FixIEDef
                              Copyright (c) 2007-2009 ShadowPuterDude

Change Log
[2009-03-04]
1.7.22.7514

HijackThis:
O2 - BHO: cvshost32 - {A7D5DFA9-9F96-492F-B1F5-4D1385C8E034} - %System%\{RANDOM}.dll
O2 - BHO: TrumanBar - {BDF6E57E-7330-40CB-8363-D82E9BFF223B} - %System%\{RANDOM}.dll

Registry:
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7D5DFA9-9F96-492F-B1F5-4D1385C8E034}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDF6E57E-7330-40CB-8363-D82E9BFF223B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A7D5DFA9-9F96-492F-B1F5-4D1385C8E034}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BDF6E57E-7330-40CB-8363-D82E9BFF223B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{685EDF73-6BF2-45EA-A1C1-1C4C0C044307}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{68D9B1ED-EB73-428A-B20A-24C8C9FFB984}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9EFB101A-EA9A-4065-B8A4-8963FC57C446}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B59993BF-D41F-427A-B7D0-EC11F4D6FB26}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Ho4ydomoj]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Ho4ydomoj.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JopaBlizko]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JopaBlizko.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7D5DFA9-9F96-492F-B1F5-4D1385C8E034}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDF6E57E-7330-40CB-8363-D82E9BFF223B}]

[2009-02-28]
1.7.22.7500

HijackThis:
O2 - BHO: LaIe - {79848780-3218-4973-9C99-627926B6F4A4} - %System%\{RANDOM}.dll
O2 - BHO: LmIE.BHO - {2D28EBA6-4EC0-45F1-AF6E-A8E174AA7E83} - %System%\{RANDOM}.dll

Files:
%SystemDir%\ejfsys.dll
%SystemDir%\ejfwin.dll
%SystemDir%\ejgsys.dll
%SystemDir%\ejgwin.dll
%SystemDir%\eyfsys.dll
%SystemDir%\eyfwin.dll
%SystemDir%\eygsys.dll
%SystemDir%\eygwin.dll
%SystemDir%\gjfsys.dll
%SystemDir%\gjfwin.dll
%SystemDir%\gjgsys.dll
%SystemDir%\gjgwin.dll
%SystemDir%\gyfsys.dll
%SystemDir%\gyfwin.dll
%SystemDir%\gygsys.dll
%SystemDir%\gygwin.dll

Registry:
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2D28EBA6-4EC0-45F1-AF6E-A8E174AA7E83}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{79848780-3218-4973-9C99-627926B6F4A4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2D28EBA6-4EC0-45F1-AF6E-A8E174AA7E83}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{79848780-3218-4973-9C99-627926B6F4A4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{59D60866-798E-4301-83E1-63E4379B25C3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CBAA871D-426D-46A6-BACE-3597E2B0CE7B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CEAFB1DA-70BB-4FC5-AE6C-F64149454288}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D94C46A3-F89B-45C2-962A-76E300DC5C40}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\whatwedo]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\whatwedo.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2D28EBA6-4EC0-45F1-AF6E-A8E174AA7E83}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{79848780-3218-4973-9C99-627926B6F4A4}]

[2009-02-22]
1.7.22.7472

HijackThis:
O2 - BHO: AVSys32 - {DDFEEE23-CDFE-4ED9-B0BE-22A18F307BB3} - %System%\{RANDOM}.dll
O2 - BHO: WinClock32 - {14204BEC-69C4-40F4-BCB9-0A7DD2545D2B} - %System%\{RANDOM}.dll

Registry:
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{14204BEC-69C4-40F4-BCB9-0A7DD2545D2B}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DDFEEE23-CDFE-4ED9-B0BE-22A18F307BB3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14204BEC-69C4-40F4-BCB9-0A7DD2545D2B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DDFEEE23-CDFE-4ED9-B0BE-22A18F307BB3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{564A9F0C-B250-4EB0-9316-00EDC333ED72]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9D32CF35-7514-4715-B9DC-11FC504943EF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A238A620-CB7B-4152-8A0A-CE459ED1F44C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EB177A7E-9596-4C3A-A64F-CD00E9CD3238}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BilliBons]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BilliBons.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BomberJack]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BomberJack.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14204BEC-69C4-40F4-BCB9-0A7DD2545D2B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DDFEEE23-CDFE-4ED9-B0BE-22A18F307BB3}]

[2009-02-20]
1.7.22.7458

HijackThis:
O2 - BHO: IESourceView - {F5373D32-707B-4582-B10D-6AEDCF9B4B72} - %System%\{RANDOM}.dll
O2 - BHO: Search.tbl - {DF3C4FEB-1BE2-49F9-A393-A1FBE526E21E} - %System%\{RANDOM}.dll
O2 - BHO: WinClick32 - {C79C0828-DBE7-4E19-BA25-F0A178AA81A1} - %System%\{RANDOM}.dll
O2 - BHO: WinCtl - {9E45F800-15EA-4E01-BEE2-773F07B1F39C} - %System%\{RANDOM}.dll

Registry:
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9E45F800-15EA-4E01-BEE2-773F07B1F39C}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C79C0828-DBE7-4E19-BA25-F0A178AA81A1}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF3C4FEB-1BE2-49F9-A393-A1FBE526E21E}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F5373D32-707B-4582-B10D-6AEDCF9B4B72}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9E45F800-15EA-4E01-BEE2-773F07B1F39C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C79C0828-DBE7-4E19-BA25-F0A178AA81A1}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DF3C4FEB-1BE2-49F9-A393-A1FBE526E21E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F5373D32-707B-4582-B10D-6AEDCF9B4B72}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{038DF718-B2C5-42EC-A768-A1729ACC2D5B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{12B5A600-CCA8-4443-B82C-8160D68B47FE}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{23DD472E-9CA6-42AF-8BBE-F6739A3CFB4B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{44BDF715-E742-4364-9519-135C4F5BCF9F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A9391A49-0C76-4613-9EEB-E8BD57B4EAC6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E2635CBD-E857-42E2-81F0-0B5D930DEAD2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E922682D-CACF-4B09-A572-BE014255BD6F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{ED1DCF6D-B1A6-4FAE-B7D1-2700C02E9296}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Binimikini]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Binimikini.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Intuit]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Intuit.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JolaBor]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JolaBor.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NagPos]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NagPos.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9E45F800-15EA-4E01-BEE2-773F07B1F39C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C79C0828-DBE7-4E19-BA25-F0A178AA81A1}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF3C4FEB-1BE2-49F9-A393-A1FBE526E21E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5373D32-707B-4582-B10D-6AEDCF9B4B72}]

[2009-02-15]
1.7.22.7430

HijackThis:
O2 - BHO: Agent - {930E7881-D9F3-4293-A24B-23A80C013378} - %System%\{RANDOM}.dll
O2 - BHO: AmeoToolbar - {82F25EE1-F69D-4162-B6AA-5AA10EF927C4} - %System%\{RANDOM}.dll
O2 - BHO: SysCli.Ctrl - {2D0733B6-0BAC-47C1-909A-D9DB0533FFAF} - %System%\{RANDOM}.dll
O2 - BHO: Win32-DNSChanger - {930E7881-D9F3-4293-A24B-23A80C013378} - %System%\{RANDOM}.dll

Files:
%SystemDir%\fehyki.dll
%SystemDir%\fehykt.dll
%SystemDir%\fehyli.dll
%SystemDir%\fehylt.dll
%SystemDir%\fejoki.dll
%SystemDir%\fejokt.dll
%SystemDir%\fejoli.dll
%SystemDir%\fejolt.dll
%SystemDir%\guhyki.dll
%SystemDir%\guhykt.dll
%SystemDir%\guhyli.dll
%SystemDir%\guhylt.dll
%SystemDir%\gujoki.dll
%SystemDir%\gujokt.dll
%SystemDir%\gujoli.dll
%SystemDir%\gujolt.dll

Registry:
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2D0733B6-0BAC-47C1-909A-D9DB0533FFAF}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82F25EE1-F69D-4162-B6AA-5AA10EF927C4}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{930E7881-D9F3-4293-A24B-23A80C013378}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2D0733B6-0BAC-47C1-909A-D9DB0533FFAF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{82F25EE1-F69D-4162-B6AA-5AA10EF927C4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{930E7881-D9F3-4293-A24B-23A80C013378}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2644A8E6-6AD2-4068-B902-5ABC07441EED}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{70FFDC96-B410-4030-8A53-0D708EC40E36}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7A85CDF5-284B-4496-A9A7-DD82FEE9DCEC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A0960DBB-D8C8-4771-AD4A-F0493CCB1582}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A92F13BE-E67F-45D9-B7F2-7E41D8080130}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B7405534-A45C-40DA-ABBF-8A80BE3242D6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FCD4B2F5-8793-4E1F-8774-6E520CF6CD79}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Dintaki]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Dintaki.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Ginaos]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Ginaos.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LmasPois]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LmasPois.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Mackeas]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Mackeas.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2D0733B6-0BAC-47C1-909A-D9DB0533FFAF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82F25EE1-F69D-4162-B6AA-5AA10EF927C4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{930E7881-D9F3-4293-A24B-23A80C013378}]

[2009-02-08]
1.7.22.7389

HijackThis:
O2 - BHO: ExSearchView - {D786FE7F-A933-4719-B8E7-A1C693D80A4D} - %System%\{RANDOM}.dll

Files:
%SystemDir%\cosext.dll
%SystemDir%\cosit.dll
%SystemDir%\coxext.dll
%SystemDir%\coxit.dll
%SystemDir%\usext.dll
%SystemDir%\cusit.dll
%SystemDir%\cuxext.dll
%SystemDir%\cuxit.dll
%SystemDir%\vosext.dll
%SystemDir%\vosit.dll
%SystemDir%\voxext.dll
%SystemDir%\voxit.dll
%SystemDir%\vusext.dll
%SystemDir%\vusit.dll
%SystemDir%\vuxext.dll
%SystemDir%\vuxit.dll

Registry:
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D786FE7F-A933-4719-B8E7-A1C693D80A4D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D786FE7F-A933-4719-B8E7-A1C693D80A4D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{756EA0E2-0600-4AF8-A547-F7E980ABEB36}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D1C6D45B-C788-4413-8C55-803793CD6E5D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D786FE7F-A933-4719-B8E7-A1C693D80A4D}]

[2009-02-01]
1.7.22.7368

HijackThis:
O2 - BHO: AsianSearchToolbar - {14EAF723-CAAC-42CE-BA4D-F69DC3A4A838} - %System%\{RANDOM}.dll
O2 - BHO: BinView - {54FBB5AD-5F1A-41BC-B884-7A198AAE6956} - %System%\{RANDOM}.dll
O2 - BHO: scriptproxy - {ED20882D-C379-47C5-883D-4D03D80004C7} - %System%\{RANDOM}.dll
O2 - BHO: Windows Live Sign-in - {F30A54E8-72C6-4907-AA5B-9F5FF8279082} - %System%\{RANDOM}.dll

Files:
%SystemDir%\jumast.dll
%SystemDir%\jumasz.dll
%SystemDir%\jumixt.dll
%SystemDir%\jumixz.dll
%SystemDir%\junast.dll
%SystemDir%\junasz.dll
%SystemDir%\junixt.dll
%SystemDir%\junixz.dll
%SystemDir%\lomast.dll
%SystemDir%\lomasz.dll
%SystemDir%\lomixt.dll
%SystemDir%\lomixz.dll
%SystemDir%\lonast.dll
%SystemDir%\lonasz.dll
%SystemDir%\lonixt.dll
%SystemDir%\lonixz.dll

Registry:
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{14EAF723-CAAC-42CE-BA4D-F69DC3A4A838}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{54FBB5AD-5F1A-41BC-B884-7A198AAE6956}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED20882D-C379-47C5-883D-4D03D80004C7}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F30A54E8-72C6-4907-AA5B-9F5FF8279082}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14EAF723-CAAC-42CE-BA4D-F69DC3A4A838}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{54FBB5AD-5F1A-41BC-B884-7A198AAE6956}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{ED20882D-C379-47C5-883D-4D03D80004C7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F30A54E8-72C6-4907-AA5B-9F5FF8279082}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0EE48CE7-3B6D-4489-9F86-D46159147AF5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{111F9296-2B08-44B9-8D5E-BEAB867A0E2F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{47763D3E-6810-42BD-8A43-67EDB738265D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{62CA9254-5246-412C-9141-1486B0F519C0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{63F102EE-99D9-4B22-9072-BF4F5723CE69}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9CF88A15-822B-4A57-8693-6CE848799299}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A2A8C8B0-BD94-4A5F-9FE5-A4F1CD3C01FF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F17DACBC-737A-481F-B587-E500EC210426}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\aKam]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\aKam.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Bohia]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Bohia.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Klsm]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Klsm.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14EAF723-CAAC-42CE-BA4D-F69DC3A4A838}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54FBB5AD-5F1A-41BC-B884-7A198AAE6956}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ED20882D-C379-47C5-883D-4D03D80004C7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F30A54E8-72C6-4907-AA5B-9F5FF8279082}]

[2009-01-27]
1.7.22.7326

HijackThis:
O2 - BHO: GearTool - {6978074F-9702-4EDB-8172-4DD019693D40} - %System%\{RANDOM}.dll

Registry:
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6978074F-9702-4EDB-8172-4DD019693D40}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6978074F-9702-4EDB-8172-4DD019693D40}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1844B74D-6338-442F-9A2A-4B939DABCB7E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5026DFE5-D709-41B5-82AA-9215CF85B38A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\KiskOps]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\KiskOps.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6978074F-9702-4EDB-8172-4DD019693D40}]

[2009-01-26]
1.7.22.7319

Removes IE-Security

HijackThis:
O2 - BHO: Mio - {EC39F8C6-50FA-4703-9A61-619A859C5A5C} - %System%\{RANDOM}.dll
O2 - BHO: PowerToolbar - {D7919015-910D-44BB-9059-4080A4D64ABD} - %System%\{RANDOM}.dll

Files:
%DesktopDir%\IE-Security.lnk
%ProgramsDir%\IE-Security.lnk
%ProgramFilesDir%\IE-Security\ies.s1
%ProgramFilesDir%\IE-Security\ies.s2
%ProgramFilesDir%\IE-Security\ies.s3
%ProgramFilesDir%\IE-Security\ies.s4
%ProgramFilesDir%\IE-Security\iescan.exe
%ProgramFilesDir%\IE-Security\uninstall.exe
%SystemDir%\hbsa.dll
%SystemDir%\hbsf.dll
%SystemDir%\hbxa.dll
%SystemDir%\hbxf.dll
%SystemDir%\hhsa.dll
%SystemDir%\hhsf.dll
%SystemDir%\hhxa.dll
%SystemDir%\hhxf.dll
%SystemDir%\jbsa.dll
%SystemDir%\jbsf.dll
%SystemDir%\jbxa.dll
%SystemDir%\jbxf.dll
%SystemDir%\jhsa.dll
%SystemDir%\jhsf.dll
%SystemDir%\jhxa.dll
%SystemDir%\jhxf.dll

Folders:
%ProgramFiles%\IE-Security

Registry:
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D7919015-910D-44BB-9059-4080A4D64ABD}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EC39F8C6-50FA-4703-9A61-619A859C5A5C}]
[-HKEY_CURRENT_USER\Software\IE-Security]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IE-Security"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D7919015-910D-44BB-9059-4080A4D64ABD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EC39F8C6-50FA-4703-9A61-619A859C5A5C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3356AFDE-4743-4314-B87E-5A616A30FED1}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B239A766-5643-466A-A35C-C55446C9920F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BD6BEDA3-C1AA-409D-AF9B-373ABB811851}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E040CB09-0780-471A-903C-25E6C594111E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Leofa]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Leofa.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Lola]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Lola.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D7919015-910D-44BB-9059-4080A4D64ABD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EC39F8C6-50FA-4703-9A61-619A859C5A5C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE-Security]

[2009-01-20]
1.7.22.7283

HijackThis:
O2 - BHO: LoasJio - {C7C343B5-26E8-4C17-A71C-9C8BB6FBD676} - %System%\{RANDOM}.dll

Files:
%SystemDir%\kego32.dll
%SystemDir%\kego32a.dll
%SystemDir%\kewo32.dll
%SystemDir%\kewo32a.dll
%SystemDir%\kiago32.dll
%SystemDir%\kiago32a.dll
%SystemDir%\kiawo32.dll
%SystemDir%\kiawo32a.dll

Registry:
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7C343B5-26E8-4C17-A71C-9C8BB6FBD676}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C7C343B5-26E8-4C17-A71C-9C8BB6FBD676}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{363F3850-E33C-4F7E-8A17-E7DF0F12D52A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AC41F2BD-EE7D-4BC2-8C2E-4198E83CEAD3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Kikabu]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Kikabu.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7C343B5-26E8-4C17-A71C-9C8BB6FBD676}]

[2009-01-13]
1.7.22.7268

Now determines OS Architecture.
Changes method of CPU Architecture detection.

