople.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\psoplu.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\psoply.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ptsodnre.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siada16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siada32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siada64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siade16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siade32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siade64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siady16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siady32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siady64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siida16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siida32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siida64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siide16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siide32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siide64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siidy16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siidy32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siidy64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simku_de16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simku_de32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simku_de64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simku_uk16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simku_uk32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simku_uk64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simku_us16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simku_us32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simku_us64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simop_de16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simop_de32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simop_de64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simop_uk16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simop_uk32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simop_uk64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simop_us16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simop_us32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simop_us64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\todnre.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\todnru.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\todnry.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tokre.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tokru.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tokry.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tonsadnre.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tonsadnru.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tonsadnry.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tonsakre.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tonsakru.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tonsakry.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tonsaple.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tonsaplu.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tonsaply.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tople.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\toplu.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\toply.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tsodnre.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tsodnru.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tsodnry.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tsokre.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tsokru.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tsokry.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tsople.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tsoplu.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tsoply.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unada16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unada32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unada64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unade16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unade32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unade64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unady16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unady32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unady64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unida16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unida32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unida64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unide16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unide32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unide64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unidy16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unidy32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unidy64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unona16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unona32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unona64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unone16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unone32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unone64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unony16.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unony32.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unony64.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\wokrerad.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\wol.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\wona.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\wonsal.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\wonsana.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\wonsarad.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\worad.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\wsol.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\wsona.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\wsorad.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zokre.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zokru.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zokry.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zol.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zona.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zonsakre.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zonsakru.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zonsakry.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zonsal.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zonsana.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zonsaple.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zonsaplu.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zonsaply.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zonsarad.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zople.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zoplu.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zoply.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zorad.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zsokre.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zsokru.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zsokry.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zsol.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zsona.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zsople.