HijackThis:
O2 - BHO: BioSmuth - {72132FDD-5B51-4BC1-BCC8-860F20AF1BF9} - %System%\{RANDOM}.dll

Registry:
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{72132FDD-5B51-4BC1-BCC8-860F20AF1BF9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72132FDD-5B51-4BC1-BCC8-860F20AF1BF9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{07C96737-555F-4B9E-9AE8-E2865CC57DBA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C2C4A414-36E5-4AE0-A9B2-5953DF3A0FCF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\KKAMLA]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\KKAMLA.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72132FDD-5B51-4BC1-BCC8-860F20AF1BF9}]

[2009-01-07]
1.7.20.7261
HijackThis:
O2 - BHO: KolinsToolbar - {E256C746-A66E-4A7E-984B-404E03A6BFA2} - %System%\{RANDOM}.dll

Files:
%SystemDir%\inta1a.dll
%SystemDir%\inta1b.dll
%SystemDir%\inta5a.dll
%SystemDir%\inta5b.dll
%SystemDir%\inte1a.dll
%SystemDir%\inte1b.dll
%SystemDir%\inte5a.dll
%SystemDir%\inte5b.dll
%SystemDir%\systa1a.dll
%SystemDir%\systa1b.dll
%SystemDir%\systa5a.dll
%SystemDir%\systa5b.dll
%SystemDir%\syste1a.dll
%SystemDir%\syste1b.dll
%SystemDir%\syste5a.dll
%SystemDir%\syste5b.dll

Registry:
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E256C746-A66E-4A7E-984B-404E03A6BFA2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JKam]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JKam.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E256C746-A66E-4A7E-984B-404E03A6BFA2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{99C5C14C-6AAA-4201-AE7C-4B9CCE4544C1}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AFE96D2E-9633-4583-8A5D-7ED668E41A85}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E256C746-A66E-4A7E-984B-404E03A6BFA2}]

[2009-01-03]
1.7.20.7238

HijackThis:
O2 - BHO: LuckInet - {EE59584D-8473-4CC6-B20E-DE7B5804F8AC} - %System%\{RANDOM}.dll
O2 - BHO: PolMaker - {EAA3FD3B-107B-4944-8139-B6D57E0358A5} - %System%\{RANDOM}.dll

Files:
%DesktopDir%\Cheap Software.url
%DesktopDir%\MP3 Download.url
%DesktopDir%\SMS TRAP.url
%FavoritesDir%\Cheap Software.url
%FavoritesDir%\MP3 Download.url
%FavoritesDir%\SMS TRAP.url
%StartMenuDir%\Cheap Software.url
%StartMenuDir%\MP3 Download.url
%StartMenuDir%\SMS TRAP.url
%WindowsDir%\ios.dat
%SystemDir%\kdb32.dll
%SystemDir%\kdb32a.dll
%SystemDir%\kdz32.dll
%SystemDir%\kdz32a.dll
%SystemDir%\kgb32.dll
%SystemDir%\kgb32a.dll
%SystemDir%\kgz32.dll
%SystemDir%\kgz32a.dll
%SystemDir%\m3.ico 
%SystemDir%\p.ico 
%SystemDir%\sf.ico 
%SystemDir%\tdb32.dll
%SystemDir%\tdb32a.dll
%SystemDir%\tdz32.dll
%SystemDir%\tdz32a.dll
%SystemDir%\tgb32.dll
%SystemDir%\tgb32a.dll
%SystemDir%\tgz32.dll
%SystemDir%\tgz32a.dll

Registry:
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EAA3FD3B-107B-4944-8139-B6D57E0358A5}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE59584D-8473-4CC6-B20E-DE7B5804F8AC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EAA3FD3B-107B-4944-8139-B6D57E0358A5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE59584D-8473-4CC6-B20E-DE7B5804F8AC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{91A01D8B-7A70-469E-8753-AFDC05884D5E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{97CB8FA9-CFA1-48B4-8568-D5130309352D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EAA3FD3B-107B-4944-8139-B6D57E0358A5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE59584D-8473-4CC6-B20E-DE7B5804F8AC}]

[2008-12-26]
1.7.20.7201

HijackThis:
O2 - BHO: AmskerBar - {B05D1A1E-9F4C-4CCE-91AD-DB5CFF9796DD} - %System%\{RANDOM}.dll
O2 - BHO: ExtIEviewer - {60DAD1D2-4C0B-40D4-97E5-4A358AB1FE22} - %System%\{RANDOM}.dll
O2 - BHO: GigaNet.com - {DE2C5EF2-DFBF-49B0-BBF2-3B2805A52722} - %System%\{RANDOM}.dll
O2 - BHO: Koal.com - {3D1380C8-274A-4C31-8372-DD17055F1D33} - %System%\{RANDOM}.dll
O2 - BHO: LamasBar.Ie - {46CFEC0B-CA28-4C82-BD91-EF9C6AE197B5} - %System%\{RANDOM}.dll
O2 - BHO: LooseOwn - {99CE11B7-A2CA-426A-93BF-C1650ECFCDE8} - %System%\{RANDOM}.dll
O2 - BHO: SmsToolbar - {D804F606-DC8A-4ECD-9FF7-10390305239B} - %System%\{RANDOM}.dll
O2 - BHO: WI64_google - {D59FD1DB-2835-4F0D-B239-ECF7E05E6390} - %System%\{RANDOM}.dll

Files:
%SystemDir%\dhegaza.dll
%SystemDir%\dhegazr.dll
%SystemDir%\dhegoza.dll
%SystemDir%\dhegozr.dll
%SystemDir%\dhofaza.dll
%SystemDir%\dhofazr.dll
%SystemDir%\dhofoza.dll
%SystemDir%\dhofozr.dll
%SystemDir%\fegaza.dll
%SystemDir%\fegazr.dll
%SystemDir%\fegoza.dll
%SystemDir%\fegozr.dll
%SystemDir%\fkimjze.dll
%SystemDir%\fkimjzg.dll
%SystemDir%\fkimuve.dll
%SystemDir%\fkimuvg.dll
%SystemDir%\fkinjze.dll
%SystemDir%\fkinjzg.dll
%SystemDir%\fkinuve.dll
%SystemDir%\fkinuvg.dll
%SystemDir%\fofaza.dll
%SystemDir%\fofazr.dll
%SystemDir%\fofoza.dll
%SystemDir%\fofozr.dll
%SystemDir%\hfca.dll
%SystemDir%\hfcr.dll
%SystemDir%\hfza.dll
%SystemDir%\hfzr.dll
%SystemDir%\hoca.dll
%SystemDir%\hocr.dll
%SystemDir%\hoza.dll
%SystemDir%\hozr.dll
%SystemDir%\kmue.dll
%SystemDir%\kmug.dll
%SystemDir%\kmze.dll
%SystemDir%\kmzg.dll
%SystemDir%\knue.dll
%SystemDir%\knug.dll
%SystemDir%\knze.dll
%SystemDir%\knzg.dll
%SystemDir%\lmue.dll
%SystemDir%\lmug.dll
%SystemDir%\lmze.dll
%SystemDir%\lmzg.dll
%SystemDir%\lnue.dll
%SystemDir%\lnug.dll
%SystemDir%\lnze.dll
%SystemDir%\lnzg.dll
%SystemDir%\rtciper.dll
%SystemDir%\rtcipot.dll
%SystemDir%\rtenazer.dll
%SystemDir%\rtenazot.dll
%SystemDir%\tahciper.dll
%SystemDir%\tahcipot.dll
%SystemDir%\tahenazer.dll
%SystemDir%\tahenazot.dll
%SystemDir%\ufca.dll
%SystemDir%\ufcr.dll
%SystemDir%\ufza.dll
%SystemDir%\ufzr.dll
%SystemDir%\ulimjze.dll
u%SystemDir%\limjzg.dll
%SystemDir%\ulimuve.dll
%SystemDir%\ulimuvg.dll
%SystemDir%\ulinjze.dll
%SystemDir%\ulinjzg.dll
%SystemDir%\ulinuve.dll
%SystemDir%\ulinuvg.dll
%SystemDir%\uoca.dll
%SystemDir%\uocr.dll
%SystemDir%\uoza.dll
%SystemDir%\uozr.dll

Registry:
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{04A67DA5-880B-452F-B193-463452C40B41}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0603D38B-C4FF-458D-9E9A-C0FD113FAEC3}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{065B1210-E57F-41AD-90C5-F70D63388640}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{06717D20-4FAA-48E1-B4BA-E8F80DAF1F06}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07EF0649-D5BA-4139-B0A2-4D047F223B2D}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0848225A-8181-42FC-8C68-F0A543B12967}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{09A26406-041E-4FF5-9A88-0574721445B4}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0CF8753B-DEB6-4266-BEFF-71F5E0312B0D}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0EEDB911-C5FA-486F-8334-57288578C627}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F95467C-AB44-4274-BEEA-2A75AB01B77E}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{11160F05-7B64-4E5C-9C42-C69E2C78CE14}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{156DD78A-CB74-4822-A17C-9CF02B43F72A}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{15977918-3A04-4982-8E45-EDC618371EBE}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{19B8572F-894F-41E0-9309-00091B688905}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1AB6932F-92FE-42E6-870C-544AE458EA78}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1C1B8A44-61FE-411E-8F33-813A4E2E2984}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1CF50F68-ECAD-45C6-AFC1-B5DC4B95B15E}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1EF7B347-DBAF-412F-879D-DC7A95BFCC94}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1F88A6F5-908C-4C28-9A81-829953C5F5C5}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1F91C786-BBA0-41D2-8B3D-B88242677BAC}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1FBC6925-90A0-404E-83E6-F0FBCC7AD034}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{21BC9DFA-3E14-4753-9CBD-16A009AE1144}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{26B1DC31-2051-49DD-AEA6-368E702E5B63}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{284AAAD9-FDF9-49A3-93ED-9CAE4AA26805}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{28F51CDA-3BD1-4F06-8F7B-2A881411983F}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A4601BC-8376-422D-A2FC-DDF0A40570BD}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2B53C730-8A79-4E13-A35F-3E41CA13E12F}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2FF811E6-8925-4084-A649-C159955E67E8}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3084A75F-5350-4D8B-BC5F-6B378035C133}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{341116E2-9CC4-4A6E-9303-4819C84846DE}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{34B4DFE0-E110-4936-BE49-C4F3684FB458}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{38E4618F-E3E4-42E9-925F-6B02C798BD94}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3A303EF6-2598-4D2D-B4DA-DEFA7CD0DC51}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3D1380C8-274A-4C31-8372-DD17055F1D33}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3F1CEB16-3615-47ED-B153-3E98A4B9F3F5}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{401F4B6B-3C36-4E8D-BC07-F46FC6D67D9A}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{435ADC46-DCAB-4593-92C8-25D2BEFCEAB7}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{43D65102-A7BE-4C88-9737-44D2AD81394A}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{44B1C291-CF3E-4B66-8BAB-31040FDC30A9}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{45245B53-72FB-46CA-B5F5-ABA01D9B8E51}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{463F66BC-3B6F-4FDE-969C-94F594FECE07}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{465DACD9-7035-4824-AE3E-F883EBE97261}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{46CFEC0B-CA28-4C82-BD91-EF9C6AE197B5}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{47FE9CB0-BFEE-4EBB-8BE2-F65F8811CEE7}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{486D0362-657B-4771-B56D-AE29AA31B78B}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{48D8CC16-82FD-4C1B-B3FF-F706C8E75399}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4AD3A71E-8ED4-40F5-9A81-69245BDCBB75}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D8F81B2-80C9-45B1-9F03-67B2B0D2320B}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E21495F-0004-4614-9DC9-6B8F7E5024F5}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{50AB4474-F8B5-4F66-BAC5-4251E765B827}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{50B051EE-8EF3-4D58-828D-74F0D1FFE4AA}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{53322B35-2C26-4FAC-A713-C31BBAA1C636}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{53C4786E-B8BC-4245-97C4-C4AFFE28A8CA}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{53E30863-280F-4CFA-99AB-55CAEB95271C}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{54202673-BD70-423C-AE57-5B2354567629}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{54629298-47B2-4F79-BC62-7B3648D70020}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{547F4E57-9025-403B-B619-073854A60DA1}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{567462FE-24DF-44DC-9D49-D296CDB35844}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{56D182B7-C06B-4A37-85F3-A7C018DEF8A7}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{57BE2636-F271-4151-9D4A-40A2663E4FD7}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{597AED5A-2DEA-431D-BE7E-F03BAB2AFB15}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5ADB5143-1CBD-4A52-A604-CCC8D76BA8D4}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5B171109-DED1-4403-90E9-6F7778533B9A}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C8494A5-7525-46B3-94C2-2F734EEBD48B}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5D682D50-876E-454C-90BE-EFE6028FE389}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5F841E5A-AA28-4037-BE7A-96E943E91F4D}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5F920865-38C9-40DA-8FCF-D9DC83F84EC5}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{60DAD1D2-4C0B-40D4-97E5-4A358AB1FE22}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{616D534C-3CA8-43AB-B439-618F850F1D2B}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{61FEBF12-793B-4D8A-8513-D1814FE2A395}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{62F96656-0788-4D00-8E32-D41C239E205B}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{649E2DCE-1AD1-470B-ACC8-42842396A94C}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{64C94B46-1079-4C75-BE9B-380F6AE7624C}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6599A965-FA2D-41CD-95B1-13140F1CF8A3}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{67956585-9B5C-4E2B-ABE1-A01BF3046EE1}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{67EE7798-F2A0-415C-9473-0F174BD5A8B8}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{681147C4-D615-461A-960F-655871E315C3}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{687A466A-D7CB-4FDF-965C-92462A82D7F0}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{69F6C0AE-0C78-4999-B6D1-62932A265C5D}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6D0386B3-FD72-488E-9740-90355AE21735}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6DDBF417-0774-46AD-940B-6A4D9A039407}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6ECB8E85-7A9E-4175-8113-1136D1A325DB}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{708F8B95-4012-4A3A-9494-5EEE5F8CC89E}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{73776361-F206-4A50-9687-801C6FE9BA31}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{73AB9095-4904-4C64-83D8-01F9F7DDC41C}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7445DC17-44B7-4818-A9CB-2BC24E67E8D7}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{746CBA32-C671-44F6-BC73-C5351A316D03}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{76086C05-4D0A-4B92-9219-2E3FE8C553F9}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7B7F5ACA-0A87-4214-B867-7D9BC8F7EBF5}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7C4829DD-809C-4F0C-AF74-8725962A0811}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7CF52009-F408-49AE-BBCB-6279CB53BB42}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7D6A0C8D-7C34-44FC-BED8-96528D13BEE9}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7D76D0EB-AE56-4DF4-AFFC-20AFF4344AC6}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7DB0A0E2-FD42-43AE-A12A-760DBBC3C876}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7DBF8390-552B-4D55-9F62-00D032032691}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7E61BB38-A952-40BA-98F0-0AD229658CB7}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7EA5E375-6136-496E-9616-E03B4F9EA1C0}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F47CD2E-581E-4C07-9AD5-82451B604699}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FAE709C-A4F1-40AD-95E2-D119CFB6B539}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FBB2D91-9964-4196-BAC5-D5E751762EC3}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8161DF25-78BD-412D-8B45-87EFD0839BC6}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8388F272-9EDA-4F4E-88FD-4711CBA4BA2B}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8495DD20-CB51-46BE-9B63-CB2F76E45C96}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{853D915E-40FF-4125-996E-89DD934B2060}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{86CE7BAE-CA66-4C38-88BF-B10DAA62D97E}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{87A69B72-DAE6-4517-BD12-42F62CF395FB}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{87FD33C2-7891-45D5-ACD1-7935F9AEA26B}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8AE578E0-6DF5-41E0-869F-F65A32D2F6BD}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8B2AE9C0-1555-4C92-905A-531532F15698}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8B580E40-6B46-44C8-9E80-A5AD6E1D1035}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8B65F8A9-BAD5-4261-BB6F-25B2020C3098}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8CF21D67-EDE6-4BBC-A009-D2CF3AAA0AE2}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8D820860-2FA8-49A8-8809-B450ED80D3BB}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E9C2138-EFA4-4B14-9062-7FD1F7C10E82}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8EF40C36-293F-4749-8EA0-94FB3AD83FA1}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{907C8FB0-1205-4189-99C9-9E8DA884B0B0}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{926A61C9-5C20-4583-ACA7-ACE21088816E}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{93811B7D-621D-4230-A7D2-851BF93CBBAF}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{949859A7-EB1F-400D-BDBC-C48238BDF788}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{94EDC7BA-1D2A-4DEA-9199-1DEB916BD6F6}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{95E1D855-9232-48F7-80D9-1ADB65B7939C}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{96074552-3830-40E3-8274-FB9E092F04EC}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{96488BA0-1A53-4583-8AC8-DB77560E8876}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{98237227-8F14-46CA-B743-241103BEE8A6}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9873E994-669E-4044-BA64-E5D9AD534A55}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{99CE11B7-A2CA-426A-93BF-C1650ECFCDE8}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A2F253AD-1F23-4D87-A64B-D6987F38D981}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4D16645-4149-41FB-B670-E06072E540C1}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4FDF7B4-EAD1-4872-A3F7-20FD86D6E798}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A83359CE-23D4-4E1A-9D4E-C94AEDD1A67C}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A8485774-8230-4D88-B00F-4A04A3E4FC1C}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{A9D17DA6-022A-454A-AB26-E104C0F6D13A}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AAF635CA-04C2-4EBA-B022-3A2F95A05A62}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AC16362B-5EDF-4E46-B7F6-EC24BB76E8C4}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{AFCB0C91-199F-4C49-9F62-09F8CBDAD17A}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B05D1A1E-9F4C-4CCE-91AD-DB5CFF9796DD}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B095AF15-2FB6-4239-95AD-D1E27ECC11C7}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B1892F58-1116-4DEC-92AA-577872EC3D3D}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B49949CA-3062-4FA3-A24A-E27BAFD7C940}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4EF0D13-5359-457D-BA85-C110AEC377B5}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B5B77C65-5849-48E4-999A-FACA72F7B822}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{B8DE8F32-8900-4F89-BFD5-CB4D49FEBE47}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA2020CE-AF34-4B1A-82D4-507C7F002079}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BACA5B3B-DD57-4E62-B986-9A5677FBF001}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BBEEBE4F-3EDA-40F4-A0AB-87593EE49C56}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC354443-937D-498B-A792-B6E388CDFCE6}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC37F38C-D37C-46FC-AC8D-93ABBCE72947}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BCCCB3D5-17DC-43DD-9F46-A31AB28FECB2}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{BE17AE9C-3BD1-4BAD-936F-B77B63D5763F}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C12FC24B-A7B9-487F-9603-5481EBF00C6F}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C3253D15-672D-46D5-8FE1-3FAB8E291E4F}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C41A222A-B516-4190-B0B7-0AF2CE7F5C28}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C420CF9F-D9D6-421F-958F-AA59906C2B12}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7E9503C-DA29-4183-8FA9-978C32852C20}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C9BB982C-503D-4C0C-BDC7-ECE2A7FADFE9}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CAD36397-AF2B-4F5D-9172-1D3874222A23}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CBC3486E-92D1-419D-BEBF-D3D972B87902}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CE0487CA-8B02-431E-BA63-D38844E020B5}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CEAF8FFD-A61C-46EF-A970-D77D90246918}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{CF9146DB-16F1-4B79-8DA1-EE14C55D5B06}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D12A16B5-7FAA-43E8-B9AA-183E76F3FF13}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D26AAB3B-B0DD-456C-A7E5-4DA9565FD6EE}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3E7C926-6B3C-4F88-8113-AD357C2E208F}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D480850D-85D1-4836-9AEA-86C185CDAE29}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4BA1B98-9E26-454D-A42B-AA69E732383F}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D59FD1DB-2835-4F0D-B239-ECF7E05E6390}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D5A7151F-58D0-4AC8-9329-BEDD59625679}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D6848354-33D9-4E22-B94D-91A727129920}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D79DA7F1-9B93-45CC-9019-26BD0A086577}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D804F606-DC8A-4ECD-9FF7-10390305239B}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D80C8DC6-A525-4AE5-AAF3-A4B13105A700}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{D83E84DA-D187-4300-B5D7-727727352096}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DA40137D-AE41-4148-BFEC-916B326D5BBD}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB055111-4F4F-4730-ADC5-C40EBBFF6E67}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DD556A76-A85E-4606-9239-40A8B9FC4ECB}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DE2C5EF2-DFBF-49B0-BBF2-3B2805A52722}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DED2B61B-1A26-4566-BF2F-DE539D4468DD}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{DEE7B1F7-A014-477C-B0C5-23A51AA81DB5}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E014A78F-34DC-4BE5-83BB-58CA12E384B6}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E01D62BE-3C96-4165-A54F-1A51CD75D6F9}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E402C66A-D5CB-441E-9F12-A5A864430AA2}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E45B12A3-3687-4CEB-B0F5-F2CF3B901C6C}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E4DA88ED-E01E-4D88-ADC4-A3E1ED557C6A}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76AA4DA-7388-4D1E-B7E4-CC809F4E8F1B}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E913BA95-1ADE-4D25-AC0E-E27BD8E1E43D}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E9601C0B-FA98-4E6D-A015-AE5B43F47962}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E9B5BA28-C732-49DC-94CE-9079F7F75F4E}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA40B0BC-FC4E-42DB-83A5-37E6B3EEDF8A}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EC748705-E0FD-4671-9AFF-890579E57450}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEBA7DF1-A821-469A-BD31-206AD73CFA9B}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE17712-987E-4424-A00C-9DA0BC4E2078}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EFEA05D9-BCB2-4438-A4EB-BD467692C24F}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F039C188-D8C7-4B6E-B6CC-A5E789B11329}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F32B24F1-25FA-4A91-9F97-5272B3CE8FCA}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3A486C3-6341-4BE6-B94D-D4172B69E430}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F65E955E-26C0-42FF-8EE2-443A05EA286A}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F73DBD9E-5F1B-4BCA-8604-A911DCE08B37}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F757B0A0-E8CA-4CC3-BFF5-DECD70DFEEDA}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F7B20872-3B45-4F1D-A45E-A360E4102BDA}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F7B62E04-C4AF-4814-88EE-D5EBDBAD6387}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F856BB9E-855B-498D-883E-3509C550A031}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F8A0D89E-875F-41AF-83BE-6B5780224682}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FA1D47C4-E13F-4562-B23B-39EF9017BE8B}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FB0E529A-3D2C-473E-83FE-9E56AC6CC0EB}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FBE58CC0-D14B-45FE-A717-57BB8247F652}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD36BBE5-1AF4-47D3-8681-2214DD85E152}]
[-HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFE59EC6-5491-4EF3-BA0D-77B0D895B4F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CccDs.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CccDs]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\jdksl.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\jdksl]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Jnmsd1.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Jnmsd1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\KMa.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\KMa]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LKKnsbn.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LKKnsbn]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Lme34.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Lme34]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Plslken3e8dm.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Plslken3e8dm]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3D1380C8-274A-4C31-8372-DD17055F1D33}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{46CFEC0B-CA28-4C82-BD91-EF9C6AE197B5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{60DAD1D2-4C0B-40D4-97E5-4A358AB1FE22}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99CE11B7-A2CA-426A-93BF-C1650ECFCDE8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B05D1A1E-9F4C-4CCE-91AD-DB5CFF9796DD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D59FD1DB-2835-4F0D-B239-ECF7E05E6390}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D804F606-DC8A-4ECD-9FF7-10390305239B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DE2C5EF2-DFBF-49B0-BBF2-3B2805A52722}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1E89B621-A273-4318-88D3-BA90C271A29A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{36AF19F5-FCF1-45B6-B55B-BB4E5065A1F3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3F5D7703-9155-4410-A396-681F88A16BDA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{43D87EB1-DD2B-4AA3-BF8D-CBB4040EDFE1}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{47813D27-BCA3-4DFC-88EA-BA052E7ECF87}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5B3142C6-A130-4BBB-A997-554C7F561D25}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{63C5250F-2D0E-421D-A1E0-EBA3E3AA874A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6E3F1A02-B168-4698-8B61-E3724C556D1D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{92F69D75-FF17-4DD3-B264-5AF7FB2FA29E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AF9DCBF7-690C-4F28-A02C-5A816337EA0F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B32E258A-8ADE-4DAD-92F9-476A81824D6F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BE33EDBF-C683-428C-9DCA-D3F93119DFB3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BF9031F9-A14A-4FF4-A65D-E0501ED6394E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E094A482-8627-460F-BCF1-D258D3AFB34B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F31637B5-138E-4A12-87A6-E520EE82941E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F4E473B9-9DDF-4456-9EE6-B6C1850FC201}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99CE11B7-A2CA-426A-93BF-C1650ECFCDE8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D59FD1DB-2835-4F0D-B239-ECF7E05E6390}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{60DAD1D2-4C0B-40D4-97E5-4A358AB1FE22}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{46CFEC0B-CA28-4C82-BD91-EF9C6AE197B5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3D1380C8-274A-4C31-8372-DD17055F1D33}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D804F606-DC8A-4ECD-9FF7-10390305239B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B05D1A1E-9F4C-4CCE-91AD-DB5CFF9796DD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DE2C5EF2-DFBF-49B0-BBF2-3B2805A52722}]

[2008-12-06]
1.7.20.6874

HijackThis:
O2 - BHO: LopeNinja - {93811B7D-621D-4230-A7D2-851BF93CBBAF} - %System%\{RANDOM}.dll

Files:
%SystemDir%\gce.dll
%SystemDir%\gco.dll
%SystemDir%\gze.dll
%SystemDir%\gzo.dll
%SystemDir%\hce.dll
%SystemDir%\hco.dll
%SystemDir%\hze.dll 
%SystemDir%\hzo.dll

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Lnmd7s]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Lnmd7s.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{93811B7D-621D-4230-A7D2-851BF93CBBAF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{06580F31-744D-453A-A497-EF2D87F78204}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{62C07DC1-5562-4C19-9060-35144090CA70}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{93811B7D-621D-4230-A7D2-851BF93CBBAF}]

[2008-12-03]
1.7.20.6860

HijackThis:
O2 - BHO: LosazoX3 - {7C4829DD-809C-4F0C-AF74-8725962A0811} - %System%\{RANDOM}.dll
O2 - BHO: Okalis - {34B4DFE0-E110-4936-BE49-C4F3684FB458} - %System%\{RANDOM}.dll

Files:
%SystemDir%\djaker.dll
%SystemDir%\djakot.dll
%SystemDir%\djifver.dll
%SystemDir%\djifvot.dll
%SystemDir%\ugsaker.dll
%SystemDir%\ugsakot.dll
%SystemDir%\ugsifver.dll
%SystemDir%\ugsifvot.dll

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GizoAsX]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GizoAsX.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Jans]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Jans.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{34B4DFE0-E110-4936-BE49-C4F3684FB458}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C4829DD-809C-4F0C-AF74-8725962A0811}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{480BFED5-10E7-436A-A52F-E23753114BC4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{56A6B430-ED17-428F-AA6E-48EEB5A24D9D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{82C29A55-EFF7-4EA1-AC5D-C486A4F975E6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B3E00C8E-7932-4817-B587-02FF0ADF88D6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{34B4DFE0-E110-4936-BE49-C4F3684FB458}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C4829DD-809C-4F0C-AF74-8725962A0811}]