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zsoplu.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zsoply.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zsorad.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04A67DA5-880B-452F-B193-463452C40B41}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{15977918-3A04-4982-8E45-EDC618371EBE}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22FEDE76-4017-466D-BDE9-5D3E72EED32C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{414B0283-2228-4F26-8BB3-C2211FA99223}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5BAD32E6-BB7B-4F57-BB1A-DB0F9C860C4A}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E1D855-9232-48F7-80D9-1ADB65B7939C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BC37F38C-D37C-46FC-AC8D-93ABBCE72947}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DA40137D-AE41-4148-BFEC-916B326D5BBD}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E4DA88ED-E01E-4D88-ADC4-A3E1ED557C6A}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F039C188-D8C7-4B6E-B6CC-A5E789B11329}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F856BB9E-855B-498D-883E-3509C550A031}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{04A67DA5-880B-452F-B193-463452C40B41}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15977918-3A04-4982-8E45-EDC618371EBE}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22FEDE76-4017-466D-BDE9-5D3E72EED32C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414B0283-2228-4F26-8BB3-C2211FA99223}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAD32E6-BB7B-4F57-BB1A-DB0F9C860C4A}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95E1D855-9232-48F7-80D9-1ADB65B7939C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BC37F38C-D37C-46FC-AC8D-93ABBCE72947}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DA40137D-AE41-4148-BFEC-916B326D5BBD}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4DA88ED-E01E-4D88-ADC4-A3E1ED557C6A}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F039C188-D8C7-4B6E-B6CC-A5E789B11329}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F856BB9E-855B-498D-883E-3509C550A031}] [2008-04-26] 1.3.14.3606 Files: %AppData%\gjcdmtcf\wpwlebqj.exe %ProgramFilesDir%\ieantivirus\ieav.exe %ProgramFilesDir%\ieantivirus\ieas.db2 %ProgramFilesDir%\ieantivirus\ieas.db3 %ProgramFilesDir%\ieantivirus\uninst.exe %ProgramsDir%\ie antivirus ?.?.lnk %DesktopDir%\ie antivirus ?.?.lnk %SystemDrive%\autorun.inf %SystemDrive%\gjn2pjlw.exe %SystemDrive%\jiwsxh39.exe %SystemDrive%\mvxm.cmd %SystemDrive%\q.com %SystemDrive%\ranvrgn.exe %SystemDrive%\rthrw.com %SystemDrive%\t.com %SystemDrive%\xyw9tmdj.com %WinDir%\dsktbwfe.dll %WinDir%\koapi2?.dll %WinDir%\koapi32?.dll %WinDir%\koapi99?.dll %WinDir%\kodo2?.dll %WinDir%\kodo32?.dll %WinDir%\kodo99?.dll %WinDir%\konet2?.dll %WinDir%\konet32?.dll %WinDir%\konet99?.dll %WinDir%\netapi16?.dll %WinDir%\netapi32?.dll %WinDir%\netapi64?.dll %WinDir%\netowl16?.dll %WinDir%\netowl32?.dll %WinDir%\netowl64?.dll %WinDir%\netweb16?.dll %WinDir%\netweb32?.dll %WinDir%\netweb64?.dll %WinDir%\nslbvxpgrno.dll %WinDir%\nyapi2?.dll %WinDir%\nyapi32?.dll %WinDir%\nyapi99?.dll %WinDir%\nydo2?.dll %WinDir%\nydo32?.dll %WinDir%\nydo99?.dll %WinDir%\nynet2?.dll %WinDir%\nynet32?.dll %WinDir%\nynet99?.dll %WinDir%\ogxtsepr.dll %WinDir%\paapi2?.dll %WinDir%\paapi32?.dll %WinDir%\paapi99?.dll %WinDir%\pado2?.dll %WinDir%\pado32?.dll %WinDir%\pado99?.dll %WinDir%\panet2?.dll %WinDir%\panet32?.dll %WinDir%\panet99?.dll %WinDir%\polapi16?.dll %WinDir%\polapi32?.dll %WinDir%\polapi64?.dll %WinDir%\polowl16?.dll %WinDir%\polowl32?.dll %WinDir%\polowl64?.dll %WinDir%\polweb16?.dll %WinDir%\polweb32?.dll %WinDir%\polweb64?.dll %WinDir%\sgoblxtm.dll %WinDir%\spnkfwad.exe %WinDir%\SwSys1.bmp %WinDir%\SwSys2.bmp %WinDir%\sysapi16?.dll %WinDir%\sysapi32?.dll %WinDir%\sysapi64?.dll %WinDir%\sysowl16?.dll %WinDir%\sysowl32?.dll %WinDir%\sysowl64?.dll %WinDir%\sysweb16?.dll %WinDir%\sysweb32?.dll %WinDir%\sysweb64?.dll %WinDir%\WLXPGSS.SCR %WinDir%\YAHELITE_BUDDY.INI %SystemDir%\amvo.exe %SystemDir%\amvo0.dll %SystemDir%\amvo1.dll Folders: %AppData%\gjcdmtcf %ProgramFilesDir%\ieantivirus Services: Registry: [-HKEY_CLASSES_ROOT\clsid\{54cf4ca2-c46c-4b5c-8dc5-0c0d42ecd69e}] [-HKEY_CLASSES_ROOT\sgoblxtm] [-HKEY_CLASSES_ROOT\sgoblxtm.1] [-HKEY_CLASSES_ROOT\TypeLib\{6D2ABF11-1C46-482A-9B98-1E7C6F823EA8}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "zxjsppsq"=- [-HKEY_LOCAL_MACHINE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C796500F-4B97-4F2B-B886-11FA6B72F13F}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{54CF4CA2-C46C-4B5C-8DC5-0C0D42ECD69E}"=- [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\shared tools\msconfig\startupreg\SelectRebates] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\windows\currentversion\policies\explorer\run] "VvHpM8jAKU"=- [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\{D54A9F83-FA6D-4375-8520-09D019BB3E42}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\{FD3AA19B-72A5-4EE1-9D49-FE9F2B63871A}] O2 - BHO: PCTools - {5C8494A5-7525-46B3-94C2-2F734EEBD48B} - C:\Windows\sysapi32a.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{5C8494A5-7525-46B3-94C2-2F734EEBD48B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\sysapi32a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C8494A5-7525-46B3-94C2-2F734EEBD48B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C8494A5-7525-46B3-94C2-2F734EEBD48B}] O2 - BHO: PWS.LD.Pinch - {649E2DCE-1AD1-470B-ACC8-42842396A94C} - nydo32r.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{649E2DCE-1AD1-470B-ACC8-42842396A94C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\nydo32r.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{649E2DCE-1AD1-470B-ACC8-42842396A94C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{649E2DCE-1AD1-470B-ACC8-42842396A94C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{935B484A-86A2-4D5D-A8D6-34B18AF7A0A3}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F9C6EC65-2988-4896-976F-6EA66FAD9844}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{935B484A-86A2-4D5D-A8D6-34B18AF7A0A3}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F9C6EC65-2988-4896-976F-6EA66FAD9844}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{935B484A-86A2-4D5D-A8D6-34B18AF7A0A3}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9C6EC65-2988-4896-976F-6EA66FAD9844}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ie antivirus] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "antispy"=- [-HKEY_CURRENT_USER\SOFTWARE\ieantivirus] [2008-04-15] 1.3.14.3501 Files: %ProgramFilesDir%\malwarebell\malwarebell.exe %ProgramFilesDir%\malwarebell\mb.db1 %ProgramFilesDir%\malwarebell\mb.db2 %ProgramFilesDir%\malwarebell\mb.db3 %ProgramFilesDir%\malwarebell\mb.db4 %ProgramFilesDir%\malwarebell\mb.db5 %ProgramFilesDir%\malwarebell\license.txt %ProgramFilesDir%\malwarebell\mbuninst.exe %ProgramsDir%\malware bell ?.?.lnk %DesktopDir%\malware bell ?.?.lnk %WinDir%\netweb64c.dll %WinDir%\pctools.dll %WinDir%\ps16sys.dll Folders: %ProgramFilesDir%\malwarebell Services: Registry: [-HKEY_CURRENT_USER\software\malwarebell] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\thememanager] "systemid"=- [-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\malware bell] O2 - BHO: WinSurf - {11160F05-7B64-4E5C-9C42-C69E2C78CE14} - C:\WINDOWS\winsurf.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{11160F05-7B64-4E5C-9C42-C69E2C78CE14}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11160F05-7B64-4E5C-9C42-C69E2C78CE14}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11160F05-7B64-4E5C-9C42-C69E2C78CE14}] O2 - BHO: WinSurf - {48D8CC16-82FD-4C1B-B3FF-F706C8E75399} - C:\WINDOWS\winsurf.