Moved from FixIEDef page:
O2 - BHO: A.Video - {0603D38B-C4FF-458D-9E9A-C0FD113FAEC3} - %System%\{RANDOM}.dll
O2 - BHO: ABS Toolbar - {7FBB2D91-9964-4196-BAC5-D5E751762EC3} - %System%\{RANDOM}.dll
O2 - BHO: Adom.To - {0F95467C-AB44-4274-BEEA-2A75AB01B77E} - %System%\{RANDOM}.dll
O2 - BHO: Abobe BHO - {2FF811E6-8925-4084-A649-C159955E67E8} - %System%\{RANDOM}.dll
O2 - BHO: Adobe PDF Reader Link Helper - {358A14C3-CB2F-4366-9A6C-1AEB63F0B036} - %Windows%\AcroIEHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {427DA36C-DC88-48D4-B090-1FD304BECAB2} - %Windows%\AcroIEHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {445A3D12-EBA3-4054-AB54-587BF3FF40EA} - %Windows%\AcroIEHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {44970071-468F-432F-8F5E-429B2414619A} - %Windows%\AcroIEHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {463F66BC-3B6F-4FDE-969C-94F594FECE07} - %Windows%\AcroIEHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {54A98DD5-0357-4EF1-A698-BB08E73CF725} - %Windows%\AcroIEHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {5CF87193-FD1E-4400-863D-FD9AFC5F402F} - %Windows%\AcroIEHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {6FA2DDCA-DD68-4E58-9CF6-005B10D60F31} - %Windows%\AcroIEHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {8CF21D67-EDE6-4BBC-A009-D2CF3AAA0AE2} - %Windows%\AcroIEHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {A8607BAF-0EB3-473C-84C9-F3A5B901A796} - %Windows%\AcroIEHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {B782EDE4-CCB3-4E3E-981F-96C68116F38C} - %System%\AcroIeHelp.dll
O2 - BHO: Adobe PDF Reader Link Helper - {B782EDE4-CCB3-4E3E-981F-96C68116F38C} - %System%\AcroIeHelpU2.dll
O2 - BHO: Adobe PDF Reader Link Helper - {D79145D5-535E-4B27-BCD3-9AFBB326829C} - %Windows%\AcroIEHelper.dll
O2 - BHO: Adobe PDF Reader Link Helper - {DA67288F-069B-449D-BA4C-0CE0C3C42265} - %Windows%\AcroIEHelper.dll
O2 - BHO: AFS plugin - {8EF40C36-293F-4749-8EA0-94FB3AD83FA1} - %System%\{RANDOM}.dll
O2 - BHO: Aj.Popa - {BC354443-937D-498B-A792-B6E388CDFCE6} - %System%\{RANDOM}.dll
O2 - BHO: Almsms - {E9B5BA28-C732-49DC-94CE-9079F7F75F4E} - %System%\{RANDOM}.dll
O2 - BHO: AlpGld.Tb6 - {57BE2636-F271-4151-9D4A-40A2663E4FD7} - %System%\{RANDOM}.dll
O2 - BHO: AlpGld.Tb6 - {57BE2636-F271-4151-9D4A-40A2663E4FD7} - %System%\sysbase32.dll
O2 - BHO: AlphaDivX - {3B236BEE-8200-421D-919D-CA17D5739D8F} - %System%\aDivX.dll
O2 - BHO: AlSize - {8495DD20-CB51-46BE-9B63-CB2F76E45C96} - %System%\{RANDOM}.dll
O2 - BHO: Anyway toolbar - {7F47CD2E-581E-4C07-9AD5-82451B604699} - %System%\{RANDOM}.dll
O2 - BHO: AOL Toolbar - {FB0E529A-3D2C-473E-83FE-9E56AC6CC0EB} - %System%\{RANDOM}.dll
O2 - BHO: Apaps - {EC748705-E0FD-4671-9AFF-890579E57450} - %System%\{RANDOM}.dll
O2 - BHO: Asp.HACK - {06717D20-4FAA-48E1-B4BA-E8F80DAF1F06} - %System%\{RANDOM}.dll
O2 - BHO: AswPlugin Class - {284AAAD9-FDF9-49A3-93ED-9CAE4AA26805} - %System%\AswBHO.dll
O2 - BHO: AVG Safe Search - {1C1B8A44-61FE-411E-8F33-813A4E2E2984} - %System%\{RANDOM}.dll
O2 - BHO: AxxPola - {17D562A6-DA3D-4F87-B659-86CD06473AB5} - %System%\{RANDOM}.dll
O2 - BHO: BetaDivX - {48BF2BC0-2945-11D8-8CAC-00080FC65465} - %System%\IR9V0_QCX.dll
O2 - BHO: BetaDivX - {D99BACC6-6289-4D4F-8BAF-4192016AF547} - %System%\bDivX.dll
O2 - BHO: BHO - {2FF811E6-8925-4084-A649-C159955E67E8} - %System%\{RANDOM}.dll
O2 - BHO: BHO toolbar - {2FF811E6-8925-4084-A649-C159955E67E8} - %System%\{RANDOM}.dll
O2 - BHO: BHO.ext2 - {401F4B6B-3C36-4E8D-BC07-F46FC6D67D9A} - %System%\{RANDOM}.dll
O2 - BHO: BHO.ext2 - {FBE58CC0-D14B-45FE-A717-57BB8247F652} - %System%\{RANDOM}.dll
O2 - BHO: BHO.Filter - {4AD3A71E-8ED4-40F5-9A81-69245BDCBB75} - %System%\{RANDOM}.dll
O2 - BHO: BHO.Filter - {DB055111-4F4F-4730-ADC5-C40EBBFF6E67} - %System%\{RANDOM}.dll
O2 - BHO: BHO.tbl2 - {76086C05-4D0A-4B92-9219-2E3FE8C553F9} - %System%\{RANDOM}.dll
O2 - BHO: BHO.toolbar3 - {A4D16645-4149-41FB-B670-E06072E540C1} - %System%\{RANDOM}.dll
O2 - BHO: BHO5 - {9873E994-669E-4044-BA64-E5D9AD534A55} - %System%\{RANDOM}.dll
O2 - BHO: BhoApp Class - {28F51CDA-3BD1-4F06-8F7B-2A881411983F} - %System%\{RANDOM}.dll
O2 - BHO: BhoApp Class - {2FF811E6-8925-4084-A649-C159955E67E8} - %System%\{RANDOM}.dll
O2 - BHO: BhoApp Class - {5F920865-38C9-40DA-8FCF-D9DC83F84EC5} - %System%\{RANDOM}.dll
O2 - BHO: BhoApp Class - {BBEEBE4F-3EDA-40F4-A0AB-87593EE49C56} - %System%\{RANDOM}.dll
O2 - BHO: CHNSVP - {0F95467C-AB44-4274-BEEA-2A75AB01B77E} - %System%\{RANDOM}.dll
O2 - BHO: CisoASpy - {98237227-8F14-46CA-B743-241103BEE8A6} - %System%\{RANDOM}.dll
O2 - BHO: CTR DivX Video - {47FE9CB0-BFEE-4EBB-8BE2-F65F8811CEE7} - %System%\{RANDOM}.dll
O2 - BHO: CTR Video - {0CF8753B-DEB6-4266-BEFF-71F5E0312B0D} - %System%\{RANDOM}.dll
O2 - BHO: EasyPic - {62F96656-0788-4D00-8E32-D41C239E205B} - %System%\{RANDOM}.dll
O2 - BHO: EpsonToolBandKicker Class - {87FD33C2-7891-45D5-ACD1-7935F9AEA26B} - %System%\{RANDOM}.dll
O2 - BHO: FireFox Viewer - {8883BBC2-E716-4C98-B12C-BB40B4A415ED} - %Windows%\corpol.dll
O2 - BHO: FLW Viewer - {1CF50F68-ECAD-45C6-AFC1-B5DC4B95B15E} - %Windows%\cndr32a.dll
O2 - BHO: FLW Viewer - {2B53C730-8A79-4E13-A35F-3E41CA13E12F} - %Windows%\cndr32a.dll
O2 - BHO: FLW Viewer - {38E4618F-E3E4-42E9-925F-6B02C798BD94} - %Windows%\cndr32a.dll
O2 - BHO: FLW Viewer - {8D820860-2FA8-49A8-8809-B450ED80D3BB} - %Windows%\cndr32a.dll
O2 - BHO: Game.OS - {3A303EF6-2598-4D2D-B4DA-DEFA7CD0DC51} - %System%\{RANDOM}.dll
O2 - BHO: Genaps - {E402C66A-D5CB-441E-9F12-A5A864430AA2} - %System%\{RANDOM}.dll
O2 - BHO: GigaNet - {5D682D50-876E-454C-90BE-EFE6028FE389} - %System%\{RANDOM}.dll
O2 - BHO: GigaNet - {5D682D50-876E-454C-90BE-EFE6028FE389} - %System%\sysbase32.dll
O2 - BHO: GMX toolbar - {1EF7B347-DBAF-412F-879D-DC7A95BFCC94} - %System%\{RANDOM}.dll
O2 - BHO: GNS_tbl - {F7B20872-3B45-4F1D-A45E-A360E4102BDA} - %System%\{RANDOM}.dll
O2 - BHO: Godzi.com - {7FAE709C-A4F1-40AD-95E2-D119CFB6B539} - %System%\{RANDOM}.dll
O2 - BHO: Gold Manager - {D26AAB3B-B0DD-456C-A7E5-4DA9565FD6EE} - %System%/{RANDOM}.dll
O2 - BHO: gootbl2 - {435ADC46-DCAB-4593-92C8-25D2BEFCEAB7} - %System%\{RANDOM}.dll
O2 - BHO: Gordon tool - {4D8F81B2-80C9-45B1-9F03-67B2B0D2320B} - %System%\{RANDOM}.dll
O2 - BHO: GPI.ex - {D80C8DC6-A525-4AE5-AAF3-A4B13105A700} - %System%\{RANDOM}.dll
O2 - BHO: GTool - {53322B35-2C26-4FAC-A713-C31BBAA1C636} - %System%\{RANDOM}.dll
O2 - BHO: HACK.SPY - {D83E84DA-D187-4300-B5D7-727727352096} - %System%\{RANDOM}.dll
O2 - BHO: IE - {567462FE-24DF-44DC-9D49-D296CDB35844} - %Windows%\{RANDOM}.dll
O2 - BHO: IE - {616D534C-3CA8-43AB-B439-618F850F1D2B} - %Windows%\{RANDOM}.dll
O2 - BHO: IE - {73AB9095-4904-4C64-83D8-01F9F7DDC41C} - %Windows%\{RANDOM}.dll
O2 - BHO: IE - {7B7F5ACA-0A87-4214-B867-7D9BC8F7EBF5} - %Windows%\{RANDOM}.dll
O2 - BHO: IE - {86CE7BAE-CA66-4C38-88BF-B10DAA62D97E} - %Windows%\{RANDOM}.dll
O2 - BHO: IE - {A4FDF7B4-EAD1-4872-A3F7-20FD86D6E798} - %Windows%\{RANDOM}.dll
O2 - BHO: IE - {FD36BBE5-1AF4-47D3-8681-2214DD85E152} - %Windows%\{RANDOM}.dll
O2 - BHO: IE Config Tools - {E780E148-0BAC-4654-81A4-8A649F4D4A90} - %Windows%\mscfg32.dll
O2 - BHO: IE ext - {2FF811E6-8925-4084-A649-C159955E67E8} - %System%\{RANDOM}.dll
O2 - BHO: IE LiveTV - {45245B53-72FB-46CA-B5F5-ABA01D9B8E51} - %Windows%\{RANDOM}.dll
O2 - BHO: IE LiveTV - {5F841E5A-AA28-4037-BE7A-96E943E91F4D} - %Windows%\{RANDOM}.dll
O2 - BHO: IE LiveTV - {FA1D47C4-E13F-4562-B23B-39EF9017BE8B} - %Windows%\{RANDOM}.dll
O2 - BHO: IE Optimizer - {BACA5B3B-DD57-4E62-B986-9A5677FBF001} - %System%\{RANDOM}.dll
O2 - BHO: IE plugin - {17A1DBB5-DAD8-4E78-BF7E-9BE4B965408B} - %Windows%\pmspl.dll
O2 - BHO: IE plugin - {6F6D1C90-7BEE-4A15-8DAB-9C37A643FD3A} - %Windows%\pmspl.dll
O2 - BHO: IE plugin - {D17CFF74-A19C-4C36-821A-E074E4F889CA} - %Windows%\pmspl.dll
O2 - BHO: IE plugin - {E856E05E-1B91-4339-9EFC-9A3308CB5491} - %Windows%\pmspl.dll
O2 - BHO: IE plugin - {FF5137B5-C506-4D9B-8682-E0BE4675B899} - %Windows%\pmspl.dll
O2 - BHO: IE Shop - {F73DBD9E-5F1B-4BCA-8604-A911DCE08B37} - %System%\{4 Character Random Name}.dll
O2 - BHO: IE Site Blocker- {6DDBF417-0774-46AD-940B-6A4D9A039407} - %System%\{RANDOM}.dll
O2 - BHO: IE Storage - {3F1CEB16-3615-47ED-B153-3E98A4B9F3F5} - %System%\{RANDOM}.dll
O2 - BHO: IE Story - {A83359CE-23D4-4E1A-9D4E-C94AEDD1A67C} - %System%\{4 Character Random Name}.dll
O2 - BHO: IE VideoStream - {B5B77C65-5849-48E4-999A-FACA72F7B822} - %System%\{RANDOM}.dll
O2 - BHO: IE.Filter - {8B2AE9C0-1555-4C92-905A-531532F15698} - %System%\{RANDOM}.dll
O2 - BHO: IE.Filter - {F65E955E-26C0-42FF-8EE2-443A05EA286A} - %System%\{RANDOM}.dll
O2 - BHO: IE.SpamFilter - {DB055111-4F4F-4730-ADC5-C40EBBFF6E67} - %System%\{RANDOM}.dll
O2 - BHO: iebho - {09A26406-041E-4FF5-9A88-0574721445B4} - %Windows%\iebho.dll
O2 - BHO: iebho - {21BC9DFA-3E14-4753-9CBD-16A009AE1144} - %Windows%\iebho.dll
O2 - BHO: iebho - {7445DC17-44B7-4818-A9CB-2BC24E67E8D7} - %Windows%\iebho.dll
O2 - BHO: iebho - {DD556A76-A85E-4606-9239-40A8B9FC4ECB} - %Windows%\iebho.dll
O2 - BHO: iebho - {F8A0D89E-875F-41AF-83BE-6B5780224682} - %Windows%\iebho.dll
O2 - BHO: iebho surf - {341116E2-9CC4-4A6E-9303-4819C84846DE} - %System%\{RANDOM}.dll
O2 - BHO: IEBlocker.Flt - {FFE59EC6-5491-4EF3-BA0D-77B0D895B4F7} - %System%\{RANDOM}.dll
O2 - BHO: IESiteBlocker.NavFilter - {1AB6932F-92FE-42E6-870C-544AE458EA78} - %System%\{RANDOM}.dll
O2 - BHO: IESiteBlocker.NavFilter - {1AB6932F-92FE-42E6-870C-544AE458EA78} - %System%\{RANDOM}.dll
O2 - BHO: IntelVideoCodec - {04F7FAC5-F506-4F29-9094-9CB9144B192C} - %System%\IntelVideo.dll
O2 - BHO: IntelVideoCodec - {33A12BEB-3219-4CA8-99B4-733192704C62} - %System%\IntelVideoDivX.dll
O2 - BHO: IntelVideoCodec - {AF36E90A-44CA-4EE3-B578-C07383623217} - %System%\Video32.dll
O2 - BHO: IXO.crash - {87A69B72-DAE6-4517-BD12-42F62CF395FB} - %System%\{RANDOM}.dll
O2 - BHO: Jany.bho.module - {D80C8DC6-A525-4AE5-AAF3-A4B13105A700} - %System%\{RANDOM}.dll
O2 - BHO: JurToolbar - {DEE7B1F7-A014-477C-B0C5-23A51AA81DB5} - %System%\{RANDOM}.dll
O2 - BHO: Kaspaz - {6ECB8E85-7A9E-4175-8113-1136D1A325DB} - %System%\{RANDOM}.dll
O2 - BHO: Kaspaz - {6ECB8E85-7A9E-4175-8113-1136D1A325DB} - %System%\sysbase32.dll
O2 - BHO: Killak - {1F88A6F5-908C-4C28-9A81-829953C5F5C5} - %System%\{RANDOM}.dll
O2 - BHO: Kioals - {DED2B61B-1A26-4566-BF2F-DE539D4468DD} - %System%\{RANDOM}.dll
O2 - BHO: Lamsa - {DED2B61B-1A26-4566-BF2F-DE539D4468DD} - %System%\{RANDOM}.dll
O2 - BHO: library.edu - {8EF40C36-293F-4749-8EA0-94FB3AD83FA1} - %System%\{RANDOM}.dll
O2 - BHO: LmPoland - {156DD78A-CB74-4822-A17C-9CF02B43F72A} - %System%\{RANDOM}.dll
O2 - BHO: Load-Spy - {C420CF9F-D9D6-421F-958F-AA59906C2B12} - %System%\{RANDOM}.dll
O2 - BHO: LPN.df3 - {5B171109-DED1-4403-90E9-6F7778533B9A} - %System%\{RANDOM}.dll
O2 - BHO: Media Codec - {50B051EE-8EF3-4D58-828D-74F0D1FFE4AA} - %Windows%\kiasys.dll
O2 - BHO: Media Codec - {53C4786E-B8BC-4245-97C4-C4AFFE28A8CA} - %Windows%\kiasys.dll
O2 - BHO: Media Codec - {547F4E57-9025-403B-B619-073854A60DA1} - %Windows%\kiasys.dll
O2 - BHO: Media Codec - {8B580E40-6B46-44C8-9E80-A5AD6E1D1035} - %Windows%\kiasys.dll
O2 - BHO: Media Codec - {C41A222A-B516-4190-B0B7-0AF2CE7F5C28} - %Windows%\kiasys.dll
O2 - BHO: Media Player Classic - {486D0362-657B-4771-B56D-AE29AA31B78B} - %Windows%\ausctv32a.dll
O2 - BHO: Media Player Classic - {5ADB5143-1CBD-4A52-A604-CCC8D76BA8D4} - %Windows%\ausctv32a.dll
O2 - BHO: Media Player Classic - {CE0487CA-8B02-431E-BA63-D38844E020B5} - %Windows%\ausctv32a.dll
O2 - BHO: Media Player Codec - {3084A75F-5350-4D8B-BC5F-6B378035C133} - %Windows%\dsaip32b.dll
O2 - BHO: Media Player Codec - {54202673-BD70-423C-AE57-5B2354567629} - %Windows%\dsaip32b.dll
O2 - BHO: Media Player Codec - {687A466A-D7CB-4FDF-965C-92462A82D7F0} - %Windows%\dsaip32b.dll
O2 - BHO: Media Player Codec - {8B65F8A9-BAD5-4261-BB6F-25B2020C3098} - %Windows%\dsaip32b.dll
O2 - BHO: Media Player Codec - {B4EF0D13-5359-457D-BA85-C110AEC377B5} - %Windows%\dsaip32b.dll
O2 - BHO: MegaPros.com - {EA40B0BC-FC4E-42DB-83A5-37E6B3EEDF8A} - %System%\{RANDOM}.dll
O2 - BHO: Megaupload Toolbar - {EEE17712-987E-4424-A00C-9DA0BC4E2078} - %System%\{RANDOM}.dll
O2 - BHO: Mimino2 - {A9D17DA6-022A-454A-AB26-E104C0F6D13A} - %System%\{RANDOM}.dll
O2 - BHO: Mp3 Video - {2B659BB5-3E85-4BC6-BAFC-98FEDFF3AE99} - %System%\VideoMP3.dll
O2 - BHO: Mp3 Video - {5DE176A4-B5FF-4D50-B084-E047526B8E97} - %System%\VideoMP3.dll
O2 - BHO: Mp3 Video - {6FFE49B7-F475-4EAB-8E80-E5D74C4E8D5F} - %System%\VideoMP3.dll
O2 - BHO: Mp3 Video - {9A1EF21C-B0D4-4EB0-894F-CBAE2F4D0A82} - %System%\mp3avi.dll
O2 - BHO: Mp3 Video - {D4FD35A3-101C-4FAA-A9CA-E8C9461C3CEF} - %System%\mp3avi.dll
O2 - BHO: MS Video Control 1.0 - {2A4601BC-8376-422D-A2FC-DDF0A40570BD} - %Windows%\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {2E09C916-948C-42AF-8451-17B1439DFFD5} - %Windows%\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {4E21495F-0004-4614-9DC9-6B8F7E5024F5} - %Windows%\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {54629298-47B2-4F79-BC62-7B3648D70020} - %Windows%\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {708F8B95-4012-4A3A-9494-5EEE5F8CC89E} - %Windows%\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {853D915E-40FF-4125-996E-89DD934B2060} - %Windows%\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {96074552-3830-40E3-8274-FB9E092F04EC} - %Windows%\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {B8DE8F32-8900-4F89-BFD5-CB4D49FEBE47} - %Windows%\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {C3253D15-672D-46D5-8FE1-3FAB8E291E4F} - %Windows%\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {CAD36397-AF2B-4F5D-9172-1D3874222A23} - %Windows%\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {CBC3486E-92D1-419D-BEBF-D3D972B87902} - %Windows%\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {E76AA4DA-7388-4D1E-B7E4-CC809F4E8F1B} - %Windows%\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {E9601C0B-FA98-4E6D-A015-AE5B43F47962} - %Windows%\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {EEBA7DF1-A821-469A-BD31-206AD73CFA9B} - %Windows%\msvidc32.dll
O2 - BHO: MS Video Control 1.0 - {F7B62E04-C4AF-4814-88EE-D5EBDBAD6387} - %Windows%\msvidc32.dll
O2 - BHO: NitroBomb - {D4BA1B98-9E26-454D-A42B-AA69E732383F} - %System%\{RANDOM}.dll
O2 - BHO: Office toolbar - {14F4D69C-EDB0-434D-BF44-1EECCCD3418E} - %Windows%\sysosa.dll
O2 - BHO: Office toolbar - {26121617-90C5-41D3-B52D-133D49A36AE7} - %Windows%\sysosa.dll
O2 - BHO: Office toolbar - {4722D065-A352-42FB-924C-EAEF5A1AE571} - %Windows%\sysosa.dll
O2 - BHO: Office toolbar - {472BC14C-6464-4FDF-A12A-A057CDCD9C58} - %Windows%\sysosa.dll
O2 - BHO: Office toolbar - {4F9FD315-1C7C-477B-A65D-E66570DF2677} - %Windows%\sysosa.dll
O2 - BHO: Office toolbar - {59607689-0CC6-4187-B7E7-03084228E7EE} - %Windows%\sysosa.dll
O2 - BHO: Office toolbar - {5BD5FE32-1DB9-48E1-BEDF-3CC304D98B46} - %Windows%\sysosa.dll
O2 - BHO: Office toolbar - {88452E1F-D91A-4A66-AA39-FD53F15B13AF} - %Windows%\sysosa.dll
O2 - BHO: Office toolbar - {AB51078F-7E35-49E2-8B26-7BB98321E066} - %Windows%\sysosa.dll
O2 - BHO: Office toolbar - {BC660FC4-4B54-4CC7-AC65-23B0CA1FBBB0} - %Windows%\sysosa.dll
O2 - BHO: Office toolbar - {F0B18D6F-3541-4AB4-A231-79F15FA29ED1} - %Windows%\sysosa.dll
O2 - BHO: OGG Viewer - {7AB85EC7-22E7-4B5D-89DA-A9EBD1AF3520} - %Windows%\oggview.dll
O2 - BHO: OGG Viewer - {82FE0677-75EC-49BF-83E9-A815F68F6212} - %Windows%\oggview.dll
O2 - BHO: OGG Viewer - {90F39E5A-1C6C-4597-8B59-9AED38E88387} - %Windows%\oggview.dll
O2 - BHO: OGG Viewer - {FBFE32FE-4ED6-4099-A087-8C238B714831} - %Windows%\oggview.dll
O2 - BHO: Osma - {6599A965-FA2D-41CD-95B1-13140F1CF8A3} - %System%\{RANDOM}.dll
O2 - BHO: PCTools - {5C8494A5-7525-46B3-94C2-2F734EEBD48B} - %Windows%\netweb64c.dll
O2 - BHO: PCTools - {5C8494A5-7525-46B3-94C2-2F734EEBD48B} - %Windows%\sysapi32a.dll
O2 - BHO: PCTools - {C9BB982C-503D-4C0C-BDC7-ECE2A7FADFE9} - %Windows%\pctools.dll
O2 - BHO: PDS Viewer - {37CEA8AE-2C1F-4F88-8362-0BFFBA53D2FD} - %Windows%\pdswin.dll
O2 - BHO: PDS Viewer - {5CB10D4A-0C14-4546-865D-935ECBFFA346} - %Windows%\pdswin.dll
O2 - BHO: PDS Viewer - {E2278F85-4584-4BEE-928C-600B38C385C1} - %Windows%\pdswin.dll
O2 - BHO: Phonomia - {A2F253AD-1F23-4D87-A64B-D6987F38D981} - %System%\{RANDOM}.dll
O2 - BHO: Pinch - {F039C188-D8C7-4B6E-B6CC-A5E789B11329} - %Windows%\{RANDOM}.dll