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{48D8CC16-82FD-4C1B-B3FF-F706C8E75399}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48D8CC16-82FD-4C1B-B3FF-F706C8E75399}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{48D8CC16-82FD-4C1B-B3FF-F706C8E75399}] O2 - BHO: WinSurf - {53E30863-280F-4CFA-99AB-55CAEB95271C} - C:\Windows\ps16sys.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{53E30863-280F-4CFA-99AB-55CAEB95271C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ps16sys.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53E30863-280F-4CFA-99AB-55CAEB95271C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53E30863-280F-4CFA-99AB-55CAEB95271C}] O2 - BHO: PCTools - {C9BB982C-503D-4C0C-BDC7-ECE2A7FADFE9} - C:\Windows\pctools.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{C9BB982C-503D-4C0C-BDC7-ECE2A7FADFE9}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pctools.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9BB982C-503D-4C0C-BDC7-ECE2A7FADFE9}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C9BB982C-503D-4C0C-BDC7-ECE2A7FADFE9}] O2 - BHO: PCTools - {5C8494A5-7525-46B3-94C2-2F734EEBD48B} - C:\Windows\netweb64c.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{5C8494A5-7525-46B3-94C2-2F734EEBD48B}] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\netweb64c.dll] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C8494A5-7525-46B3-94C2-2F734EEBD48B}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\browser helper objects\{5C8494A5-7525-46B3-94C2-2F734EEBD48B}] [2008-04-13] 1.3.14.3473 Includes Bug Fixes in handling file detection/deletion of %Temp%\A??-tmpaoi.exe and %Temp%\A??-tmp.exe Files: %SystemDir%\wjcstd32.dll %WinDir%\winsurf.dll Folders: Services: Registry: O2 - BHO: Sofos - {44B1C291-CF3E-4B66-8BAB-31040FDC30A9} - C:\WINDOWS\sofos32x.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{44B1C291-CF3E-4B66-8BAB-31040FDC30A9}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44B1C291-CF3E-4B66-8BAB-31040FDC30A9}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44B1C291-CF3E-4B66-8BAB-31040FDC30A9}] O2 - BHO: Sofos - {D6848354-33D9-4E22-B94D-91A727129920} - C:\WINDOWS\sofos32x.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\winsurf.AVideo] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D6848354-33D9-4E22-B94D-91A727129920}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D6848354-33D9-4E22-B94D-91A727129920}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D263B532-C528-49E5-8BB6-80FA67332C9A}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{7165223D-D2C9-422B-8126-411B11842B8B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D6848354-33D9-4E22-B94D-91A727129920}] O2 - BHO: Sofos - {E45B12A3-3687-4CEB-B0F5-F2CF3B901C6C} - C:\WINDOWS\sofos32x.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{E45B12A3-3687-4CEB-B0F5-F2CF3B901C6C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E45B12A3-3687-4CEB-B0F5-F2CF3B901C6C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E45B12A3-3687-4CEB-B0F5-F2CF3B901C6C}] O2 - BHO: Explorer - {3348D07C-7C5C-D2C4-CFBA-A47F82347C8B} - C:\WINDOWS\System32\wjcstd32.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3348D07C-7C5C-D2C4-CFBA-A47F82347C8B}] O2 - BHO: WinSurf - {1F91C786-BBA0-41D2-8B3D-B88242677BAC} - C:\WINDOWS\winsurf.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F91C786-BBA0-41D2-8B3D-B88242677BAC}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\winsurf.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F91C786-BBA0-41D2-8B3D-B88242677BAC}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F91C786-BBA0-41D2-8B3D-B88242677BAC}] [2008-04-11] File Version 1.3.12.3454 Includes Bug fixes in search path for %DesktopCommonDir% and %ProgramsCommonDir% Files: %SystemDrive%\smp.bat %Temp%\A??-tmpaoi.exe %Temp%\A??-tmp.exe %WinDir%\cndr32a.dll %WinDir%\sofos16x.dll %WinDir%\sofos32x.dll Folders: Services: Registry: [HKEY_CURRENT_USER\software\microsoft\bind] "comment2"=- [HKEY_CURRENT_USER\software\microsoft\bind] "comment"=- O2 - BHO: Media Player Codec - {54202673-BD70-423C-AE57-5B2354567629} - C:\WINDOWS\dsaip32b.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{54202673-BD70-423C-AE57-5B2354567629}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{54202673-BD70-423C-AE57-5B2354567629}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54202673-BD70-423C-AE57-5B2354567629}] O2 - BHO: Media Codec - {53C4786E-B8BC-4245-97C4-C4AFFE28A8CA} - C:\WINDOWS\kiasys.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{53C4786E-B8BC-4245-97C4-C4AFFE28A8CA}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53C4786E-B8BC-4245-97C4-C4AFFE28A8CA}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53C4786E-B8BC-4245-97C4-C4AFFE28A8CA}] O2 - BHO: Media Codec - {547F4E57-9025-403B-B619-073854A60DA1} - C:\WINDOWS\kiasys.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{547F4E57-9025-403B-B619-073854A60DA1}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{547F4E57-9025-403B-B619-073854A60DA1}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{547F4E57-9025-403B-B619-073854A60DA1}] O2 - BHO: Media Codec - {C41A222A-B516-4190-B0B7-0AF2CE7F5C28} - C:\WINDOWS\kiasys.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{C41A222A-B516-4190-B0B7-0AF2CE7F5C28}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C41A222A-B516-4190-B0B7-0AF2CE7F5C28}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C41A222A-B516-4190-B0B7-0AF2CE7F5C28}] O2 - BHO: FLW Viewer - {1CF50F68-ECAD-45C6-AFC1-B5DC4B95B15E} - C:\WINDOWS\cndr32a.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\cndr32a.Video] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1CF50F68-ECAD-45C6-AFC1-B5DC4B95B15E}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\cndr32a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CF50F68-ECAD-45C6-AFC1-B5DC4B95B15E}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CF50F68-ECAD-45C6-AFC1-B5DC4B95B15E}] O2 - BHO: FLW Viewer - {2B53C730-8A79-4E13-A35F-3E41CA13E12F} - C:\WINDOWS\cndr32a.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{2B53C730-8A79-4E13-A35F-3E41CA13E12F}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2B53C730-8A79-4E13-A35F-3E41CA13E12F}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2B53C730-8A79-4E13-A35F-3E41CA13E12F}] O2 - BHO: FLW Viewer - {38E4618F-E3E4-42E9-925F-6B02C798BD94} - C:\WINDOWS\cndr32a.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{38E4618F-E3E4-42E9-925F-6B02C798BD94}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{38E4618F-E3E4-42E9-925F-6B02C798BD94}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38E4618F-E3E4-42E9-925F-6B02C798BD94}] O2 - BHO: FLW Viewer - {8D820860-2FA8-49A8-8809-B450ED80D3BB} - C:\WINDOWS\cndr32a.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{8D820860-2FA8-49A8-8809-B450ED80D3BB}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8D820860-2FA8-49A8-8809-B450ED80D3BB}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D820860-2FA8-49A8-8809-B450ED80D3BB}] O2 - BHO: [unknown] - {B49949CA-3062-4FA3-A24A-E27BAFD7C940} - C:\WINDOWS\sofos16x.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sofos16x.AVideo] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B49949CA-3062-4FA3-A24A-E27BAFD7C940}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\sofos16x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B49949CA-3062-4FA3-A24A-E27BAFD7C940}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B49949CA-3062-4FA3-A24A-E27BAFD7C940}] O2 - BHO: Sofos - {73776361-F206-4A50-9687-801C6FE9BA31} - C:\WINDOWS\sofos32x.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sofos32x.AVideo] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{73776361-F206-4A50-9687-801C6FE9BA31}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\sofos32x.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73776361-F206-4A50-9687-801C6FE9BA31}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA9FB42A-B0FA-4315-A32B-19D4C715CE77}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73776361-F206-4A50-9687-801C6FE9BA31}] [2008-04-02] File Version 1.3.10.3351 Conducts Registry edits to enure that REGEDIT, Task Manager, and CMD are not disabled. Files: %WinDir%\dsaip32b.dll %WinDir%\kiasys.dll Folders: Services: Registry: O2 - BHO: Media Player Codec - {3084A75F-5350-4D8B-BC5F-6B378035C133} - C:\WINDOWS\dsaip32b.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\dsaip32b.Video] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\dsaip32b.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{3084A75F-5350-4D8B-BC5F-6B378035C133}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3084A75F-5350-4D8B-BC5F-6B378035C133}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3084A75F-5350-4D8B-BC5F-6B378035C133}] O2 - BHO: Media Player Codec - {687A466A-D7CB-4FDF-965C-92462A82D7F0} - C:\WINDOWS\dsaip32b.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{687A466A-D7CB-4FDF-965C-92462A82D7F0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687A466A-D7CB-4FDF-965C-92462A82D7F0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687A466A-D7CB-4FDF-965C-92462A82D7F0}] O2 - BHO: Media Player Codec - {8B65F8A9-BAD5-4261-BB6F-25B2020C3098} - C:\WINDOWS\dsaip32b.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{8B65F8A9-BAD5-4261-BB6F-25B2020C3098}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B65F8A9-BAD5-4261-BB6F-25B2020C3098}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B65F8A9-BAD5-4261-BB6F-25B2020C3098}] O2 - BHO: Media Player Codec - {B4EF0D13-5359-457D-BA85-C110AEC377B5} - C:\WINDOWS\dsaip32b.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B4EF0D13-5359-457D-BA85-C110AEC377B5}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4EF0D13-5359-457D-BA85-C110AEC377B5}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4EF0D13-5359-457D-BA85-C110AEC377B5}] O2 - BHO: Media Codec - {50B051EE-8EF3-4D58-828D-74F0D1FFE4AA} - C:\WINDOWS\kiasys.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\kiasys.Video] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\kiasys.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{50B051EE-8EF3-4D58-828D-74F0D1FFE4AA}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{50B051EE-8EF3-4D58-828D-74F0D1FFE4AA}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50B051EE-8EF3-4D58-828D-74F0D1FFE4AA}] O2 - BHO: Media Codec - {8B580E40-6B46-44C8-9E80-A5AD6E1D1035} - C:\WINDOWS\kiasys.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{8B580E40-6B46-44C8-9E80-A5AD6E1D1035}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B580E40-6B46-44C8-9E80-A5AD6E1D1035}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B580E40-6B46-44C8-9E80-A5AD6E1D1035}] [2008-03-23] File Version 1.2.10.3326 Files: Folders: Services: Registry: O2 - BHO: Media Player Classic - {486D0362-657B-4771-B56D-AE29AA31B78B} - C:\WINDOWS\ausctv32a.dll %WinDir%\ausctv32a.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ausctv32a.Video] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ausctv32a.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{486D0362-657B-4771-B56D-AE29AA31B78B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{486D0362-657B-4771-B56D-AE29AA31B78B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{486D0362-657B-4771-B56D-AE29AA31B78B}] O2 - BHO: Media Player Classic - {5ADB5143-1CBD-4A52-A604-CCC8D76BA8D4} - C:\WINDOWS\ausctv32a.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{5ADB5143-1CBD-4A52-A604-CCC8D76BA8D4}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5ADB5143-1CBD-4A52-A604-CCC8D76BA8D4}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ADB5143-1CBD-4A52-A604-CCC8D76BA8D4}] O2 - BHO: Media Player Classic - {CE0487CA-8B02-431E-BA63-D38844E020B5} - C:\WINDOWS\ausctv32a.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{CE0487CA-8B02-431E-BA63-D38844E020B5}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CE0487CA-8B02-431E-BA63-D38844E020B5}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE0487CA-8B02-431E-BA63-D38844E020B5}] [2008-03-18] File Version 1.2.10.3314 Files: %SystemDir%\wbeconm.dll %SystemDir%\wcptr.exe %SystemDir%\web.exe %SystemDir%\wfcof.dll %SystemDir%\wfkduei.dll %SystemDir%\whitevx.lst %SystemDir%\wiatwain.dll %SystemDir%\win32.exe %SystemDir%\win32hp.dll %SystemDir%\win64.ex %SystemDir%\winacpi.dll %SystemDir%\winahr32.dll %SystemDir%\winapi32.dll %SystemDir%\WinAvX.exe %SystemDir%\WinAvXx.exe %SystemDir%\winbjt32.dll %SystemDir%\winbl32.dll %SystemDir%\winblsrv.dll %SystemDir%\winbrume.dll %SystemDir%\wincgf32.dll %SystemDir%\wincrt.exe %SystemDir%\winctrl16.exe %SystemDir%\winctrl32.exe %SystemDir%\winctrl64.exe %SystemDir%\wineil32.dll %SystemDir%\winmfu32.dll %SystemDir%\winlfl32.dll %SystemDir%\winflash.dll %SystemDir%\winghy32.dll %SystemDir%\winhdn32.dll %SystemDir%\winhoo32.dll %SystemDir%\winhook.exe %SystemDir%\win.ini.t00 %SystemDir%\WinFlyer32.dll %SystemDir%\winjgf32.dll %SystemDir%\winjrs32.dll %SystemDir%\winkve32.dll %SystemDir%\winldra.exe %SystemDir%\winlfl32.dll %SystemDir%\winlogon.ini %SystemDir%\winmuse.exe %SystemDir%\winmvj32.dll %SystemDir%\winnook.exe %SystemDir%\winnvy32.dll %SystemDir%\winosl32.dll %SystemDir%\winproc32.exe %SystemDir%\winres.dll %SystemDir%\winresd32.dll %SystemDir%\winrir32.dll %SystemDir%\winrnt32.dll %SystemDir%\winsrv32.exe %SystemDir%\winstall.exe %SystemDir%\winstyle2.dll %SystemDir%\winstyle3.dll %SystemDir%\winsub.xml %SystemDir%\winsysms.exe %SystemDir%\wintbu32.dll %SystemDir%\winter.exe %SystemDir%\wintfj32.dll %SystemDir%\wintime.exe %SystemDir%\winuc386.exe %SystemDir%\winuns32.dll %SystemDir%\winuptd.exe %SystemDir%\winwiz32.exe %SystemDir%\winwly32.dll %SystemDir%\winzlo32.dll %SystemDir%\wldr.dll %SystemDir%\wml.exe %SystemDir%\wmstrbum.exe %SystemDir%\wmvds32.dll %SystemDir%\wmzgrab.exe %SystemDir%\wnafdlyd.dll %SystemDir%\wowfx.dll %SystemDir%\wowlze.dll %SystemDir%\wp.bmp %SystemDir%\wpchz.dll %SystemDir%\wpfb.dat %SystemDir%\wppp.html %SystemDir%\wqzdtjg.dll %SystemDir%\wschtm35.dll %SystemDir%\wstart.dll %SystemDir%\wupdmgr.tmp %SystemDir%\wupeng.exe %SystemDir%\wuwbxp.dll %SystemDir%\wvvwa.* %SystemDir%\wygomd.dll %SystemDir%\wzhtjqo.dll %SystemDir%\xch33fr.dll %SystemDir%\xedasn.dll %SystemDir%\xenadot.dll %SystemDir%\xikor.dll %SystemDir%\xkrdk.dll %SystemDir%\xnpfjs.exe %SystemDir%\xnvaogd.dll %SystemDir%\xovdzz.dll %SystemDir%\xpupdate.dll %SystemDir%\xpupdate.exe-up.txt %SystemDir%\xqpauzx.dll %SystemDir%\xtgwjrm.dll %SystemDir%\xtsyynm.dll %SystemDir%\xuefh.dll %SystemDir%\xuoce.dll %SystemDir%\xxfgmy.dll %SystemDir%\xxxdialer.exe %SystemDir%\xyxuic.dll %SystemDir%\yaemu.exe %SystemDir%\yephk.dll %SystemDir%\yesgnhr.dll %SystemDir%\yfysupa.dll %SystemDir%\ygjun.dll %SystemDir%\yhbdupd.dll %SystemDir%\yhjbbzf.dll %SystemDir%\ymmzwd.dll %SystemDir%\ymsmsgs.exe %SystemDir%\yneid.dll %SystemDir%\yosdjh.dll %SystemDir%\yronl.dll %SystemDir%\ysyssuuz.exe %SystemDir%\yuspej.dll %SystemDir%\yvvdj.dll %SystemDir%\ywbicim.dll %SystemDir%\zch29sr.dll %SystemDir%\zdwii.dll %SystemDir%\zhopaizdupla.exe %SystemDir%\zkpssqa.dll %SystemDir%\zlara.dll %SystemDir%\zlbw.dll_tobedeleted %SystemDir%\zolk.dll %SystemDir%\zolker???.dll %SystemDir%\zpeolvh.dll %SystemDir%\zphnok.dll %SystemDir%\zpuwriz.dll %SystemDir%\ZServ.dll %SystemDir%\ztoolb???.dll %SystemDir%\ztoolbar.bmp %SystemDir%\ztoolbar.dll %SystemDir%\ztoolbar.xml %SystemDir%\ztoolber.dll %SystemDir%\zcwlnic.dll %SystemDir%\zz_duxzj.dll %SystemDir%\components\flx?.dll %SystemDir%\components\flx??.dll %SystemDir%\components\flx???.dll %SystemDir%\components\flx????.dll %SystemDir%\drivers\uwasfsd.sys Folders: Services: Registry: O2 - BHO: Windows Media Player - {8161DF25-78BD-412D-8B45-87EFD0839BC6} - C:\WINDOWS\wmpdxm.