O2 - BHO: PLAsim plugin - {7753B2C4-8E27-4CEC-87EB-2739480D8A11} - %Windows%\poswin.dll
O2 - BHO: PLAsim plugin - {F60777DA-D6A6-40F6-B665-6F361C1017B6} - %Windows%\poswin.dll
O2 - BHO: Player - {22347AEE-A37A-45D3-8804-FDC7F9289CE1} - %Windows%\orgnavi.dll
O2 - BHO: Player - {242C7F77-BDAC-48B9-89E2-42940CBAE846} - %Windows%\orgnavi.dll
O2 - BHO: Player - {2B75E214-4DE0-4BDC-AE5D-63FAA5BA02AE} - %Windows%\orgnavi.dll
O2 - BHO: Player - {72AC05E3-89FD-42BB-A646-C2EE381A4908} - %Windows%\orgnavi.dll
O2 - BHO: Player - {8109B74C-F63F-43EA-84A4-3D43351C4021} - %Windows%\orgnavi.dll
O2 - BHO: Player - {83FD1F86-B40A-41EE-8512-929F005ED2A8} - %Windows%\orgnavi.dll
O2 - BHO: Player - {84885FC9-44B0-4953-98F9-166E048B7052} - %Windows%\orgnavi.dll
O2 - BHO: Player - {99F785E5-5394-4826-A515-034A34A36377} - %Windows%\orgnavi.dll
O2 - BHO: Player - {AAED19A0-D72D-4AD1-8F94-B53D36C835A7} - %Windows%\orgnavi.dll
O2 - BHO: Player - {B5307BCB-64A5-4416-9BC2-5AF01DB90123} - %Windows%\orgnavi.dll
O2 - BHO: Player - {BA2020CE-AF34-4B1A-82D4-507C7F002079} - %Windows%\orgnavi.dll
O2 - BHO: Player - {D989E9EA-8F56-4864-A1EA-2F9059A421BE} - %Windows%\orgnavi.dll
O2 - BHO: Player - {E5AF0624-F539-47D9-BA37-D8B339E858F4} - %Windows%\orgnavi.dll
O2 - BHO: Player - {F3DDAB38-C6E3-4EF8-A543-6E8625A61D93} - %Windows%\orgnavi.dll
O2 - BHO: Player - {FAB71C44-8C45-43EF-B1BE-2E33076166D4} - %Windows%\orgnavi.dll
O2 - BHO: Player - {FC2458DB-B263-48C5-A106-0651B05DF38C} - %Windows%\orgnavi.dll
O2 - BHO: player addon - {1E40AD15-4280-428A-9A26-AB96F9DA2ACE} - %Windows%\oggview32.dll
O2 - BHO: player addon - {4EBAA7B0-740D-4CFA-9455-5C233BB354E1} - %Windows%\oggview32.dll
O2 - BHO: player addon - {6A219F2A-3ECA-4258-9A8A-FD7312EB7391} - %Windows%\oggview32.dll
O2 - BHO: player addon - {819EFD78-6FD4-42EF-9030-F6DAB24BB9F0} - %Windows%\oggview32.dll
O2 - BHO: player addon - {9DEC81A1-919F-41F0-A983-7F202E3EBBB3} - %Windows%\oggview32.dll
O2 - BHO: player addon - {E90BBB19-1B2E-42C0-8BFF-AFC6984247DD} - %Windows%\oggview32.dll
O2 - BHO: Pol.svcn - {4D8F81B2-80C9-45B1-9F03-67B2B0D2320B} - %System%\{RANDOM}.dll
O2 - BHO: POS plugin - {369A87BB-07DF-4AB6-B23D-B5BF81338572} - %Windows%\poswin.dll
O2 - BHO: ProAct - {2FF811E6-8925-4084-A649-C159955E67E8} - %System%\{RANDOM}.dll
O2 - BHO: Pup.SPY - {56D182B7-C06B-4A37-85F3-A7C018DEF8A7} - %System%\{RANDOM}.dll
O2 - BHO: pwn plugin - {4AAC4708-FE47-4B80-92EF-47406444DDD2} - %Windows%\pwnbho.dll
O2 - BHO: pwn plugin - {7E24E909-FB8A-4837-9DF7-05E7587CB26C} - %Windows%\pwnbho.dll
O2 - BHO: PWS.LD.Pinch - {649E2DCE-1AD1-470B-ACC8-42842396A94C} - %Windows%\nydo32r.dll
O2 - BHO: Rates - {038F228B-EED3-4A87-A565-F88FC99EBA91} - %Windows%\toprates.dll
O2 - BHO: Rates - {04B0AACB-ADE6-45C7-9989-7836E8DC8C3D} - %Windows%\toprates.dll
O2 - BHO: Rates - {0B5BDA71-9E2A-467C-90EC-E0947A9BB1ED} - %Windows%\toprates.dll
O2 - BHO: Rates - {0EB6AF05-AB7F-47C2-8ABC-9B985FE27A69} - %Windows%\toprates.dll
O2 - BHO: Rates - {113F2B42-FD88-45F6-9DEB-2D3463A8FC71} - %Windows%\toprates.dll
O2 - BHO: Rates - {395E5A32-A265-451E-BCA2-679BC11361B1} - %Windows%\toprates.dll
O2 - BHO: Rates - {47EFD4AD-CB46-4549-B24B-CEE415394C56} - %Windows%\toprates.dll
O2 - BHO: Rates - {4E45C414-5019-4966-9013-6950C35E6C06} - %Windows%\toprates.dll
O2 - BHO: Rates - {553084D1-0E86-4358-AA1C-BB19B42AF28F} - %Windows%\toprates.dll
O2 - BHO: Rates - {5C28ED27-37BE-40EA-9AEB-FCC19F72682F} - %Windows%\toprates.dll
O2 - BHO: Rates - {64CB443E-9F44-4A05-929F-CCC315F21E21} - %Windows%\toprates.dll
O2 - BHO: Rates - {6CA6DDF4-8904-4179-A45D-91438342F83A} - %Windows%\toprates.dll
O2 - BHO: Rates - {834B0DD4-3A68-4F58-B265-D9FDB3D8F88B} - %Windows%\toprates.dll
O2 - BHO: Rates - {F325C9B7-4876-4665-895B-674D657645C2} - %Windows%\toprates.dll
O2 - BHO: RAW Ext - {94EDC7BA-1D2A-4DEA-9199-1DEB916BD6F6} - %Windows%\{RANDOM}.dll
O2 - BHO: RealMedia - {0EEDB911-C5FA-486F-8334-57288578C627} - %System%\XunLeiBHO_Now.dll
O2 - BHO: RealMedia - {87B570FB-D2CF-4D3C-8E1B-E1E7018BBA95} - %System%\dx50codec.dll
O2 - BHO: RupTool - {F32B24F1-25FA-4A91-9F97-5272B3CE8FCA} - %System%\{RANDOM}.dll
O2 - BHO: Safe surf - {A8485774-8230-4D88-B00F-4A04A3E4FC1C} - %System%\{RANDOM}.dll
O2 - BHO: Safe web - {A8485774-8230-4D88-B00F-4A04A3E4FC1C} - %System%\{RANDOM}.dll
O2 - BHO: scriptproxy - {6D0386B3-FD72-488E-9740-90355AE21735} - %System%\{RANDOM}.dll
O2 - BHO: search toolbar - {7D76D0EB-AE56-4DF4-AFFC-20AFF4344AC6} - %System%\{RANDOM}.dll
O2 - BHO: SearchAddon - {0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2} - %System%\{RANDOM}.dll
O2 - BHO: Sigma plugin - {7DBF8390-552B-4D55-9F62-00D032032691} - %Windows%\{RANDOM}.dll
O2 - BHO: Sigma plugin - {B095AF15-2FB6-4239-95AD-D1E27ECC11C7} - %Windows%\{RANDOM}.dll
O2 - BHO: Sigma plugin - {D3E7C926-6B3C-4F88-8113-AD357C2E208F} - %Windows%\{RANDOM}.dll
O2 - BHO: Sigma plugin - {E913BA95-1ADE-4D25-AC0E-E27BD8E1E43D} - %Windows%\{RANDOM}.dll
O2 - BHO: Sofos - {44B1C291-CF3E-4B66-8BAB-31040FDC30A9} - %Windows%\sofos32x.dll
O2 - BHO: Sofos - {73776361-F206-4A50-9687-801C6FE9BA31} - %Windows%\sofos32x.dll
O2 - BHO: Sofos - {B49949CA-3062-4FA3-A24A-E27BAFD7C940} - %Windows%\sofos16x.dll
O2 - BHO: Sofos - {D6848354-33D9-4E22-B94D-91A727129920} - %Windows%\sofos32x.dll
O2 - BHO: Sofos - {E45B12A3-3687-4CEB-B0F5-F2CF3B901C6C} - %Windows%\sofos32x.dll
O2 - BHO: Soplygui - {BCCCB3D5-17DC-43DD-9F46-A31AB28FECB2} - %System%\{RANDOM}.dll
O2 - BHO: Spybot-S&D IE Protection - {B1892F58-1116-4DEC-92AA-577872EC3D3D} - %System%\{RANDOM}.dll
O2 - BHO: SSVHelper - {69F6C0AE-0C78-4999-B6D1-62932A265C5D} - %Windows%\{RANDOM}.dll
O2 - BHO: SSVHelper - {907C8FB0-1205-4189-99C9-9E8DA884B0B0} - %Windows%\{RANDOM}.dll
O2 - BHO: SSVHelper - {96488BA0-1A53-4583-8AC8-DB77560E8876} - %Windows%\{RANDOM}.dll
O2 - BHO: stx.tbl - {7E61BB38-A952-40BA-98F0-0AD229658CB7} - %System%\{RANDOM}.dll
O2 - BHO: svc - {BE17AE9C-3BD1-4BAD-936F-B77B63D5763F} - %System%\{RANDOM}.dll
O2 - BHO: svc.Apx - {7D6A0C8D-7C34-44FC-BED8-96528D13BEE9} - %System%\{RANDOM}.dll
O2 - BHO: SVC plugin - {1FBC6925-90A0-404E-83E6-F0FBCC7AD034} -%Windows%\{RANDOM}.dll
O2 - BHO: SVC plugin - {43D65102-A7BE-4C88-9737-44D2AD81394A} - %Windows%\{RANDOM}.dll
O2 - BHO: SVC plugin - {465DACD9-7035-4824-AE3E-F883EBE97261} -%Windows%\{RANDOM}.dll
O2 - BHO: SVC plugin - {50AB4474-F8B5-4F66-BAC5-4251E765B827} - %Windows%\{RANDOM}.dll
O2 - BHO: SVC plugin - {64C94B46-1079-4C75-BE9B-380F6AE7624C} -%Windows%\{RANDOM}.dll
O2 - BHO: SVC plugin - {67EE7798-F2A0-415C-9473-0F174BD5A8B8} - %Windows%\{RANDOM}.dll
O2 - BHO: SVC plugin - {7EA5E375-6136-496E-9616-E03B4F9EA1C0} - %Windows%\{RANDOM}.dll
O2 - BHO: SVC plugin - {AAF635CA-04C2-4EBA-B022-3A2F95A05A62} - %Windows%\{RANDOM}.dll
O2 - BHO: SVC plugin - {C12FC24B-A7B9-487F-9603-5481EBF00C6F} - %Windows%\{RANDOM}.dll
O2 - BHO: SVC plugin - {D12A16B5-7FAA-43E8-B9AA-183E76F3FF13} - %Windows%\{RANDOM}.dll
O2 - BHO: SysIETool - {D79DA7F1-9B93-45CC-9019-26BD0A086577} - %System%\{RANDOM}.dll
O2 - BHO: Sysem Player - {2AE4C401-AAC4-4F41-9665-1EC88C3BDD7D} - %Windows%\sysvol32.dll
O2 - BHO: Sysem Player - {861EA552-6309-490A-AC97-1F574E730CF1} - %Windows%\sysvol32.dll
O2 - BHO: Sysem Player - {D70E28A7-AA79-4D62-A59F-87024840BB62} - %Windows%\sysvol32.dll
O2 - BHO: Sysem Player - {EDB33932-35A4-4566-9FBC-5750DCAF8F89} - %Windows%\sysvol32.dll
O2 - BHO: System DivX4 - {0459F04A-F7CC-4F98-B66E-E19690702AE4} - %System%\sysvideo32.dll
O2 - BHO: System DivX4 - {052FB21E-D259-485E-AA2A-FDD489D090F9} - %System%\sysvideo32.dll
O2 - BHO: System DivX4 - {2FA3B736-1AC7-454D-8E94-8BA8158BF064} - %System%\sysvideo32.dll
O2 - BHO: System DivX4 - {71314E7C-1713-49FA-90F2-54D275023981} - %System%\sysvideo32.dll
O2 - BHO: toolbar.search - {19B8572F-894F-41E0-9309-00091B688905} - %System%\{RANDOM}.dll
O2 - BHO: Video - {02788C74-8A3E-455D-9820-59784297DF96} - %Windows%\stream32a.dll
O2 - BHO: Video - {04A67DA5-880B-452F-B193-463452C40B41} - %Windows%\{RANDOM}.dll
O2 - BHO: Video - {0F596190-DEC2-4D19-AB43-50B54243923F} - %Windows%\windivx.dll
O2 - BHO: Video - {14A6B963-7C6C-414B-B5BD-9CD0929F928F} - %Windows%\stream32a.dll
O2 - BHO: Video - {15EB9F40-D775-4463-B75B-8687B3C66BB7} - %Windows%\msvideo.dll
O2 - BHO: Video - {15FEB658-AACC-412E-BC13-D54CFD74A8F6} - %Windows%\stream32a.dll
O2 - BHO: Video - {323301C5-CB6B-490C-B59F-E7FAD4D69C93} - %Windows%\{RANDOM}.dll
O2 - BHO: Video - {38329D14-1302-4CA7-BEE4-C954516C43B3} - %Windows%\windivx.dll
O2 - BHO: Video - {4AB15165-917A-4AE4-AE42-7FF13F61805B} - %Windows%\windivx.dll
O2 - BHO: Video - {632F6863-1E54-49FC-A72F-BDEE592EAD52} - %Windows%\windivx.dll
O2 - BHO: Video - {6430CCA7-032A-4EB0-BCFF-838998E73EF5} - %Windows%\stream32a.dll
O2 - BHO: Video - {6D64B03B-3B93-4AF2-BFC6-01264A4C7F2A} - %Windows%\msvideo.dll
O2 - BHO: Video - {80590BC5-F4BA-4AD1-B216-C19EE86E2A77} - %Windows%\msvideo.dll
O2 - BHO: Video - {95E1D855-9232-48F7-80D9-1ADB65B7939C} - %Windows%\{RANDOM}.dll
O2 - BHO: Video - {BC37F38C-D37C-46FC-AC8D-93ABBCE72947} - %Windows%\{RANDOM}.dll
O2 - BHO: Video - {BC462E4B-C520-4CA9-B1EC-A7DD36FD6D0A} - %Windows%\windivx.dll
O2 - BHO: Video - {D0995F82-90C7-4C78-9B4C-C1700FB8B120} - %Windows%\windivx.dll
O2 - BHO: Video - {DA40137D-AE41-4148-BFEC-916B326D5BBD} - %Windows%\{RANDOM}.dll
O2 - BHO: Video - {F5E81149-92B2-47D2-A12B-1B966AB46EA7} - %Windows%\windivx.dll
O2 - BHO: Video BHO - {597AED5A-2DEA-431D-BE7E-F03BAB2AFB15} - %Windows%\{RANDOM}.dll
O2 - BHO: Video BHO - {681147C4-D615-461A-960F-655871E315C3} - %Windows%\{RANDOM].dll
O2 - BHO: Video decompressor - {0B686DCA-F3F7-4829-8EB4-B453EEEA7B05} - %Windows%\pandsf.dll
O2 - BHO: Video decompressor - {12723304-463C-4377-8FEE-FCAB14BF8083} - %Windows%\pandsf.dll
O2 - BHO: Video decompressor - {490BE71A-AAA4-4616-B6C8-4847CA2972D0} - %Windows%\pandsf.dll
O2 - BHO: Video decompressor - {5792244C-2237-459B-8E84-FA78184843A8} - %Windows%\pandsf.dll
O2 - BHO: Video decompressor - {A69E182D-F9CA-4B90-80E9-854CBACCD73B} - %Windows%\pandsf.dll
O2 - BHO: Video decompressor - {F38636ED-E66E-4A37-822E-0C01F64D6605} - %Windows%\pandsf.dll
O2 - BHO: Video decompressor - {FB8BB59E-86A8-46CC-9CB9-7307737E7C46} - %Windows%\pandsf.dll
O2 - BHO: Video decompressor - {FCE457AD-1CFC-4DC7-98DA-047AF95F8B98} - %Windows%\pandsf.dll
O2 - BHO: Video decompressor - {FD807848-4DCB-43F8-8D98-BD32382E5CEB} - %Windows%\pandsf.dll
O2 - BHO: Video DivX 3.12 - {09D72564-27E2-4F12-8AB6-03F83E4567DE} - %System%\sysdivx.dll
O2 - BHO: Video DivX 3.12 - {16096942-15C5-4629-BD81-00A46B2408CA} - %System%\sysdivx.dll
O2 - BHO: Video DivX 3.12 - {17D562A6-DA3D-4F87-B659-86CD06473AB5} - %System%\sysdivx.dll
O2 - BHO: Video DivX 3.12 - {26B1DC31-2051-49DD-AEA6-368E702E5B63} - %System%\sysdivx.dll
O2 - BHO: Video DivX 3.12 - {29C79434-BA0A-4A48-A451-70F19B4A4925} - %System%\sysdivx.dll
O2 - BHO: Video DivX 3.12 - {36490B2D-77CC-4CC2-B6A6-8A16EC550DAB} - %System%\sysdivx.dll
O2 - BHO: Video DivX 3.12 - {7A23A1E8-B2AB-4C50-AD12-9E19B747E17C} - %System%\sysdivx.dll
O2 - BHO: Video DivX 3.12 - {A6D91DAC-AF0D-4DC0-99A8-D7DD836FA34D} - %System%\sysdivx.dll
O2 - BHO: Video DivX 3.12 - {B6F7666D-887D-45D9-BD0F-9D4CC771A63D} - %System%\sysdivx.dll
O2 - BHO: Video DivX 3.12 - {BB2A8FD4-B015-43C4-A282-904FDF8B2F09} - %System%\sysdivx.dll
O2 - BHO: Video DivX 3.12 - {DA927154-CC3A-41A7-9246-CE35FE2E6477} - %System%\sysdivx.dll
O2 - BHO: Video DivX 3.12 - {E4DF0054-13B7-4A75-967E-1CC787C69FAA} - %System%\sysdivx.dll
O2 - BHO: Video DivX 3.12 - {F02B8C83-C817-4EA2-A499-29257DA0373A} - %System%\sysdivx.dll
O2 - BHO: Video On-line - {032706C0-EB72-4DF0-ABF6-B89958D2A6CC} - %System%\PowerVideo.dll
O2 - BHO: Video On-line - {065B1210-E57F-41AD-90C5-F70D63388640} - %System%\PowerVideo.dll
O2 - BHO: Video On-line - {323301C5-CB6B-490C-B59F-E7FAD4D69C93} - %System%\PowerVideo.dll
O2 - BHO: Video On-line - {333E0189-EB79-4D24-BA64-FAF768284313} - %System%\PowerVideo.dll
O2 - BHO: Video On-line - {5AF8125F-9BB3-482D-8B49-B4B3E9D8DB59} - %System%\PowerVideo.dll
O2 - BHO: Video On-line - {66D69CC1-5373-4730-AB8E-24D2AB7FF95F} - %System%\PowerVideo.dll
O2 - BHO: Video On-line - {741403DD-46A4-4D58-8FA7-427335C3BBF6} - %System%\PowerVideo.dll
O2 - BHO: Video On-line - {7D8BD0D7-8FD8-48CB-A0B5-472F68B92BC4} - %System%\PowerVideo.dll
O2 - BHO: Video On-line - {7E4C5F57-FF13-4006-A5F6-BE97D9CD6261} - %System%\PowerVideo.dll
O2 - BHO: Video On-line - {A9A82440-64E7-4177-86AE-B58DEE731AF3} - %System%\PowerVideo.dll
O2 - BHO: Video On-line - {BD907325-42B2-4077-BA63-F636B627C998} - %System%\PowerVideo.dll
O2 - BHO: Video On-line - {EF425F00-2D4C-4273-A610-3403026681A6} - %System%\PowerVideo.dll
O2 - BHO: Video32 Connector - {AC16362B-5EDF-4E46-B7F6-EC24BB76E8C4} - %Windows%\{RANDOM}.dll
O2 - BHO: Video32 Connector - {CF9146DB-16F1-4B79-8DA1-EE14C55D5B06} - %Windows%\{RANDOM}.dll
O2 - BHO: VideoCodec Class - {284AAAD9-FDF9-49A3-93ED-9CAE4AA26805} - %System%\AswBHO.dll
O2 - BHO: VideoCodec Class - {926A61C9-5C20-4583-ACA7-ACE21088816E} - %System%\RichVideoCodec.dll
O2 - BHO: VideoCodec Class - {949859A7-EB1F-400D-BDBC-C48238BDF788} - %System%\AswBHO.dll
O2 - BHO: VideoData - {15977918-3A04-4982-8E45-EDC618371EBE} - %Windows%\{RANDOM}.dll
O2 - BHO: VideoData - {E4DA88ED-E01E-4D88-ADC4-A3E1ED557C6A} - %Windows%\{RANDOM}.dll
O2 - BHO: VideoData - {F856BB9E-855B-498D-883E-3509C550A031} - %Windows%\{RANDOM}.dll
O2 - BHO: VideoInput - {AC16362B-5EDF-4E46-B7F6-EC24BB76E8C4} - %Windows%\{RANDOM}.dll
O2 - BHO: Web Search - {6A719349-BDF5-4268-9019-4ACA0C2562D2} - %Windows%\websrc32.dll
O2 - BHO: Web Search - {B3E45A9B-7756-46A2-AB14-90175CD374F9} - %Windows%\websrc32.dll
O2 - BHO: Web Search - {D54F0577-8770-4A63-B926-6A640ED57F06} - %Windows%\websrc32.dll
O2 - BHO: WEP Viewer - {746CBA32-C671-44F6-BC73-C5351A316D03} - %System%\{RANDOM}.dll
O2 - BHO: win32ie.a - {0848225A-8181-42FC-8C68-F0A543B12967} - %System%\{RANDOM}.dll
O2 - BHO: Windows Media Player - {61FEBF12-793B-4D8A-8513-D1814FE2A395} - %Windows%\wmpdxm.dll
O2 - BHO: Windows Media Player - {7CF52009-F408-49AE-BBCB-6279CB53BB42} - %Windows%\wmpdxm.dll
O2 - BHO: Windows Media Player - {7DB0A0E2-FD42-43AE-A12A-760DBBC3C876} - %Windows%\wmpdxm.dll
O2 - BHO: Windows Media Player - {8161DF25-78BD-412D-8B45-87EFD0839BC6} - %Windows%\wmpdxm.dll
O2 - BHO: Windows Media Player - {8388F272-9EDA-4F4E-88FD-4711CBA4BA2B} - %Windows%\wmpdxm.dll
O2 - BHO: Windows Media Player - {8E9C2138-EFA4-4B14-9062-7FD1F7C10E82} - %Windows%\wmpdxm.dll
O2 - BHO: Windows Media Player - {AFCB0C91-199F-4C49-9F62-09F8CBDAD17A} - %Windows%\wmpdxm.dll
O2 - BHO: Windows Media Player - {C7E9503C-DA29-4183-8FA9-978C32852C20} - %Windows%\wmpdxm.dll
O2 - BHO: Windows Media Player - {D480850D-85D1-4836-9AEA-86C185CDAE29} - %Windows%\wmpdxm.dll
O2 - BHO: Windows Media Player - {D5A7151F-58D0-4AC8-9329-BEDD59625679} - %Windows%\wmpdxm.dll
O2 - BHO: Windows Media Player - {E01D62BE-3C96-4165-A54F-1A51CD75D6F9} - %Windows%\wmpdxm.dll
O2 - BHO: Windows Media Player - {F3167A8F-30FF-4BA1-9FF8-03568E53BC1A} - %Windows%\wmpdxm.dll
O2 - BHO: Windows Media Player - {F757B0A0-E8CA-4CC3-BFF5-DECD70DFEEDA} - %Windows%\wmpdxm.dll
O2 - BHO: WinGold - {2FF811E6-8925-4084-A649-C159955E67E8} - %System%\{RANDOM}.dll
O2 - BHO: WinGold - {67956585-9B5C-4E2B-ABE1-A01BF3046EE1} - %System%\{RANDOM}.dll
O2 - BHO: WinIss - {17D562A6-DA3D-4F87-B659-86CD06473AB5} - %System%\{RANDOM}.dll
O2 - BHO: WinSurf - {11160F05-7B64-4E5C-9C42-C69E2C78CE14} - %Windows%\winsurf.dll
O2 - BHO: WinSurf - {1F91C786-BBA0-41D2-8B3D-B88242677BAC} - %Windows%\winsurf.dll
O2 - BHO: WinSurf - {48D8CC16-82FD-4C1B-B3FF-F706C8E75399} - %Windows%\winsurf.dll
O2 - BHO: WinSurf - {53E30863-280F-4CFA-99AB-55CAEB95271C} - %Windows%\ps16sys.dll
O2 - BHO: WinView plugin - {8AE578E0-6DF5-41E0-869F-F65A32D2F6BD} - %System%\{RANDOM}.dll
O2 - BHO: Worm Radar - {07EF0649-D5BA-4139-B0A2-4D047F223B2D} - %System%\{4 Character Random DLL}.dll
O2 - BHO: WormRadar.com - {CEAF8FFD-A61C-46EF-A970-D77D90246918} - %System%\{4 Character Random DLL}.dll
O2 - BHO: Xena toolbar - {2FF811E6-8925-4084-A649-C159955E67E8} - %System%\{RANDOM}.dll
O2 - BHO: XGame - {F3A486C3-6341-4BE6-B94D-D4172B69E430} - %System%\{RANDOM}.dll
O2 - BHO: XTTBPos00 - {E014A78F-34DC-4BE5-83BB-58CA12E384B6} - %System%\{RANDOM}.dll
O2 - BHO: ZozyWin - {EFEA05D9-BCB2-4438-A4EB-BD467692C24F} - %System%\{RANDOM}.dll