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{8161DF25-78BD-412D-8B45-87EFD0839BC6}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8161DF25-78BD-412D-8B45-87EFD0839BC6}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8161DF25-78BD-412D-8B45-87EFD0839BC6}] O2 - BHO: Windows Media Player - {8388F272-9EDA-4F4E-88FD-4711CBA4BA2B} - C:\WINDOWS\wmpdxm.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{8388F272-9EDA-4F4E-88FD-4711CBA4BA2B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8388F272-9EDA-4F4E-88FD-4711CBA4BA2B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8388F272-9EDA-4F4E-88FD-4711CBA4BA2B}] O2 - BHO: Windows Media Player - {8E9C2138-EFA4-4B14-9062-7FD1F7C10E82} - C:\WINDOWS\wmpdxm.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{8E9C2138-EFA4-4B14-9062-7FD1F7C10E82}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E9C2138-EFA4-4B14-9062-7FD1F7C10E82}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E9C2138-EFA4-4B14-9062-7FD1F7C10E82}] O2 - BHO: Windows Media Player - {C7E9503C-DA29-4183-8FA9-978C32852C20} - C:\WINDOWS\wmpdxm.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{C7E9503C-DA29-4183-8FA9-978C32852C20}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C7E9503C-DA29-4183-8FA9-978C32852C20}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7E9503C-DA29-4183-8FA9-978C32852C20}] O2 - BHO: Windows Media Player - {D5A7151F-58D0-4AC8-9329-BEDD59625679} - C:\Windows\wmpdxm.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D5A7151F-58D0-4AC8-9329-BEDD59625679}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5A7151F-58D0-4AC8-9329-BEDD59625679}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5A7151F-58D0-4AC8-9329-BEDD59625679}] [2008-03-08] File Verion 1.2.10.3145 Files: Folders: Services: Registry: O2 - BHO: Windows Media Player - {7DB0A0E2-FD42-43AE-A12A-760DBBC3C876} - C:\WINDOWS\wmpdxm.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7DB0A0E2-FD42-43AE-A12A-760DBBC3C876}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7DB0A0E2-FD42-43AE-A12A-760DBBC3C876}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB0A0E2-FD42-43AE-A12A-760DBBC3C876}] O2 - BHO: Windows Media Player - {D480850D-85D1-4836-9AEA-86C185CDAE29} - C:\WINDOWS\wmpdxm.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D480850D-85D1-4836-9AEA-86C185CDAE29}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D480850D-85D1-4836-9AEA-86C185CDAE29}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D480850D-85D1-4836-9AEA-86C185CDAE29}] O2 - BHO: Windows Media Player - {E01D62BE-3C96-4165-A54F-1A51CD75D6F9} - C:\WINDOWS\wmpdxm.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{E01D62BE-3C96-4165-A54F-1A51CD75D6F9}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E01D62BE-3C96-4165-A54F-1A51CD75D6F9}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E01D62BE-3C96-4165-A54F-1A51CD75D6F9}] O2 - BHO: Windows Media Player - {F3167A8F-30FF-4BA1-9FF8-03568E53BC1A} - C:\WINDOWS\wmpdxm.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F3167A8F-30FF-4BA1-9FF8-03568E53BC1A}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3167A8F-30FF-4BA1-9FF8-03568E53BC1A}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3167A8F-30FF-4BA1-9FF8-03568E53BC1A}] O2 - BHO: Windows Media Player - {F757B0A0-E8CA-4CC3-BFF5-DECD70DFEEDA} - C:\WINDOWS\wmpdxm.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F757B0A0-E8CA-4CC3-BFF5-DECD70DFEEDA}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F757B0A0-E8CA-4CC3-BFF5-DECD70DFEEDA}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F757B0A0-E8CA-4CC3-BFF5-DECD70DFEEDA}] [2008-03-03] File Version 1.2.10.3130 Files: %DesktopCommonDir%\Search And Destroy.lnk %ProgramsCommonDir%\Search And Destroy\Search And Destroy.lnk %ProgramsCommonDir%\Search And Destroy\Uninstall Search And Destroy.lnk %DesktopDir%\Search And Destroy.lnk %ProgramsDir%\Search And Destroy\Search And Destroy.lnk %ProgramsDir%\Search And Destroy\Uninstall Search And Destroy.lnk %ProgramFilesDir%\Search And Destroy\Search And Destroy.exe %ProgramFilesDir%\Search And Destroy\Uninstall\IRIMG1.JPG %ProgramFilesDir%\Search And Destroy\Uninstall\IRIMG2.JPG %ProgramFilesDir%\Search And Destroy\Uninstall\IRIMG3.JPG %ProgramFilesDir%\Search And Destroy\Uninstall\uninstall.dat %ProgramFilesDir%\Search And Destroy\Uninstall\uninstall.xml %WinDir%\Search And Destroy Setup Log.txt %WinDir%\Search And Destroy\uninstall.exe %WinDir%\wmpdxm.dll %SystemDir%\tio???.dll %SystemDir%\tipp.dat %SystemDir%\tippcls.dat %SystemDir%\tisa.cnf %SystemDir%\tips.exe %SystemDir%\tiqmcx.dll %SystemDir%\tisa.dll %SystemDir%\titiau.dll %SystemDir%\tkrsw.dll %SystemDir%\tkosvv.dll %SystemDir%\tload.ocx %SystemDir%\tmp?.tmp.dll %SystemDir%\tmp??.tmp.dll %SystemDir%\tmp???.tmp.dll %SystemDir%\tmp.req %SystemDir%\tmpf00.exe %SystemDir%\tmxxxh.dll %SystemDir%\tnvocyn.dll %SystemDir%\tpedvf.dll %SystemDir%\tqcwm.dll %SystemDir%\trf32.dll %SystemDir%\tromomwin32.exe %SystemDir%\truetype.exe %SystemDir%\ts.ico %SystemDir%\ttu.exe %SystemDir%\tu.exe %SystemDir%\tvomnc.dll %SystemDir%\tvtpwp.dll %SystemDir%\twain32.dll %SystemDir%\txfdb32.dll %SystemDir%\txxkb.dll %SystemDir%\ucbrrt.dll %SystemDir%\ucmbegr.dll %SystemDir%\udpmod.dll %SystemDir%\ugbtna.dll %SystemDir%\uglgs.dll %SystemDir%\ugofuq.dll %SystemDir%\uhvjsul.dll %SystemDir%\uimcu.dll %SystemDir%\ulztc.dll %SystemDir%\unaoakg.dll %SystemDir%\Uninstall.ico %SystemDir%\unpfrwb.dll %SystemDir%\updwebmin.exe %SystemDir%\ur72.dll %SystemDir%\urroxtl.dll %SystemDir%\users32.exe %SystemDir%\uxzj.dll %SystemDir%\vblhanf.dll %SystemDir%\vbsys2.dll %SystemDir%\vcehaeb.dll %SystemDir%\vcodec.exe %SystemDir%\veklo.dll %SystemDir%\veptlh.dll %SystemDir%\vgibz.dll %SystemDir%\vhywj.dll %SystemDir%\vindows32.exe %SystemDir%\viruxz.dll %SystemDir%\viuaoq.dll %SystemDir%\viwpzla.dll %SystemDir%\vjxwnn.dll %SystemDir%\vmlwp.dll %SystemDir%\voblaizdupla.exe %SystemDir%\vobler.exe %SystemDir%\voi???.exe %SystemDir%\VOI???.OXE %SystemDir%\vophqmn.dll %SystemDir%\vpccw.dll %SystemDir%\vpxnk.dll %SystemDir%\vsl04.exe %SystemDir%\vtewupi.dll %SystemDir%\vtr???.dll %SystemDir%\vtsqr.dll %SystemDir%\vtstq.dll %SystemDir%\vusxqm.dll %SystemDir%\vvihh.dll %SystemDir%\vwfps.dll %SystemDir%\vwlummc.dll %SystemDir%\vwsrv.exe %SystemDir%\vx.tll %SystemDir%\vxddsk.exe %SystemDir%\vxgame?.exe %SystemDir%\vxgame?.exe %SystemDir%\vxgame?.exe????.exe %SystemDir%\vxgamet?.exe %SystemDir%\vxgamet?.exe????.exe %SystemDir%\vxg?ame?.exe %SystemDir%\vxg?amet?.exe %SystemDir%\vxg?am?et?.exe %SystemDir%\vxga?me?t?.exe %SystemDir%\vxh8jkdq?.exe %SystemDir%\vxt?.game %SystemDir%\vzvbvs.exe %SystemDir%\vzfhprk.dll %SystemDir%\w8673492.exe %SystemDir%\wallp2.exe %SystemDir%\wbc32.exe Folders: %ProgramsCommonDir%\Search And Destroy %ProgramsDir%\Search And Destroy %ProgramFilesDir%\Search And Destroy %ProgramFilesDir%\Search And Destroy\Uninstall %WinDir%\Search And Destroy Services: vwservice vwsrv Registry: O2 - BHO: MS Video Control 1.0 - {38E0A84D-A691-406F-93B2-7DC709C2D0F9} - C:\WINDOWS\msvidc32.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{38E0A84D-A691-406F-93B2-7DC709C2D0F9}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{38E0A84D-A691-406F-93B2-7DC709C2D0F9}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38E0A84D-A691-406F-93B2-7DC709C2D0F9}] O2 - BHO: MS Video Control 1.0 - {708F8B95-4012-4A3A-9494-5EEE5F8CC89E} - C:\WINDOWS\msvidc32.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{708F8B95-4012-4A3A-9494-5EEE5F8CC89E}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{708F8B95-4012-4A3A-9494-5EEE5F8CC89E}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{708F8B95-4012-4A3A-9494-5EEE5F8CC89E}] O2 - BHO: MS Video Control 1.0 - {AD50B648-6165-46EE-9FA9-81F73D8F84DA} - C:\WINDOWS\msvidc32.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AD50B648-6165-46EE-9FA9-81F73D8F84DA}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD50B648-6165-46EE-9FA9-81F73D8F84DA}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD50B648-6165-46EE-9FA9-81F73D8F84DA}] O2 - BHO: Windows Media Player - {61FEBF12-793B-4D8A-8513-D1814FE2A395} - C:\WINDOWS\wmpdxm.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\wmpdxm.Video] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\wmpdxm.dll] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{61FEBF12-793B-4D8A-8513-D1814FE2A395}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61FEBF12-793B-4D8A-8513-D1814FE2A395}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61FEBF12-793B-4D8A-8513-D1814FE2A395}] O2 - BHO: Windows Media Player - {7CF52009-F408-49AE-BBCB-6279CB53BB42} - C:\WINDOWS\wmpdxm.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7CF52009-F408-49AE-BBCB-6279CB53BB42}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7CF52009-F408-49AE-BBCB-6279CB53BB42}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7CF52009-F408-49AE-BBCB-6279CB53BB42}] O2 - BHO: Windows Media Player - {AFCB0C91-199F-4C49-9F62-09F8CBDAD17A} - C:\WINDOWS\wmpdxm.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AFCB0C91-199F-4C49-9F62-09F8CBDAD17A}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFCB0C91-199F-4C49-9F62-09F8CBDAD17A}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AFCB0C91-199F-4C49-9F62-09F8CBDAD17A}] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "SearchAndDestroyMFC"=- [-HKEY_CURRENT_USER\Software\MPMFC1] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search And Destroy5.2] [2008-02-17] File Version 1.2.10.3004 Files: %SystemDir%\s.exe %SystemDir%\sachostc.exe %SystemDir%\sachostp.exe %SystemDir%\sachostm.exe %SystemDir%\sachosts.exe %SystemDir%\sacskza.dll %SystemDir%\sbnudh.dll %SystemDir%\scdochop.dll %SystemDir%\scmt16.exe %SystemDir%\scpsssh2.dll %SystemDir%\sdfdil.exe %SystemDir%\sdfghjgewaertyutrew.exe %SystemDir%\search.html %SystemDir%\searchdll.dll %SystemDir%\secitipx.dll %SystemDir%\secure32.txt %SystemDir%\sefe.exe %SystemDir%\senssrv.dll %SystemDir%\service.exe %SystemDir%\services32.exe %SystemDir%\sethcd.exe %SystemDir%\sft.res %SystemDir%\shdochop.dll %SystemDir%\shdocpl.dll %SystemDir%\shdocvn.dll %SystemDir%\shdocnvt.dll %SystemDir%\shell386.exe %SystemDir%\shellgui32.dll %SystemDir%\shlapimext.dll %SystemDir%\shnlog.exe %SystemDir%\siiyal.dll %SystemDir%\simpole.tlb %SystemDir%\sipov.dll %SystemDir%\sivudro.dll %SystemDir%\sjablonen.dll %SystemDir%\skuns.dat %SystemDir%\SkyAffiliate.exe %SystemDir%\smaexp32.dll %SystemDir%\smartdrv.exe %SystemDir%\smbdins.exe %SystemDir%\soft3.exe %SystemDir%\spb32.dll %SystemDir%\split?.exe %SystemDir%\spnping.exe %SystemDir%\spoolsrv32.exe %SystemDir%\spoolsvv.exe %SystemDir%\spy_sys.exe %SystemDir%\spyware.ico %SystemDir%\srpcsrv32.dll %SystemDir%\ss1001.exe %SystemDir%\ssk3.exe %SystemDir%\ssk3_b5 seedcorn 4.exe %SystemDir%\ssk_b5 ventura marketing 15.exe %SystemDir%\st3.dll %SystemDir%\stdole3.tlb %SystemDir%\stera.job %SystemDir%\stera.log %SystemDir%\stickrep.dll %SystemDir%\stickrep.dll.Delete %SystemDir%\stickrep1.dll %SystemDir%\stlb2.dll %SystemDir%\stlb2.xml %SystemDir%\stobj32.exe %SystemDir%\sttwrd.dll %SystemDir%\Suchspur.dll %SystemDir%\SudokuInstaller.exe %SystemDir%\sulimo.dat %SystemDir%\Sumsw32.exe %SystemDir%\supdate2.dll %SystemDir%\suprox.dll %SystemDir%\surzzh.dll %SystemDir%\susp.exe %SystemDir%\svchop.exe %SystemDir%\svchosts.dll %SystemDir%\svchost72.exe %SystemDir%\svcp.csv %SystemDir%\svcnt.exe %SystemDir%\svcnt32.exe %SystemDir%\svcnut.exe %SystemDir%\svcnva.exe %SystemDir%\svcnvt.exe %SystemDir%\svwhost.exe %SystemDir%\swqzdtj.dll %SystemDir%\symcsvc.exe %SystemDir%\symsvcsa.exe %SystemDir%\sysinit32.exe %SystemDir%\sysobjwertb.dll %SystemDir%\system.exe %SystemDir%\system1.dat6 %SystemDir%\system32.dll %SystemDir%\systemdll.exe %SystemDir%\systems.txt %SystemDir%\systime.exe %SystemDir%\sysvcs.exe %SystemDir%\sysvx.exe %SystemDir%\sywsvcs.exe %SystemDir%\syycum.dll %SystemDir%\Sweeper.cfg %SystemDir%\sxpdr32.dll %SystemDir%\sxrun32.ini %SystemDir%\sxwbfqgl.exe %SystemDir%\t1t.exe %SystemDir%\tahxqcj.dll %SystemDir%\taskdir.dll %SystemDir%\taskdir.exe %SystemDir%\taskdir~.exe %SystemDir%\taskmang.exe %SystemDir%\taskmgr.com %SystemDir%\tazth.dll %SystemDir%\tconini.dat %SystemDir%\tcpipmon.exe %SystemDir%\tcprp.dll %SystemDir%\tcpservice2.exe %SystemDir%\tczij.dll %SystemDir%\tetriz3.exe %SystemDir%\TheMatrixHasYou.exe %SystemDir%\thlwin32.dll %SystemDir%\thn.dll %SystemDir%\thun.dll %SystemDir%\thun32.dll %SystemDir%\tibs.exe %SystemDir%\ticads.exe %SystemDir%\tickcnt.bin %SystemDir%\ticont.dll %SystemDir%\tt.exe %SystemDir%\ttt.exe %SystemDir%\tttt.exe %SystemDir%\ttttt.exe Folders: Services: Registry: O2 - BHO: MS Video Control 1.0 - {2E09C916-948C-42AF-8451-17B1439DFFD5} - C:\WINDOWS\msvidc32.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{2E09C916-948C-42AF-8451-17B1439DFFD5}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2E09C916-948C-42AF-8451-17B1439DFFD5}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E09C916-948C-42AF-8451-17B1439DFFD5}] O2 - BHO: MS Video Control 1.0 - {E9601C0B-FA98-4E6D-A015-AE5B43F47962} - C:\WINDOWS\msvidc32.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{E9601C0B-FA98-4E6D-A015-AE5B43F47962}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E9601C0B-FA98-4E6D-A015-AE5B43F47962}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E9601C0B-FA98-4E6D-A015-AE5B43F47962}] [2008-02-25] File Version 1.2.10.2869 Files: %SystemDir%\msiefr40.dll %SystemDir%\MSIEHelper.dll %SystemDir%\msits.exe %SystemDir%\msjwer.exe %SystemDir%\msjwer.hts %SystemDir%\msmsgs.exe %SystemDir%\msnscps.dll %SystemDir%\msnsrv.exe %SystemDir%\msole32.exe %SystemDir%\msorcl32.exe %SystemDir%\mspostsp.exe %SystemDir%\msrexe.exe %SystemDir%\msscds32.dll %SystemDir%\mssearchnet.exe %SystemDir%\mstlb.exe %SystemDir%\msupdate32.dll %SystemDir%\msvcrt64.dll %SystemDir%\msvcrtid.exe %SystemDir%\msvcp.exe %SystemDir%\msvol.tlb %SystemDir%\msvsres.dll %SystemDir%\mswerqwd.dll %SystemDir%\mswinb32.dll %SystemDir%\mswinb32.exe %SystemDir%\mswinf32.dll %SystemDir%\mswinf32.exe %SystemDir%\mswinup32.dll %SystemDir%\mswinxml.dll %SystemDir%\msxmlpp.dll %SystemDir%\msxslab.dll %SystemDir%\mtc.dll %SystemDir%\MTC.ini %SystemDir%\multitran.exe %SystemDir%\muvdjo.dll %SystemDir%\mvwqn.dll %SystemDir%\mxhfjy.dll %SystemDir%\mydriver64.sys %SystemDir%\mysvcc.exe %SystemDir%\mytob.exe %SystemDir%\mytool.com %SystemDir%\mzoeut.dll %SystemDir%\mzrun.exe %SystemDir%\n04s0ah7ed4.dll %SystemDir%\nbbrhbd.dll %SystemDir%\ncompat.tlb %SystemDir%\ncompat(2).tlb %SystemDir%\ncrjf.dll %SystemDir%\nczupfw.dll %SystemDir%\nieyn.dll %SystemDir%\netfilt4.exe %SystemDir%\netstat2.exe %SystemDir%\netsupp.dll %SystemDir%\NetWrap.dll %SystemDir%\NetWrap.dll.ren %SystemDir%\newdial?.exe %SystemDir%\newmaxxsv234.exe %SystemDir%\nexpegp.dll %SystemDir%\ninja.rar %SystemDir%\nmp.log %SystemDir%\nopctrl.dll %SystemDir%\norpl.exe %SystemDir%\notifysb.dll %SystemDir%\notifysb.dll.bak %SystemDir%\ntfsnlpa.exe %SystemDir%\ntsysv.exe %SystemDir%\nuclabdll.dll %SystemDir%\nun.dll %SystemDir%\nun.dll.tcf %SystemDir%\nuqjici.dll %SystemDir%\nusrmgr.exe %SystemDir%\nvctrl.exe %SystemDir%\nzdd.dll %SystemDir%\oebxpba.dll %SystemDir%\oembios32.dll %SystemDir%\oerucu.dll %SystemDir%\ofcukiz.dll %SystemDir%\office_pnl.dll %SystemDir%\officescan.exe %SystemDir%\okkmtv.dll %SystemDir%\oleadm.dll %SystemDir%\oleadm32.dll %SystemDir%\oins.exe %SystemDir%\oksrqqu.dll %SystemDir%\ole32vbs.exe %SystemDir%\oleext.dll %SystemDir%\oleext32.dll %SystemDir%\olemdb32.dl_ %SystemDir%\olemdb32.dll %SystemDir%\olnohdw.dll %SystemDir%\onljweo.dll %SystemDir%\onofub.dll %SystemDir%\onwtj.dll %SystemDir%\OODBS.lor %SystemDir%\Open.ico %SystemDir%\openconf.exe %SystemDir%\opssd.dat %SystemDir%\oqabf.dll %SystemDir%\oqipt.dll %SystemDir%\oqtwa.