[2008-12-01]
1.7.20.6840

Files:
%SystemDir%\avt.dll
%SystemDir%\avtu.dll
%SystemDir%\avit.dll
%SystemDir%\avitu.dll
%SystemDir%\axvt.dll
%SystemDir%\axvtu.dll
%SystemDir%\axvit.dll
%SystemDir%\axvitu.dll

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AlsaLi]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AlsaLi.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E9B5BA28-C732-49DC-94CE-9079F7F75F4E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8DFE3882-5474-4010-BF17-544D1D390117}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FEF72F04-58F1-433F-8B51-4C6E85B4605B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E9B5BA28-C732-49DC-94CE-9079F7F75F4E}]

[2008-11-25]
1.7.20.6825

Files:
%SystemDir%\dazsax.dll
%SystemDir%\dazsol.dll
%SystemDir%\dasheax.dll
%SystemDir%\dasheol.dll
%SystemDir%\sdzsax.dll
%SystemDir%\sdzsol.dll
%SystemDir%\sdsheax.dll
%SystemDir%\sdsheol.dll

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Huyaka]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sjkgcr.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0848225A-8181-42FC-8C68-F0A543B12967}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8AE8A9CE-80DE-4951-AD58-BE6FC7A0E231}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BDE8A95B-A98D-4928-ADCB-C3C3D0AFA449}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0848225A-8181-42FC-8C68-F0A543B12967}]

[2008-11-22]
1.7.20.6811

Files:
%DesktopDir%\WinDefender 2009.lnk
%ProgramsDir%\WinDefender 2009.lnk
%ProgramFiles%\WinDefender\uninstall.exe
%ProgramFiles%\WinDefender\windef.exe
%ProgramFiles%\WinDefender\WinDefender.s1
%ProgramFiles%\WinDefender\WinDefender.s2
%ProgramFiles%\WinDefender\WinDefender.s3
%ProgramFiles%\WinDefender\WinDefender.s4
%ProgramFiles%\WinDefender\WinDefender.s5
%ProgramFiles%\WinDefender\WinDefender.s6
%SystemDir%\dzguax.dll
%SystemDir%\dzgoil.dll
%SystemDir%\dzhuax.dll
%SystemDir%\dzhoil.dll
%SystemDir%\psguax.dll
%SystemDir%\psgoil.dll
%SystemDir%\pshuax.dll
%SystemDir%\pshoil.dll

Folders:
%ProgramFiles%\WinDefender

Registry:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WinDefender2009"=-
[-HKEY_CURRENT_USER\Software\WinDefender2009]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\alszoo.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AOL_]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\axcfqw.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Byaka]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\KAKA]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\LandLong]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\megaul.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PsmaVer]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sdxtt5.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\zozy32.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8495DD20-CB51-46BE-9B63-CB2F76E45C96}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EA40B0BC-FC4E-42DB-83A5-37E6B3EEDF8A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EFEA05D9-BCB2-4438-A4EB-BD467692C24F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0C22DE22-85B0-48F2-8D95-28E2AD2B713F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1C157676-D7C7-40BF-ADF2-5ACD14D54B9C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1F6D89AC-F25B-4FCA-AACC-8C678254FABA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{37887937-0D39-4FC8-A747-CEA00D891B83}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{37A31018-C41E-48EE-875B-CC604F5F1A8A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7EAE8501-58B6-4ED8-9160-DAF1656C15AE}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A05DF449-D32B-470D-8AAD-DA01FAFC5B88}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DCA4E955-7C7A-48B3-ABAF-5D303D17F7CA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8495DD20-CB51-46BE-9B63-CB2F76E45C96}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA40B0BC-FC4E-42DB-83A5-37E6B3EEDF8A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EFEA05D9-BCB2-4438-A4EB-BD467692C24F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinDefender 2009]

[2008-11-10]
1.7.20.6773

Files:
%SystemDir%\qipauzax.dll
%SystemDir%\qipauzkco.dll
%SystemDir%\qipecgax.dll
%SystemDir%\qipecgkco.dll
%SystemDir%\vxfauzax.dll
%SystemDir%\vxfauzkco.dll
%SystemDir%\vxfecgax.dll
%SystemDir%\vxfecgkco.dll

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Azza]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\podddd.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{156DD78A-CB74-4822-A17C-9CF02B43F72A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0215DC7A-EF2F-451C-9392-B6481B2A4DAB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3256C64D-ECB2-421C-AE34-A4C6118FF4EA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{156DD78A-CB74-4822-A17C-9CF02B43F72A}]

[2008-11-05]
1.7.20.6759

Files:
%SystemDir%\dipifsa.dll
%SystemDir%\dipifxx2.dll
%SystemDir%\dipynsa.dll
%SystemDir%\dipynxx2.dll
%SystemDir%\hhahgsd.dll
%SystemDir%\hhahgxda.dll
%SystemDir%\hhfcsd.dll
%SystemDir%\hhfcxda.dll
%SystemDir%\joahgsd.dll
%SystemDir%\joahgxda.dll
%SystemDir%\jofcsd.dll
%SystemDir%\jofcxda.dll
%SystemDir%\loifsa.dll
%SystemDir%\loifxx2.dll
%SystemDir%\loynsa.dll
%SystemDir%\loynxx2.dll

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Anoniso]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\jurtob.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NinoGer]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sdx12q.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BC354443-937D-498B-A792-B6E388CDFCE6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DEE7B1F7-A014-477C-B0C5-23A51AA81DB5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{37029DE8-6378-45E3-AE58-D2C4A416AEB0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B31F9EF2-40D0-4F3E-9334-502C709DDC57}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D4480BB2-36CD-497B-83FF-15350EA6C122}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D76FBC4F-5E07-41FA-9013-FA3A53E46B95}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BC354443-937D-498B-A792-B6E388CDFCE6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DEE7B1F7-A014-477C-B0C5-23A51AA81DB5}]

[2008-11-02]
1.7.20.6731

New Features:
SetACL ActiveX Object is distributed as part of FixIEDef (Part of a yet to be released feature)
ERUNT is distributed as part of FixIEDef (Registry Backup feature)
Creates a System Restore Point named "Created By FixIEDef"
Backs up the Windows Registry to %WinDir%\ERDNT\FixIEDef

Bug Fixes:
Corrected improper UserInit file replacement in Check userinit.exe function

[2008-11-01]
1.6.14.6731

FixIEDef_BBCode.txt updated.

Bug Fixes:
Correctly locates and removes %SystemDrive%\resycled\boot.com and %SystemDrive%\resycled
Corrected GUID {829BA8A2-4515-4D62-9A4B-B89D4B55094} to read {829BA8A2-4515-4D62-9A4B-B89D4B55094F}
Check userinit.exe function was not correctly writing to the FixIEDef log. 

Files:
%Temp%\winlogon.exe

Registry:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Firewall auto setup"=-

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\asfzui.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SuperPivo]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3A303EF6-2598-4D2D-B4DA-DEFA7CD0DC51}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CBCA4C04-6BA9-492C-AA33-2F0A6EBB0DFC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EFF4D9F5-DBA6-463D-949B-3FEB27DDD0DD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3A303EF6-2598-4D2D-B4DA-DEFA7CD0DC51}]

[2008-10-29]
1.6.11.6723

Replaces infected userinit.exe

Files:
%SystemDrive%\resycled\boot.com

Folders:
%SystemDrive%\resycled

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Dostal]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ixoixo.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\kiokio.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lalama.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Sodna]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{87A69B72-DAE6-4517-BD12-42F62CF395FB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DED2B61B-1A26-4566-BF2F-DE539D4468DD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{051A5447-760E-45D3-9E9A-93BF38352458}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0EC5F63A-7DDF-48E7-9D5A-BC84B0B58F82}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{150119AA-A801-4DDF-BE5C-14CAF721A9FD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7CAFE1D6-6EC9-4044-BFEC-FBEDDD095F74}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{829BA8A2-4515-4D62-9A4B-B89D4B55094F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A127E4B3-0472-401E-A43E-4D8EAFA4D931}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87A69B72-DAE6-4517-BD12-42F62CF395FB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DED2B61B-1A26-4566-BF2F-DE539D4468DD}]

[2008-10-24]
1.6.10.6705

Files:
%ProgramFiles%\TS-2009\scan.exe
%ProgramFiles%\TS-2009\totalsecure.s2
%ProgramFiles%\TS-2009\totalsecure.s3
%ProgramFiles%\TS-2009\totalsecure.s6
%ProgramFiles%\TS-2009\uninstall.exe
%SystemDir%\sysbase32.dll

Folders:
%ProgramFiles%\TS-2009

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\pnphon.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Poals]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A2F253AD-1F23-4D87-A64B-D6987F38D981}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5E58DFE1-D27C-4CF0-BFEF-539A63C0BECE}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DB3DB4D7-B8F4-4097-80A6-A2E93D08C92D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A2F253AD-1F23-4D87-A64B-D6987F38D981}]

[2008-10-20]
1.6.10.6697

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Lospn]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lsksaq.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C420CF9F-D9D6-421F-958F-AA59906C2B12}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D71C4AF2-9E0D-4EB3-98A6-F542E6F360D9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E52C17C7-8498-4D09-93B8-0C9227D10AEB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C420CF9F-D9D6-421F-958F-AA59906C2B12}]

[2008-10-17]
1.6.10.6691

Files:
%SystemDir%\adic.dll
%SystemDir%\adip.dll
%SystemDir%\adiw.dll
%SystemDir%\aduic.dll
%SystemDir%\aduip.dll
%SystemDir%\aduiw.dll
%SystemDir%\adyc.dll
%SystemDir%\adyp.dll
%SystemDir%\adyw.dll
%SystemDir%\agic.dll
%SystemDir%\agip.dll
%SystemDir%\agiw.dll
%SystemDir%\aguic.dll
%SystemDir%\aguip.dll
%SystemDir%\aguiw.dll
%SystemDir%\agyc.dll
%SystemDir%\agyp.dll
%SystemDir%\agyw.dll
%SystemDir%\axic.dll
%SystemDir%\axip.dll
%SystemDir%\axiw.dll
%SystemDir%\axuic.dll
%SystemDir%\axuip.dll
%SystemDir%\axuiw.dll
%SystemDir%\axyc.dll
%SystemDir%\axyp.dll
%SystemDir%\axyw.dll
%SystemDir%\b_ies.dll
%SystemDir%\b_iesf.dll
%SystemDir%\b_iesurf.dll
%SystemDir%\bhoies.dll
%SystemDir%\bhoiesf.dll
%SystemDir%\bhoiesurf.dll
%SystemDir%\cfax32i.dll
%SystemDir%\cfax32u.dll
%SystemDir%\cfax32x.dll
%SystemDir%\cfen32i.dll
%SystemDir%\cfen32u.dll
%SystemDir%\cfen32x.dll
%SystemDir%\cfov32i.dll
%SystemDir%\cfov32u.dll
%SystemDir%\cfov32x.dll
%SystemDir%\dal2.dll
%SystemDir%\dal32i.dll
%SystemDir%\dalk.dll
%SystemDir%\dao2.dll
%SystemDir%\dao32i.dll
%SystemDir%\daok.dll
%SystemDir%\dasaomr.dll
%SystemDir%\dasaomt.dll
%SystemDir%\dasaomy.dll
%SystemDir%\dasaonr.dll
%SystemDir%\dasaont.dll
%SystemDir%\dasaony.dll
%SystemDir%\dasaozr.dll
%SystemDir%\dasaozt.dll
%SystemDir%\dasaozy.dll
%SystemDir%\dasasmr.dll
%SystemDir%\dasasmt.dll
%SystemDir%\dasasmy.dll
%SystemDir%\dasasnr.dll
%SystemDir%\dasasnt.dll
%SystemDir%\dasasny.dll
%SystemDir%\dasaszr.dll
%SystemDir%\dasaszt.dll
%SystemDir%\dasaszy.dll
%SystemDir%\dasidcmr.dll
%SystemDir%\dasidcmt.dll
%SystemDir%\dasidcmy.dll
%SystemDir%\dasidcnr.dll
%SystemDir%\dasidcnt.dll
%SystemDir%\dasidcny.dll
%SystemDir%\dasidczr.dll
%SystemDir%\dasidczt.dll
%SystemDir%\dasidczy.dll
%SystemDir%\dav2.dll
%SystemDir%\dav32i.dll
%SystemDir%\davk.dll
%SystemDir%\dfax32i.dll
%SystemDir%\dfax32u.dll
%SystemDir%\dfax32x.dll
%SystemDir%\dfen32i.dll
%SystemDir%\dfen32u.dll
%SystemDir%\dfen32x.dll
%SystemDir%\dfov32i.dll
%SystemDir%\dfov32u.dll
%SystemDir%\dfov32x.dll
%SystemDir%\drl2.dll
%SystemDir%\drl32i.dll
%SystemDir%\drlk.dll
%SystemDir%\dro2.dll
%SystemDir%\dro32i.dll
%SystemDir%\drok.dll
%SystemDir%\drv2.dll
%SystemDir%\drv32i.dll
%SystemDir%\drvk.dll
%SystemDir%\dwl2.dll
%SystemDir%\dwl32i.dll
%SystemDir%\dwlk.dll
%SystemDir%\dwo2.dll
%SystemDir%\dwo32i.dll
%SystemDir%\dwok.dll
%SystemDir%\dwv2.dll
%SystemDir%\dwv32i.dll
%SystemDir%\dwvk.dll
%SystemDir%\fga.dll
%SystemDir%\fgf.dll
%SystemDir%\fgi.dll
%SystemDir%\fgl.dll
%SystemDir%\fha.dll
%SystemDir%\fhf.dll
%SystemDir%\fhi.dll
%SystemDir%\fhl.dll
%SystemDir%\gamai.dll
%SystemDir%\gameap.dll
%SystemDir%\gamesxt.dll
%SystemDir%\gameX.dll
%SystemDir%\gampt.dll
%SystemDir%\gamst.dll
%SystemDir%\gap.dll
%SystemDir%\gasai.dll
%SystemDir%\gaspt.dll
%SystemDir%\gasst.dll
%SystemDir%\gaxapi.dll
%SystemDir%\gaxptr.dll
%SystemDir%\gaxstc.dll
%SystemDir%\gcait.dll
%SystemDir%\gcpta.dll
%SystemDir%\gcsto.dll
%SystemDir%\gjetcs.dll
%SystemDir%\gjetli.dll
%SystemDir%\gjopcs.dll
%SystemDir%\gjopli.dll
%SystemDir%\gmai.dll
%SystemDir%\gmapi.dll
%SystemDir%\gmdapi.dll
%SystemDir%\gmdptr.dll
%SystemDir%\gmdstc.dll
%SystemDir%\gmpt.dll
%SystemDir%\gmptr.dll
%SystemDir%\gmst.dll
%SystemDir%\gmstc.dll
%SystemDir%\gmxap.dll
%SystemDir%\gmxsxt.dll
%SystemDir%\gmxX.dll
%SystemDir%\gondu.dll
%SystemDir%\gonfa.dll
%SystemDir%\gopdu.dll
%SystemDir%\gopfa.dll
%SystemDir%\gpatbs.dll
%SystemDir%\gpatvok.dll
%SystemDir%\gpaxbs.dll
%SystemDir%\gpaxvok.dll
%SystemDir%\gsxt.dll
%SystemDir%\gX.dll
%SystemDir%\gxait.dll
%SystemDir%\gxpta.dll
%SystemDir%\gxsto.dll
%SystemDir%\hagy32.dll
%SystemDir%\hagyss.dll
%SystemDir%\hare32.dll
%SystemDir%\haress.dll
%SystemDir%\hjatbs.dll
%SystemDir%\hjatvok.dll
%SystemDir%\hjaxbs.dll
%SystemDir%\hjaxvok.dll
%SystemDir%\iebhos.dll
%SystemDir%\iebhosf.dll
%SystemDir%\iebhosurf.dll
%SystemDir%\ifsndu.dll
%SystemDir%\ifsnfa.dll
%SystemDir%\ifspdu.dll
%SystemDir%\ifspfa.dll
%SystemDir%\lcait.dll
%SystemDir%\lcpta.dll
%SystemDir%\lcsto.dll
%SystemDir%\lpax32i.dll
%SystemDir%\lpax32u.dll
%SystemDir%\lpax32x.dll
%SystemDir%\lpen32i.dll
%SystemDir%\lpen32u.dll
%SystemDir%\lpen32x.dll
%SystemDir%\lpov32i.dll
%SystemDir%\lpov32u.dll
%SystemDir%\lpov32x.dll
%SystemDir%\lsystamd32.dll
%SystemDir%\lsystamd64.dll
%SystemDir%\lsystipl32.dll
%SystemDir%\lsystipl64.dll
%SystemDir%\mipina.dll
%SystemDir%\mipinu.dll
%SystemDir%\mipona.dll
%SystemDir%\miponu.dll
%SystemDir%\mopina.dll
%SystemDir%\mopinu.dll
%SystemDir%\mopona.dll
%SystemDir%\moponu.dll
%SystemDir%\msysamd32.dll
%SystemDir%\msysamd64.dll
%SystemDir%\msysipl32.dll
%SystemDir%\msysipl64.dll
%SystemDir%\odic.dll
%SystemDir%\odip.dll
%SystemDir%\odiw.dll
%SystemDir%\oduic.dll
%SystemDir%\oduip.dll
%SystemDir%\oduiw.dll
%SystemDir%\odyc.dll
%SystemDir%\odyp.dll
%SystemDir%\odyw.dll
%SystemDir%\ogic.dll
%SystemDir%\ogip.dll
%SystemDir%\ogiw.dll
%SystemDir%\oguic.dll
%SystemDir%\oguip.dll
%SystemDir%\oguiw.dll
%SystemDir%\ogyc.dll
%SystemDir%\ogyp.dll
%SystemDir%\ogyw.dll
%SystemDir%\oxic.dll
%SystemDir%\oxip.dll
%SystemDir%\oxiw.dll
%SystemDir%\oxuic.dll
%SystemDir%\oxuip.dll
%SystemDir%\oxuiw.dll
%SystemDir%\oxyc.dll
%SystemDir%\oxyp.dll
%SystemDir%\oxyw.dll
%SystemDir%\pga.dll
%SystemDir%\pgi.dll
%SystemDir%\pgy32.dll
%SystemDir%\pgyss.dll
%SystemDir%\pha.dll
%SystemDir%\phi.dll
%SystemDir%\pre32.dll
%SystemDir%\press.dll
%SystemDir%\rgf.dll
%SystemDir%\rgl.dll
%SystemDir%\rhf.dll
%SystemDir%\rhl.dll
%SystemDir%\rois.dll
%SystemDir%\roisafe.dll
%SystemDir%\roisf.dll
%SystemDir%\sdetcs.dll
%SystemDir%\sdetli.dll
%SystemDir%\sdopcs.dll
%SystemDir%\sdopli.dll
%SystemDir%\sups.dll
%SystemDir%\supsafe.dll
%SystemDir%\supsf.dll
%SystemDir%\syss.dll
%SystemDir%\syssafe.dll
%SystemDir%\syssf.dll
%SystemDir%\vaddes.dll
%SystemDir%\vaddit.dll
%SystemDir%\vappes.dll
%SystemDir%\vappit.dll
%SystemDir%\wsaomr.dll
%SystemDir%\wsaomt.dll
%SystemDir%\wsaomy.dll
%SystemDir%\wsaonr.dll
%SystemDir%\wsaont.dll
%SystemDir%\wsaony.dll
%SystemDir%\wsaozr.dll
%SystemDir%\wsaozt.dll
%SystemDir%\wsaozy.dll
%SystemDir%\wsasmr.dll
%SystemDir%\wsasmt.dll
%SystemDir%\wsasmy.dll
%SystemDir%\wsasnr.dll
%SystemDir%\wsasnt.dll
%SystemDir%\wsasny.dll
%SystemDir%\wsaszr.dll
%SystemDir%\wsaszt.dll
%SystemDir%\wsaszy.dll
%SystemDir%\wsidcmr.dll
%SystemDir%\wsidcmt.dll
%SystemDir%\wsidcmy.dll
%SystemDir%\wsidcnr.dll
%SystemDir%\wsidcnt.dll
%SystemDir%\wsidcny.dll
%SystemDir%\wsidczr.dll
%SystemDir%\wsidczt.dll
%SystemDir%\wsidczy.dll
%SystemDir%\xaddes.dll
%SystemDir%\xaddit.dll
%SystemDir%\xappes.dll
%SystemDir%\xappit.dll
%SystemDir%\xdaomr.dll
%SystemDir%\xdaomt.dll
%SystemDir%\xdaomy.dll
%SystemDir%\xdaonr.dll
%SystemDir%\xdaont.dll
%SystemDir%\xdaony.dll
%SystemDir%\xdaozr.dll
%SystemDir%\xdaozt.dll
%SystemDir%\xdaozy.dll
%SystemDir%\xdasmr.dll
%SystemDir%\xdasmt.dll
%SystemDir%\xdasmy.dll
%SystemDir%\xdasnr.dll
%SystemDir%\xdasnt.dll
%SystemDir%\xdasny.dll
%SystemDir%\xdaszr.dll
%SystemDir%\xdaszt.dll
%SystemDir%\xdaszy.dll
%SystemDir%\xdidcmr.dll
%SystemDir%\xdidcmt.dll
%SystemDir%\xdidcmy.dll
%SystemDir%\xdidcnr.dll
%SystemDir%\xdidcnt.dll
%SystemDir%\xdidcny.dll
%SystemDir%\xdidczr.dll
%SystemDir%\xdidczt.dll
%SystemDir%\xdidczy.dll
%SystemDir%\yal2.dll
%SystemDir%\yal32i.dll
%SystemDir%\yalk.dll
%SystemDir%\yao2.dll
%SystemDir%\yao32i.dll
%SystemDir%\yaok.dll
%SystemDir%\yav2.dll
%SystemDir%\yav32i.dll
%SystemDir%\yavk.dll
%SystemDir%\yrl2.dll
%SystemDir%\yrl32i.dll
%SystemDir%\yrlk.dll
%SystemDir%\yro2.dll
%SystemDir%\yro32i.dll
%SystemDir%\yrok.dll
%SystemDir%\yrv2.dll
%SystemDir%\yrv32i.dll
%SystemDir%\yrvk.dll
%SystemDir%\ywl2.dll
%SystemDir%\ywl32i.dll
%SystemDir%\ywlk.dll
%SystemDir%\ywo2.dll
%SystemDir%\ywo32i.dll
%SystemDir%\ywok.dll
%SystemDir%\ywv2.dll
%SystemDir%\ywv32i.dll
%SystemDir%\ywvk.dll
%SystemDir%\zadic.dll
%SystemDir%\zadip.dll
%SystemDir%\zadiw.dll
%SystemDir%\zaduic.dll
%SystemDir%\zaduip.dll
%SystemDir%\zaduiw.dll
%SystemDir%\zadyc.dll
%SystemDir%\zadyp.dll
%SystemDir%\zadyw.dll
%SystemDir%\zagic.dll
%SystemDir%\zagip.dll
%SystemDir%\zagiw.dll
%SystemDir%\zaguic.dll
%SystemDir%\zaguip.dll
%SystemDir%\zaguiw.dll
%SystemDir%\zagyc.dll
%SystemDir%\zagyp.dll
%SystemDir%\zagyw.dll
%SystemDir%\zal2.dll
%SystemDir%\zal32i.dll
%SystemDir%\zalk.dll
%SystemDir%\zao2.dll
%SystemDir%\zao32i.dll
%SystemDir%\zaok.dll
%SystemDir%\zav2.dll
%SystemDir%\zav32i.dll
%SystemDir%\zavk.dll
%SystemDir%\zaxic.dll
%SystemDir%\zaxip.dll
%SystemDir%\zaxiw.dll
%SystemDir%\zaxuic.dll
%SystemDir%\zaxuip.dll
%SystemDir%\zaxuiw.dll
%SystemDir%\zaxyc.dll
%SystemDir%\zaxyp.dll
%SystemDir%\zaxyw.dll
%SystemDir%\zrl2.dll
%SystemDir%\zrl32i.dll
%SystemDir%\zrlk.dll
%SystemDir%\zro2.dll
%SystemDir%\zro32i.dll
%SystemDir%\zrok.dll
%SystemDir%\zrv2.dll
%SystemDir%\zrv32i.dll
%SystemDir%\zrvk.dll
%SystemDir%\zwl2.dll
%SystemDir%\zwl32i.dll
%SystemDir%\zwlk.dll
%SystemDir%\zwo2.dll
%SystemDir%\zwo32i.dll
%SystemDir%\zwok.dll
%SystemDir%\zwv2.dll
%SystemDir%\zwv32i.dll
%SystemDir%\zwvk.dll