* %SystemDir%\ornzq.dll %SystemDir%\osdjhjc.dll %SystemDir%\osdsreg?.exe %SystemDir%\ot.ico %SystemDir%\ownyhr.dll %SystemDir%\oybgrql.dll %SystemDir%\oyopu.dll %SystemDir%\parad.raw.exe %SystemDir%\paradise.raw.exe %SystemDir%\param32.dll %SystemDir%\pasmew.dll %SystemDir%\paydial.exe %SystemDir%\paytime.com %SystemDir%\paytime.exe %SystemDir%\pavas.ico %SystemDir%\pbdev2.dll %SystemDir%\pdqhmd.dll %SystemDir%\per.exe %SystemDir%\perfcii.ini %SystemDir%\performent???.dll %SystemDir%\pfrmj.dll %SystemDir%\phhr.bat %SystemDir%\pjgerka.dll %SystemDir%\pinch.exe %SystemDir%\pkgvyg.dll %SystemDir%\pkjcoxq.dll %SystemDir%\pluwue.dll %SystemDir%\pmdsrego.exe %SystemDir%\pmnqguh.dll %SystemDir%\pndsregs.exe %SystemDir%\p?dsreg?.exe %SystemDir%\posem.dll %SystemDir%\present?.txt %SystemDir%\prflbmsgp32.dll %SystemDir%\printer.exe %SystemDir%\priva.exe %SystemDir%\private.exe %SystemDir%\proper.exe %SystemDir%\ProtEX32.exe %SystemDir%\ps.a3d %SystemDir%\psndz.dll %SystemDir%\psnint.exe %SystemDir%\ptainfo?.ico %SystemDir%\qjrkvy.exe %SystemDir%\qch29sr.dll %SystemDir%\qnusjji.dll %SystemDir%\qomnono.dll %SystemDir%\qrucmr.dll %SystemDir%\qrzsyr.dll %SystemDir%\qscem.vob %SystemDir%\qtstv.* %SystemDir%\questmod.dll %SystemDir%\Quick.ico %SystemDir%\qrucmr.dll %SystemDir%\qumgdn.exe %SystemDir%\qvjpt.dll %SystemDir%\gwquvw.dll %SystemDir%\qvxgamet?.exe %SystemDir%\qxfgcg.dll %SystemDir%\qzviz.dll %SystemDir%\ramtmb.dll %SystemDir%\rcohty.dll %SystemDir%\rdccba.exe %SystemDir%\rdihost.dll %SystemDir%\rdpslip.exe %SystemDir%\rdsndin.exe %SystemDir%\reger.exe %SystemDir%\reglogs.dll %SystemDir%\regperf.exe %SystemDir%\repairs.dll %SystemDir%\repairs302??????.dll %SystemDir%\repairs303??????.dll %SystemDir%\repigsp.exe %SystemDir%\RegistryCleanerSetup.exe %SystemDir%\replmap.dll %SystemDir%\remadm32.dll %SystemDir%\Remove Spyware.ico %SystemDir%\res.dll %SystemDir%\ResourceHelper.dll %SystemDir%\rftjpkh.dll %SystemDir%\rldsregn.exe %SystemDir%\rldsregs.exe %SystemDir%\rldyt.dll %SystemDir%\rmtdvc.dll %SystemDir%\rmzdzx.dll %SystemDir%\rnxwph.dll %SystemDir%\rock.exe %SystemDir%\rosdzop.dll %SystemDir%\rpcc.dll %SystemDir%\rpcc.exe %SystemDir%\RpcxSs.dll %SystemDir%\rrtcany.dll %SystemDir%\rrtrit.dll %SystemDir%\rtwwf.exe %SystemDir%\runsrv32.dll %SystemDir%\runsrv32.exe %SystemDir%\rxqcpn.dll %SystemDir%\ryxrho.dll Folders: Services: Registry: O2 - BHO: MS Video Control 1.0 - {54629298-47B2-4F79-BC62-7B3648D70020} - C:\Windows\msvidc32.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{54629298-47B2-4F79-BC62-7B3648D70020}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{54629298-47B2-4F79-BC62-7B3648D70020}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54629298-47B2-4F79-BC62-7B3648D70020}] O2 - BHO: MS Video Control 1.0 - {B8DE8F32-8900-4F89-BFD5-CB4D49FEBE47} - C:\Windows\msvidc32.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B8DE8F32-8900-4F89-BFD5-CB4D49FEBE47}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8DE8F32-8900-4F89-BFD5-CB4D49FEBE47}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B8DE8F32-8900-4F89-BFD5-CB4D49FEBE47}] [2008-02-23] File Version 1.2.10.2661 O2 - BHO: MS Video Control 1.0 - {96074552-3830-40E3-8274-FB9E092F04EC} - C:\Windows\msvidc32.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{96074552-3830-40E3-8274-FB9E092F04EC}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96074552-3830-40E3-8274-FB9E092F04EC}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96074552-3830-40E3-8274-FB9E092F04EC}] O2 - BHO: MS Video Control 1.0 - {CAD36397-AF2B-4F5D-9172-1D3874222A23} - C:\WINDOWS\msvidc32.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{CAD36397-AF2B-4F5D-9172-1D3874222A23}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAD36397-AF2B-4F5D-9172-1D3874222A23}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAD36397-AF2B-4F5D-9172-1D3874222A23}] O2 - BHO: MS Video Control 1.0 - {CBC3486E-92D1-419D-BEBF-D3D972B87902} - C:\WINDOWS\msvidc32.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{CBC3486E-92D1-419D-BEBF-D3D972B87902}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CBC3486E-92D1-419D-BEBF-D3D972B87902}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CBC3486E-92D1-419D-BEBF-D3D972B87902}] WinXDefender: O2 - BHO: SearchHelper Class - {505087B6-49F1-4B75-853B-47BD7BF30A30} - C:\WINDOWS\System32\FeedMerge.dll -Files- %AppData%\WinXDefender\base.dat %AppData%\WinXDefender\base2.dat %AppData%\WinXDefender\Desc.dat %AppData%\WinXDefender\spline.dat %AppData%\WinXDefender\WinXDefender.ini %Programs%\WinXDefender\Purchase License.lnk %Programs%\WinXDefender\Support Page.lnk %Programs%\WinXDefender\WinXDefender Uninstall.lnk %Programs%\WinXDefender\WinXDefender.lnk %ProgramFiles%\WinXDefender\Buy.url %ProgramFiles%\WinXDefender\gqfix.exe %ProgramFiles%\WinXDefender\Help.url %ProgramFiles%\WinXDefender\Uninstall.exe %ProgramFiles%\WinXDefender\WinXDefender.exe %SystemDir%\FeedMerge.dll -Folders- %AppData%\WinXDefender %Programs%\WinXDefender %ProgramFiles%\WinXDefender -Registry Items- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "WinXDefender"=- [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinXDefender] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YGHelper.SearchHelper] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YGHelper.SearchHelper.1] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\YGHelper.DLL] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7F8FD529-8CBF-4998-A602-FCE3E74CA9A3}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{505087B6-49F1-4B75-853B-47BD7BF30A30}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{ED0BE1F5-6822-4E15-BA40-FF593A769FEE}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{23E0D79C-E8D7-4163-8902-4C1C11BD9A41}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{505087B6-49F1-4B75-853B-47BD7BF30A30}] Miscellaneous Deletions: %SystemDir%\ipztub.dll %SystemDir%\iqzv.dll %SystemDir%\isfmdl.dll %SystemDir%\isfmm.exe %SystemDir%\ishost.exe %SystemDir%\ishost.exe_tobedeleted %SystemDir%\ismini.exe %SystemDir%\ismon.exe %SystemDir%\isnotify.exe %SystemDir%\isntfy.exe %SystemDir%\issearch.exe %SystemDir%\issrch.exe %SystemDir%\itDD.exe %SystemDir%\itdtjjf.dll %SystemDir%\its.txt %SystemDir%\ivrllc.dll %SystemDir%\iwwvh.dll %SystemDir%\ixt?.dll %SystemDir%\ixt??.dll %SystemDir%\jac.dll %SystemDir%\jao.dll %SystemDir%\jbhbolcl.exe %SystemDir%\jbtazy.dll %SystemDir%\jevtxpg.dll %SystemDir%\jkhob.dll %SystemDir%\jnuxc.dll %SystemDir%\jpqet.dll %SystemDir%\jrpkmgh.dll %SystemDir%\kbui32.dll %SystemDir%\kdfat.exe %SystemDir%\kduev.exe %SystemDir%\kernel32.exe %SystemDir%\kernels32.exe %SystemDir%\kernels64.exe %SystemDir%\kernels8.bak.exe %SystemDir%\kernels8.exe %SystemDir%\keydsp.exe %SystemDir%\kfhrvq.dll %SystemDir%\kgkdbsk.dll %SystemDir%\khfedec.dll %SystemDir%\khtbpdl.dll %SystemDir%\kkqfb.dll %SystemDir%\kldtm.exe %SystemDir%\kspydoc.log %SystemDir%\ktrxe.dll %SystemDir%\kuhmk.dll %SystemDir%\kvfvw.dll %SystemDir%\kzpkwj.dll %SystemDir%\lanH32.dll %SystemDir%\lapmvzf.dll %SystemDir%\latest.exe %SystemDir%\lcch.dat %SystemDir%\lcsrsrv.dll %SystemDir%\ld???.tmp %SystemDir%\ld????.tmp %SystemDir%\ldsm.exe %SystemDir%\lfd32.ini %SystemDir%\lgaac.dll %SystemDir%\li.exe %SystemDir%\lich.exe %SystemDir%\links.exe %SystemDir%\ll.exe %SystemDir%\loadadv???.exe %SystemDir%\loadctr32.exe %SystemDir%\loader.exe %SystemDir%\localhost32.exe %SystemDir%\loggiver.dll %SystemDir%\logic.sam %SystemDir%\lognch.exe %SystemDir%\logon032.dll %SystemDir%\lqvkx.fkq %SystemDir%\lrnjnzf.dll %SystemDir%\lssvs.exe %SystemDir%\lt.res %SystemDir%\LuResult.txt %SystemDir%\lut.dat %SystemDir%\lwpfwjb.dll %SystemDir%\m00.exe %SystemDir%\main.exe %SystemDir%\maxd1.exe %SystemDir%\maxd64.exe %SystemDir%\mcc.exe %SystemDir%\mdms.exe %SystemDir%\mfjfge.dll %SystemDir%\migicons.exe %SystemDir%\mirarsearch_toolbar.exe %SystemDir%\mirarsearch_tool cash.exe %SystemDir%\mivmv.dll %SystemDir%\mljigge.dll %SystemDir%\mlraakb.dll %SystemDir%\mnmsrv.exe %SystemDir%\monem.dll %SystemDir%\moywh.dll %SystemDir%\mpcsvc.exe %SystemDir%\MS13.exe %SystemDir%\msahgjee.dll %SystemDir%\msalert.exe %SystemDir%\msasvc.exe %SystemDir%\msbind32.exe %SystemDir%\mscnf.dll %SystemDir%\mscomserv.bin %SystemDir%\mscomserv.exe %SystemDir%\mscornet.exe %SystemDir%\msdcom32.dll %SystemDir%\msdde.dll %SystemDir%\msdn_lib.dll %SystemDir%\msgcli.dll %SystemDir%\mshtml32.tdb Services: Microsoft authenticate service MS COMMON SERVICE [2008-02-22] File Version 1.2.10.2526 O2 - BHO: MS Video Control 1.0 - {4E21495F-0004-4614-9DC9-6B8F7E5024F5} - C:\Windows\msvidc32.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{4E21495F-0004-4614-9DC9-6B8F7E5024F5}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E21495F-0004-4614-9DC9-6B8F7E5024F5}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E21495F-0004-4614-9DC9-6B8F7E5024F5}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{917F93BF-6714-4E11-8982-59DB2E0F88FC}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D9F6CE57-0718-4BD1-916F-5FB1F86911C2}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{917F93BF-6714-4E11-8982-59DB2E0F88FC}"=- "{D9F6CE57-0718-4BD1-916F-5FB1F86911C2}"=- "{E94EB13E-D78F-0857-7734-5E67A49FFFF1}"=- "{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C}"=- %MyDocumentsDir%\pos0.tmp %MyDocumentsDir%\pos1.tmp %MyDocumentsDir%\pos2.tmp %MyDocumentsDir%\pos3.tmp %MyDocumentsDir%\pos4.tmp %MyDocumentsDir%\pos5.tmp %MyDocumentsDir%\pos6.tmp %MyDocumentsDir%\pos7.tmp %MyDocumentsDir%\pos8.tmp %MyDocumentsDir%\pos9.tmp %MyDocumentsDir%\posA.tmp %MyDocumentsDir%\posB.tmp %MyDocumentsDir%\posC.tmp %MyDocumentsDir%\posD.tmp %MyDocumentsDir%\posE.tmp %MyDocumentsDir%\posF.tmp %MyDocumentsDir%\pos0?.tmp %MyDocumentsDir%\pos1?.tmp %MyDocumentsDir%\pos2?.tmp %MyDocumentsDir%\pos4?.tmp %MyDocumentsDir%\pos5?.tmp %MyDocumentsDir%\pos6?.tmp %MyDocumentsDir%\pos7?.tmp %MyDocumentsDir%\pos8?.tmp %MyDocumentsDir%\pos9?.tmp %MyDocumentsDir%\posA?.tmp %MyDocumentsDir%\posB?.tmp %MyDocumentsDir%\posC?.tmp %MyDocumentsDir%\posD?.tmp %MyDocumentsDir%\posE?.tmp %MyDocumentsDir%\posF?.tmp %MyDocumentsDir%\pos0??.tmp %MyDocumentsDir%\pos1??.tmp %MyDocumentsDir%\pos2??.tmp %MyDocumentsDir%\pos3??.tmp %MyDocumentsDir%\pos4??.tmp %MyDocumentsDir%\pos5??.tmp %MyDocumentsDir%\pos6??.tmp %MyDocumentsDir%\pos7??.tmp %MyDocumentsDir%\pos8??.tmp %MyDocumentsDir%\pos9??.tmp %MyDocumentsDir%\posA??.tmp %MyDocumentsDir%\posB??.tmp %MyDocumentsDir%\posC??.tmp %MyDocumentsDir%\posD??.tmp %MyDocumentsDir%\posE??.tmp %MyDocumentsDir%\posF??.tmp %MyDocumentsDir%\pos0???.tmp %MyDocumentsDir%\pos1???.tmp %MyDocumentsDir%\pos2???.tmp %MyDocumentsDir%\pos3???.tmp %MyDocumentsDir%\pos4???.tmp %MyDocumentsDir%\pos5???.tmp %MyDocumentsDir%\pos6???.tmp %MyDocumentsDir%\pos7???.tmp %MyDocumentsDir%\pos8???.tmp %MyDocumentsDir%\pos9???.tmp %MyDocumentsDir%\posA???.tmp %MyDocumentsDir%\posB???.tmp %MyDocumentsDir%\posC???.tmp %MyDocumentsDir%\posD???.tmp %MyDocumentsDir%\posE???.tmp %MyDocumentsDir%\posF???.tmp %MyDocumentsDir%\pos0????.tmp %MyDocumentsDir%\pos1????.tmp %MyDocumentsDir%\pos2????.tmp %MyDocumentsDir%\pos3????.tmp %MyDocumentsDir%\pos4????.tmp %MyDocumentsDir%\pos5????.tmp %MyDocumentsDir%\pos6????.tmp %MyDocumentsDir%\pos7????.tmp %MyDocumentsDir%\pos8????.tmp %MyDocumentsDir%\pos9????.tmp %MyDocumentsDir%\posA????.tmp %MyDocumentsDir%\posB????.tmp %MyDocumentsDir%\posC????.tmp %MyDocumentsDir%\posD????.tmp %MyDocumentsDir%\posE????.tmp %MyDocumentsDir%\posF????.tmp %SystemDir%\IEFilter.dll %SystemDir%\IeHelperExVS.dll %SystemDir%\iesplg.dll %SystemDir%\igkvf.dll %SystemDir%\igpfced.dll %SystemDir%\igzxwrl.dll %SystemDir%\iheuv.dll %SystemDir%\ijftc.dll %SystemDir%\ikhcore.log %SystemDir%\iklqcx.dll %SystemDir%\ilmpjy.dll %SystemDir%\image.gif.exe %SystemDir%\image1.gif.exe %SystemDir%\ImaS3r %SystemDir%\imfdfcj.dll %SystemDir%\impgsje.dll %SystemDir%\index_dsp.html %SystemDir%\indwvm.dll %SystemDir%\inetp60.dll %SystemDir%\info.txt %SystemDir%\inst.exe %SystemDir%\intel32.exe %SystemDir%\intell32.exe %SystemDir%\intelli321.exe %SystemDir%\intercept.dll %SystemDir%\interf.tlb %SystemDir%\intmon.exe %SystemDir%\intmonp.exe %SystemDir%\intxt.exe %SystemDir%\ioctl.dll %SystemDir%\ioctrl.dll %SystemDir%\ipf.exe %SystemDir%\txdkfh.dll %SystemDir%\wbchha.dll [2008-02-19] File Version 1.2.10.2397 O2 - BHO: MS Video Control 1.0 - {853D915E-40FF-4125-996E-89DD934B2060} - C:\Windows\msvidc32.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{853D915E-40FF-4125-996E-89DD934B2060}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{853D915E-40FF-4125-996E-89DD934B2060}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{853D915E-40FF-4125-996E-89DD934B2060] O2 - BHO: MS Video Control 1.0 - {EEBA7DF1-A821-469A-BD31-206AD73CFA9B} - C:\Windows\msvidc32.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{EEBA7DF1-A821-469A-BD31-206AD73CFA9B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEBA7DF1-A821-469A-BD31-206AD73CFA9B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEBA7DF1-A821-469A-BD31-206AD73CFA9B}] O2 - BHO: MS Video Control 1.0 - {F7B62E04-C4AF-4814-88EE-D5EBDBAD6387} - C:\Windows\msvidc32.dll [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F7B62E04-C4AF-4814-88EE-D5EBDBAD6387}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F7B62E04-C4AF-4814-88EE-D5EBDBAD6387}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F7B62E04-C4AF-4814-88EE-D5EBDBAD6387}] VirusHeat: [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{37F89457-1208-4670-9245-58C62BD6D870}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\VirusHeat 4.3.exe 4.3] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "VirusHeat 4.3"=- [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusHeat 4.3] [-HKEY_LOCAL_MACHINE\SOFTWARE\VirusHeat 4.3] Files: %SystemDir%\audiosrv32.dll %SystemDir%\authz32.dll %SystemDir%\autodisc32.dll %SystemDir%\avifile32.dll %SystemDir%\avisynthex32.dll %SystemDir%\aviwrap32.dll %SystemDir%\avtmd.exe %SystemDir%\awtqo.dll %SystemDir%\awvvw.dll %SystemDir%\axlet.dll %SystemDir%\ayjhc.dll %SystemDir%\azdd.exe %SystemDir%\azebar.xml %SystemDir%\azesearch.inf %SystemDir%\azesearch? %SystemDir%\barseek.dll.ocx %SystemDir%\bbgif32.dll %SystemDir%\bdzzzcl.dll %SystemDir%\beahahl.dll %SystemDir%\bensorty03.dll %SystemDir%\bggif32.dll %SystemDir%\bgif32.dll %SystemDir%\bgwttyl.dll %SystemDir%\bhoimpl.dll %SystemDir%\biasfardihuy.dll %SystemDir%\bin29a.log %SystemDir%\birdasfihuy.dll %SystemDir%\birdasfihuy32.dll %SystemDir%\birdihuy.dll %SystemDir%\bk.exe %SystemDir%\bndmod.exe %SystemDir%\bnmsrv.exe %SystemDir%\boln.dll %SystemDir%\bolnyz.dll %SystemDir%\bootcf64.exe %SystemDir%\bpkwb.dll %SystemDir%\bpvcou.dll %SystemDir%\bqrcr.dll %SystemDir%\bre.dll %SystemDir%\bre32.dll %SystemDir%\bridge.dll %SystemDir%\bronto.d