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DichVer]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DkamPio]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DoggyMe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\i348oa.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\kaspaz.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\mimi11.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{435ADC46-DCAB-4593-92C8-25D2BEFCEAB7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6ECB8E85-7A9E-4175-8113-1136D1A325DB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9D17DA6-022A-454A-AB26-E104C0F6D13A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1CE6F264-7803-48BF-9B53-86FC75BEBB49}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{275DE758-AE97-4BE3-BEF1-107A376C66E0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{720F11ED-6980-432E-B402-63548BA2A33A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{95C6F0D7-507C-41E3-9E07-A78E15433E2B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B52FE4D2-6952-4DC3-A246-7B518B3A1C5D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FDF87042-0D74-42E4-AFC5-0CDA77BC74BA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{435ADC46-DCAB-4593-92C8-25D2BEFCEAB7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6ECB8E85-7A9E-4175-8113-1136D1A325DB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A9D17DA6-022A-454A-AB26-E104C0F6D13A}]

[2008-10-14]
1.6.10.6277

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Dicha]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\godzi1.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FAE709C-A4F1-40AD-95E2-D119CFB6B539}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3245BCDA-E3F6-426D-B34A-D21ED68003FB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FD1C2799-8B15-45D0-8E89-3AD68A4CCB8E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7FAE709C-A4F1-40AD-95E2-D119CFB6B539}]

[2008-10-12]
1.6.10.6271

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\gs23d1.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Kiolld]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F88A6F5-908C-4C28-9A81-829953C5F5C5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{06360872-0310-49C1-8EDA-953E73941E3E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{419803E0-EBB5-418E-BCDD-8EA63647EC5E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{10026069-7A5F-4531-811E-C8DF20643BEE}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F88A6F5-908C-4C28-9A81-829953C5F5C5}]

[2008-10-08]
1.6.10.6263

Removes Antivirus 2010

Files:
%DesktopDir%\Cheap Pharmacy Online.url
%DesktopDir%\Search Online.url
%FavoritesDir%\Cheap Pharmacy Online.url
%FavoritesDir%\Search Online.url
%StartMenuDir%\Cheap Pharmacy Online.url
%StartMenuDir%\Search Online.url
%SystemDir%\m.ico
%SystemDir%\rgf.dll
%SystemDir%\s.ico
%WindowsDir%\k.txt
%DesktopDir%\AV2010.lnk
%ProgramsDir%\AV2010\AV2010.lnk
%ProgramsDir%\AV2010\Uninstall.lnk
%ProgramFiles%\AV2010\AV2010.exe
%ProgramFiles%\AV2010\svchost.exe
%SystemDir%\IEDefender.dll
%SystemDir%\wingamma.exe

Folders:
%ProgramsDir%\AV2010
%ProgramFiles%\AV2010

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\antbl1.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\aplsj2.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\asvfsa.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\aspopg.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\coldopen]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ffddffdd]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\fffccd.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\gigant.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lpndf3.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\monamia2]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\plodaq.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{06717D20-4FAA-48E1-B4BA-E8F80DAF1F06}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{56D182B7-C06B-4A37-85F3-A7C018DEF8A7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{57BE2636-F271-4151-9D4A-40A2663E4FD7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5B171109-DED1-4403-90E9-6F7778533B9A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D682D50-876E-454C-90BE-EFE6028FE389}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6599A965-FA2D-41CD-95B1-13140F1CF8A3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7F47CD2E-581E-4C07-9AD5-82451B604699}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BCCCB3D5-17DC-43DD-9F46-A31AB28FECB2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{076BCC99-11F1-422A-84C9-18CDECAED8BB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{112E6917-829F-40CC-8741-2B8698568044}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1D745E53-A313-4CC4-9D5D-F6B655BE9167}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2230E4D5-369D-4CB6-87C0-186362305C56}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{300FA7A4-80C6-4098-9818-341D70EC1E68}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3DBF2330-F8AD-4CCC-AD20-D155DA5BC81A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7400E82A-929B-462A-BA8D-A7ED73843144}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{81FC7CDF-8E09-4C07-BB96-17ABF2F9AB43}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{86D8DBA1-D5D2-4D36-9766-5BB61966FFD3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A11DCB3A-D50B-497D-8792-4B25FFDF0307}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BB232245-101E-4ABE-BE07-6DB3BC863A1D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C6C4E78F-65FB-48B1-AADA-3855FDCE8F52}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D050CEF2-4125-48EC-8B42-B9A33519E1AA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DB608AAE-630E-4705-B1A2-B0B0F5DAE6CF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E8CA1E96-131F-452E-B187-60300C43C0DF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EE52BF18-569B-4B8B-8FF3-C7C9576A038B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06717D20-4FAA-48E1-B4BA-E8F80DAF1F06}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56D182B7-C06B-4A37-85F3-A7C018DEF8A7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{57BE2636-F271-4151-9D4A-40A2663E4FD7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5B171109-DED1-4403-90E9-6F7778533B9A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5D682D50-876E-454C-90BE-EFE6028FE389}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6599A965-FA2D-41CD-95B1-13140F1CF8A3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F47CD2E-581E-4C07-9AD5-82451B604699}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BCCCB3D5-17DC-43DD-9F46-A31AB28FECB2}]
[-HKEY_CURRENT_USER\Software\AV2010]
[-HKEY_CLASSES_ROOT\AppID\{3C40236D-990B-443C-90E8-B1C07BCD4A68}]
[-HKEY_CLASSES_ROOT\AppID\IEDefender.DLL]
[-HKEY_CLASSES_ROOT\CLSID\{FC8A493F-D236-4653-9A03-2BF4FD94F643}]
[-HKEY_CLASSES_ROOT\IEDefender.IEDefenderBHO]
[-HKEY_CLASSES_ROOT\IEDefender.IEDefenderBHO.1]
[-HKEY_CLASSES_ROOT\Interface\{7BC7565C-5062-43CE-8797-DC2C271140A9}]
[-HKEY_CLASSES_ROOT\TypeLib\{705FD64B-2B7B-4856-9337-44CA1DA86849}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC8A493F-D236-4653-9A03-2BF4FD94F643}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Gamma Display"=-

[2008-09-27]
1.6.10.6194

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BonParis]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\genaps.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\hopasd.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\JigoSaco]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E402C66A-D5CB-441E-9F12-A5A864430AA2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F7B20872-3B45-4F1D-A45E-A360E4102BDA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{33A8A478-EBD6-49FE-A0E3-AF28FB48446F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{79079C40-D506-484E-A2A6-EE595CF23CF4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8B7C06A9-F03A-4766-A99D-364278272FD2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9113117A-8879-4F1A-926A-B6EB70251755}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E402C66A-D5CB-441E-9F12-A5A864430AA2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F7B20872-3B45-4F1D-A45E-A360E4102BDA}]

[2008-09-23]
1.6.10.6182

Files:
%SystemDir%\sysppu*.dat
%SystemDir%\sysppu*.dll
%SystemDir%\sysppu*.exe
%SystemDir%\users64.da_

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\adomto.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AquaMin]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\cisosp.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\GopaGopa]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IndoSofa]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\nitrob.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{98237227-8F14-46CA-B743-241103BEE8A6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4BA1B98-9E26-454D-A42B-AA69E732383F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{127E4B35-ECCB-4295-870B-9C712B1D9CE3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{33ACD6C9-AF35-4E8B-ACA7-D957D2032B92}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{43887821-A696-4B4B-B80C-75FB945385B8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{489BC5C7-8CB5-4AE6-AF3F-CBD9B9902FC0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{59592331-E3B1-4924-A35B-76B7A14D01D7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6B9CE8D1-6F00-442B-BAED-B7C94ABCED2E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{98237227-8F14-46CA-B743-241103BEE8A6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4BA1B98-9E26-454D-A42B-AA69E732383F}]

[2008-09-19]
1.6.10.6162

Files:
%SystemDir%\users64.dat

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Anonym]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\China]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\cnssvp.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\glx3rz.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\janybo.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Mukapicha]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\p0land.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Poland]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ucjs0l.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ZoooGoo]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F95467C-AB44-4274-BEEA-2A75AB01B77E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4D8F81B2-80C9-45B1-9F03-67B2B0D2320B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D83E84DA-D187-4300-B5D7-727727352096}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{44CD99FD-CDC0-4C83-A856-CC088872B038}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8B7D6DFD-0001-4136-A6A7-5D2E7462ECC7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8B8B70F3-3835-4C43-BD8E-3142251EE128}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B038F224-F9F5-4B83-A0D0-43D68D8E3CFE}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D16C8C5D-ECEF-4307-A1B8-7E67B991A605}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E062203C-7759-4B2F-8EE7-DF725EED1DB7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E8E991EC-4BED-4773-ABC2-9F9B2869ACF5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F89CB572-11D7-4297-BB3F-CA6C69270633}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F95467C-AB44-4274-BEEA-2A75AB01B77E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D8F81B2-80C9-45B1-9F03-67B2B0D2320B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D83E84DA-D187-4300-B5D7-727727352096}]

[2008-09-14]
1.6.10.6137

Files:
%DesktopDir%\VIP Casino.url
%FavoritesDir%\VIP Casino.url
%StartMenuDir%\VIP Casino.url 
%SystemDir%\c.ico

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\aaaaaa.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\abcd0f.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Bizon]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Deca]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\gpiext.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Lion]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Micro]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Sony]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\zxdfgw.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1EF7B347-DBAF-412F-879D-DC7A95BFCC94}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7D6A0C8D-7C34-44FC-BED8-96528D13BEE9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D80C8DC6-A525-4AE5-AAF3-A4B13105A700}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EC748705-E0FD-4671-9AFF-890579E57450}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3A486C3-6341-4BE6-B94D-D4172B69E430}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0A6A7C8A-B0EF-422B-B52F-E0F11151C309}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4A72E49C-DF8B-4245-9131-36720F19D8AD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{30F4D476-E7CB-44DE-B678-0AB2DF75BA85}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{53348413-F1D4-4C00-BA7B-DB16FB505245}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B68B59F4-D134-4E96-BBB8-09F28630494A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{B116B013-918B-42C1-9933-1DFC4D654C00}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C24F1374-8C1D-4698-AE5B-17F0F9FDDE87}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C911AB8A-BC92-4AC7-BFED-425963CB783F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D211D9EA-FCE1-46EA-90C0-188EA8A55987}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F592CD1A-E409-40EE-96A3-1AD3DF4B0A2C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1EF7B347-DBAF-412F-879D-DC7A95BFCC94}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D6A0C8D-7C34-44FC-BED8-96528D13BEE9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D80C8DC6-A525-4AE5-AAF3-A4B13105A700}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EC748705-E0FD-4671-9AFF-890579E57450}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3A486C3-6341-4BE6-B94D-D4172B69E430}]

[2008-09-09]
1.6.9.6104

Changed location of temporary log creation from %TEMP% to %HomeDrive%\!FixIEDef\Temp

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Jungle]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{341116E2-9CC4-4A6E-9303-4819C84846DE}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9D9471F0-B58C-49D2-8B6C-0472917A6CA0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AC465E6F-5655-4F62-82C9-DE86C20A8BD3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{341116E2-9CC4-4A6E-9303-4819C84846DE}]

[2008-09-07]
1.6.8.6099

New Feature:
Backs up targeted files, in %HomeDrive%\!FixIEDef, before deletion.

White Listed:
%System%\tbs.dll - Windows Vista only

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Jiapo]

1.5.7.6098

Bug Fix:
Checks to make sure that the fileobject is not a directory before executing file deletion.

Removed from Definitions:
Codec Pack All-in-1

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\123]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Aikido]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Sin]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8EF40C36-293F-4749-8EA0-94FB3AD83FA1}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A8485774-8230-4D88-B00F-4A04A3E4FC1C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1F1EEDDD-13C7-4AD3-821C-B116295D08D2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8D63FA6E-B209-4FE1-B457-2A85252F0EAF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9EF67FCC-5B6C-474C-9E6C-1307EC42DFE6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D1B08E8B-BB9C-4C08-83F9-3219878E58A3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8EF40C36-293F-4749-8EA0-94FB3AD83FA1}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A8485774-8230-4D88-B00F-4A04A3E4FC1C}]

[2008-09-01]
1.5.6.6088

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Acje]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Spox]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E61BB38-A952-40BA-98F0-0AD229658CB7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D79DA7F1-9B93-45CC-9019-26BD0A086577}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{412C0630-52EE-4A88-ABF2-EB8500FC2436}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{86DFF136-77B4-472C-B3B3-DDDEE57AC1A1}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C1FA386B-A2D3-410B-A25A-E82D314D78FF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{EA2A4962-9D7C-4912-82A6-4ABC1655F003}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E61BB38-A952-40BA-98F0-0AD229658CB7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D79DA7F1-9B93-45CC-9019-26BD0A086577}]

[2008-08-31]
1.5.6.6078

Files:
%ProgramFiles%\totalsecure2009\scan.exe
%ProgramFiles%\totalsecure2009\totalsecure.s1
%ProgramFiles%\totalsecure2009\totalsecure.s2
%ProgramFiles%\totalsecure2009\totalsecure.s3
%ProgramFiles%\totalsecure2009\totalsecure.s4
%ProgramFiles%\totalsecure2009\totalsecure.s5
%ProgramFiles%\totalsecure2009\totalsecure.s6
%ProgramFiles%\totalsecure2009\uninstall.exe
%Programs%\total secure 2009.lnk
%Desktop%\total secure 2009.lnk

Folders:
%ProgramFiles%\totalsecure2009

Registry:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TotalSecure2009"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ThemeManager]
"SystemID"=-
[-HKEY_CURRENT_USER\Software\TotalSecure2009]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Lsx]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\NimoXXXXXXXXXXXXXXX]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Plaso]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\toolie.Bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Vjhas]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{62F96656-0788-4D00-8E32-D41C239E205B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{746CBA32-C671-44F6-BC73-C5351A316D03}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BE17AE9C-3BD1-4BAD-936F-B77B63D5763F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F32B24F1-25FA-4A91-9F97-5272B3CE8FCA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4B784B5C-CF8D-4BCE-8E0C-25E3A50265BC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6F7DC9AB-021F-45FA-BE32-9E9C1719F75B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{700ADE6F-527F-44A9-B8F9-9FC2861C5F14}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{76F30631-F69C-48EB-87A2-725BACF2A458}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8FEDD8C2-47C8-484E-AF34-3EACB7D21158}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BEE13157-278E-4EA1-882B-2041E6FC505C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D3941862-B8DC-4861-B886-2AD6459C9EE2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E915A630-90A0-4CAD-813D-3837DB6F66BA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{62F96656-0788-4D00-8E32-D41C239E205B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{746CBA32-C671-44F6-BC73-C5351A316D03}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE17AE9C-3BD1-4BAD-936F-B77B63D5763F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F32B24F1-25FA-4A91-9F97-5272B3CE8FCA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Total Secure 2009]

[2008-08-25]
1.5.5.6050

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Nimo]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7FBB2D91-9964-4196-BAC5-D5E751762EC3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CF4BFF2B-B9C5-4C11-AB65-B3BACCBF2C6E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{ECD99DB2-ABFA-46AE-A7EE-16D0DDB78258}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7FBB2D91-9964-4196-BAC5-D5E751762EC3}]

[2008-08-22]
1.5.5.6045

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Gorpy]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A83359CE-23D4-4E1A-9D4E-C94AEDD1A67C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A83359CE-23D4-4E1A-9D4E-C94AEDD1A67C}]

[2008-08-21]
1.5.5.6042

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AINS]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F73DBD9E-5F1B-4BCA-8604-A911DCE08B37}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{049652C3-55AE-4A6E-84CE-0C5B733E8F82}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{C1D4354E-C81A-4C16-9C41-D6FB49AA31A8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F73DBD9E-5F1B-4BCA-8604-A911DCE08B37}]

[2008-08-19]
1.5.5.6037

FIXED:  AutoIt Error! Line -1: Error: Variable must be of type "Object1"

File Name and File Path of the Trojan.Downloader.Delf DLL is now extracted from the Windows Registry.

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WARP]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WR]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{07EF0649-D5BA-4139-B0A2-4D047F223B2D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CEAF8FFD-A61C-46EF-A970-D77D90246918}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{161DE2BD-62BF-4E1D-B9EA-0C5E9C656096}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4889BC79-638C-4D09-99A3-2CB4AD8AB956}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6684B86E-821B-4B46-A846-D9B6EB327A09}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D55D6501-3AFD-44B6-8C7D-4E5C6293EE33}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07EF0649-D5BA-4139-B0A2-4D047F223B2D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CEAF8FFD-A61C-46EF-A970-D77D90246918}]

[2008-08-17]
1.5.4.6026

Files:
%SystemDir%\iea32.dll
%SystemDir%\iedsa.dll
%SystemDir%\ieodk.dll
%SystemDir%\ievida32.dll
%SystemDir%\ieviddsa.dll
%SystemDir%\ievidodk.dll
%SystemDir%\videoa32.dll
%SystemDir%\videodsa.dll
%SystemDir%\videoodk.dll

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IE32]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IeVid]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B5B77C65-5849-48E4-999A-FACA72F7B822}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BACA5B3B-DD57-4E62-B986-9A5677FBF001}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{3561FA4B-C6C0-4FF0-A4A4-F1528F79E1A8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B5B77C65-5849-48E4-999A-FACA72F7B822}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BACA5B3B-DD57-4E62-B986-9A5677FBF001}]

[2008-08-15]
1.5.4.6010

Files:
%SystemDir%\smsani.dll
%SystemDir%\smsera.dll
%SystemDir%\smsopa.dll
%SystemDir%\srchani.dll
%SystemDir%\srchera.dll
%SystemDir%\srchopa.dll
%SystemDir%\sysani.dll
%SystemDir%\sysera.dll
%SystemDir%\sysopa.dll

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AdvVideo]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3F1CEB16-3615-47ED-B153-3E98A4B9F3F5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8853B70A-2C8B-4C82-BDD9-ED2675076DEF}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{DB7DBAEE-23E4-4B85-8D23-8953A5FEBFE3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3F1CEB16-3615-47ED-B153-3E98A4B9F3F5}]

[2008-08-14]
1.5.3.6116

Files:
%SystemDir%\searcha.dll
%SystemDir%\searchadd.dll
%SystemDir%\searchaddon.dll
%SystemDir%\sra.dll
%SystemDir%\sradd.dll
%SystemDir%\sraddon.dll
%SystemDir%\srcha.dll
%SystemDir%\srchadd.dll
%SystemDir%\srchaddon.dll

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DivX.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\searchaddon.BhoApp]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\searchaddon.BhoApp.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0CF8753B-DEB6-4266-BEFF-71F5E0312B0D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47FE9CB0-BFEE-4EBB-8BE2-F65F8811CEE7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5F49381C-F0CA-45A5-98A0-C02062A8109F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FF542591-DDEE-4E48-A972-C71088788A5F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5BA852FE-A36D-4430-8212-3CF660016155}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0CB66BA8-5E1F-4963-93D1-E1D6B78FE9A2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0CF8753B-DEB6-4266-BEFF-71F5E0312B0D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{47FE9CB0-BFEE-4EBB-8BE2-F65F8811CEE7}]

[2008-08-13]
1.5.3.6095

Files:
%SystemDir%\amosv.dll
%SystemDir%\amosvid.dll
%SystemDir%\amosvideo.dll
%SystemDir%\amov.dll
%SystemDir%\amovid.dll
%SystemDir%\amovideo.dll
%SystemDir%\av.dll
%SystemDir%\avid.dll
%SystemDir%\avideo.dll

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AmosVideo]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0603D38B-C4FF-458D-9E9A-C0FD113FAEC3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{20390EDD-353E-439B-BC70-467C1C468EC6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA0C7426-8107-4C6F-83BF-A7B57083CBB1}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0603D38B-C4FF-458D-9E9A-C0FD113FAEC3}]

[2008-08-12]
1.5.3.6081

Files:
%SystemDir%\gtool.dll
%SystemDir%\gtbl.dll
%SystemDir%\gtool~1.dll
%SystemDir%\g2tool.dll
%SystemDir%\g2tbl.dll
%SystemDir%\g2tool~1.dll
%SystemDir%\Gtool.dll
%SystemDir%\Gtbl.dll
%SystemDir%\Gtool~1.dll

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Gtool.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53322B35-2C26-4FAC-A713-C31BBAA1C636}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2BC9A3BD-9FF9-4C52-B8B8-8051ADAA7FF6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7A8C49CB-A790-4024-B1FB-0C01094F379D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53322B35-2C26-4FAC-A713-C31BBAA1C636}]

[2008-08-09]
1.5.3.6067

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67956585-9B5C-4E2B-ABE1-A01BF3046EE1}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67956585-9B5C-4E2B-ABE1-A01BF3046EE1}]

[2008-08-07]
1.5.3.6065

Correct typo in file name. Files Version remains the same.

[2008-08-06]
1.5.3.6065

Files:
%SystemDir%/gldman.dll
%SystemDir%/gldManager.dll
%SystemDir%/gldmng.dll
%SystemDir%/goldman.dll
%SystemDir%/goldManager.dll
%SystemDir%/goldmng.dll
%SystemDir%/Goldman.dll
%SystemDir%/GoldManager.dll
%SystemDir%/Goldmng.dll

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D26AAB3B-B0DD-456C-A7E5-4DA9565FD6EE}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D26AAB3B-B0DD-456C-A7E5-4DA9565FD6EE}]

[2008-08-04]
1.5.3.6054

Files:
%SystemDir%\MEGAUP~1.dll
%SystemDir%\MEGAUPL.dll
%SystemDir%\MEGAUPLOAD.dll

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEE17712-987E-4424-A00C-9DA0BC4E2078}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE17712-987E-4424-A00C-9DA0BC4E2078}]

[2008-07-29]
1.5.3.6049

Files:
%SystemDir%\aolbho.dll
%SystemDir%\aoltbl.dll
%SystemDir%\aoltoolbar.dll
%SystemDir%\aol_bho.dll
%SystemDir%\aol_tbl.dll
%SystemDir%\aol_toolbar.dll
%SystemDir%\aol2bho.dll
%SystemDir%\aol2tbl.dll
%SystemDir%\aol2toolbar.dll

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB0E529A-3D2C-473E-83FE-9E56AC6CC0EB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB0E529A-3D2C-473E-83FE-9E56AC6CC0EB}]

[2008-07-27]
1.5.3.6038

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{76086C05-4D0A-4B92-9219-2E3FE8C553F9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{76086C05-4D0A-4B92-9219-2E3FE8C553F9}]

[2008-07-25]
1.5.2.6036

Files:
%SystemDir%\dombho.dll
%SystemDir%\domie.dll
%SystemDir%\domiebho.dll
%SystemDir%\hombho.dll
%SystemDir%\homie.dll
%SystemDir%\homiebho.dll
%SystemDir%\sofbho.dll
%SystemDir%\sofie.dll
%SystemDir%\sofiebho.dll

Regisry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9873E994-669E-4044-BA64-E5D9AD534A55}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A4D16645-4149-41FB-B670-E06072E540C1}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9873E994-669E-4044-BA64-E5D9AD534A55}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A4D16645-4149-41FB-B670-E06072E540C1}]

[2008-07-23]
1.5.2.6023

Files:
%SystemDir%\bho_e.dll
%SystemDir%\bhoext.dll
%SystemDir%\bhoextn.dll
%SystemDir%\bho2_e.dll
%SystemDir%\bho2ext.dll
%SystemDir%\bho2extn.dll
%SystemDir%\ie_e.dll
%SystemDir%\ieext.dll
%SystemDir%\ieextn.dll

Regisry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FBE58CC0-D14B-45FE-A717-57BB8247F652}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FBE58CC0-D14B-45FE-A717-57BB8247F652}]

[2008-07-22]
1.5.1.6012

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{401F4B6B-3C36-4E8D-BC07-F46FC6D67D9A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{401F4B6B-3C36-4E8D-BC07-F46FC6D67D9A}]

[2008-07-20]
1.5.1.6010

Files:
%SystemDir%\IE_fil.dll
%SystemDir%\IE_filter.dll
%SystemDir%\IE_flt.dll
%SystemDir%\iefil.dll
%SystemDir%\iefilter.dll
%SystemDir%\ieflt.dll
%SystemDir%\iexfil.dll
%SystemDir%\iexfilter.dll
%SystemDir%\iexflt.dll

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F65E955E-26C0-42FF-8EE2-443A05EA286A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F65E955E-26C0-42FF-8EE2-443A05EA286A}]

[2008-07-19]
1.5.1.5999

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7D76D0EB-AE56-4DF4-AFFC-20AFF4344AC6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D76D0EB-AE56-4DF4-AFFC-20AFF4344AC6}]

[2008-07-18]
1.5.1.5997

Files:
%SystemDir%\tbs.dll
%SystemDir%\tbsch.dll
%SystemDir%\tbsrch.dll
%SystemDir%\tbrs.dll
%SystemDir%\tbrsch.dll
%SystemDir%\tbrsrch.dll
%SystemDir%\toolbars.dll
%SystemDir%\toolbarsch.dll
%SystemDir%\toolbarsrch.dll

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{19B8572F-894F-41E0-9309-00091B688905}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{19B8572F-894F-41E0-9309-00091B688905}]

[2008-07-15]
1.5.0.5987

Bug fix - Terminates all instances of Internet Explorer that are running.  Before only closed the first instance of Internet Explorer.
Bug fix - Terminates all instances of Explorer that are running.  Before only closed the the first instance of Explorer.
Bug fix - Explorer stays terminated until scan is finished.
Terminates all instances of Firefox that are running.
Terminates all instances of Opera that are running.

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4AD3A71E-8ED4-40F5-9A81-69245BDCBB75}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4AD3A71E-8ED4-40F5-9A81-69245BDCBB75}]

[2008-07-14]
1.4.20.5985

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DB055111-4F4F-4730-ADC5-C40EBBFF6E67}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DB055111-4F4F-4730-ADC5-C40EBBFF6E67}]

1.4.20.5983

Files:
%SystemDir%\AswBHO.dll
%SystemDir%\RichVideoCodec.dll

Registry:
[-HKEY_CURRENT_USER\Software\RichVideoCodec]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\aswbho.aswplugin]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\aswbho.aswplugin.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bhonew.bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bhonew.bho.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\richvideocodec.videocodec]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\richvideocodec.videocodec.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RichVideoCodec.XMLDOMDocumentEventsSi.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\RichVideoCodec.XMLDOMDocumentEventsSink]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\AswBHO.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\RichVideoCodec.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{A85A2972-D35F-4089-86AE-83DFEF054E23}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{284AAAD9-FDF9-49A3-93ED-9CAE4AA26805}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{35DA02A8-1D27-43EB-8088-3210521AA154}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4B2DBC9D-7D49-48F4-8DDC-1B15415FF253}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{926A61C9-5C20-4583-ACA7-ACE21088816E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{949859A7-EB1F-400D-BDBC-C48238BDF788}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB3B8AF6-8886-4525-AAE9-339DA17E23C7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{11446072-F8F2-4C03-8A8A-D337AD2B13F2}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{BAF84F6B-038B-40E2-9688-1E3BF20988D8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{0EF350A6-8AF0-40B5-ADE7-CB82FD02C3AE}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F8ADE252-1BBA-4FC0-8A0C-3E6E164E13C8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{284AAAD9-FDF9-49A3-93ED-9CAE4AA26805}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{926A61C9-5C20-4583-ACA7-ACE21088816E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{949859A7-EB1F-400D-BDBC-C48238BDF788}]

[2008-07-11]
1.4.20.5956

Files:
%SystemDir%\ie_f.dll
%SystemDir%\iefl.dll
%SystemDir%\iefltr.dll
%SystemDir%\iexp_f.dll
%SystemDir%\iexpfl.dll
%SystemDir%\iexpfltr.dll
%SystemDir%\inte_f.dll
%SystemDir%\intefl.dll
%SystemDir%\intefltr.dll

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B2AE9C0-1555-4C92-905A-531532F15698}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B2AE9C0-1555-4C92-905A-531532F15698}]

[2008-07-10]
1.4.20.5944

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FFE59EC6-5491-4EF3-BA0D-77B0D895B4F7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFE59EC6-5491-4EF3-BA0D-77B0D895B4F7}]

[2008-07-09]
1.4.20.5942

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6DDBF417-0774-46AD-940B-6A4D9A039407}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6DDBF417-0774-46AD-940B-6A4D9A039407}]

[2008-07-08]
1.4.20.5940

Files:
%ProgramFilesDir%\ieantispyware\ieas.exe
%ProgramFilesDir%\ieantispyware\ieas.db2
%ProgramFilesDir%\ieantispyware\ieas.db3
%ProgramFilesDir%\ieantispyware\uninst.exe
%ProgramsDir%\ie antispyware ?.?.lnk
%DesktopDir%\ie antispyware ?.?.lnk
%SystemDir%\eps32.dll
%SystemDir%\epsbho.dll
%SystemDir%\epsdrv.dll
%SystemDir%\epson32.dll
%SystemDir%\epsonbho.dll
%SystemDir%\epsondrv.dll
%SystemDir%\navf.dll
%SystemDir%\navfilter.dll
%SystemDir%\navflt.dll
%SystemDir%\nvf.dll
%SystemDir%\nvfilter.dll
%SystemDir%\nvflt.dll
%SystemDir%\nvgf.dll
%SystemDir%\nvgfilter.dll
%SystemDir%\nvgflt.dll

Folders:
%ProgramFilesDir%\ieantispyware

Registry:
[-HKEY_CURRENT_USER\SOFTWARE\ieantispyware]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1AB6932F-92FE-42E6-870C-544AE458EA78}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{87FD33C2-7891-45D5-ACD1-7935F9AEA26B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1AB6932F-92FE-42E6-870C-544AE458EA78}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{87FD33C2-7891-45D5-ACD1-7935F9AEA26B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ie antispyware]

[2008-07-05]
1.4.20.5916

Files:
%SystemDir%\ant_sr.dll
%SystemDir%\ant_ss.dll
%SystemDir%\antsafe.dll
%SystemDir%\avg_sr.dll
%SystemDir%\avg_ss.dll
%SystemDir%\avgsafe.dll
%SystemDir%\avira_sr.dll
%SystemDir%\avira_ss.dll
%SystemDir%\avirasafe.dll

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1C1B8A44-61FE-411E-8F33-813A4E2E2984}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1C1B8A44-61FE-411E-8F33-813A4E2E2984}]

[2008-07-03]
1.4.20.5905

Files:
%SystemDir%\agin_bho.dll
%SystemDir%\agino32.dll
%SystemDir%\agintas.dll
%SystemDir%\snop_bho.dll
%SystemDir%\snopo32.dll
%SystemDir%\snoptas.dll
%SystemDir%\wdol_bho.dll
%SystemDir%\wdolo32.dll
%SystemDir%\wdoltas.dll

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E014A78F-34DC-4BE5-83BB-58CA12E384B6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E014A78F-34DC-4BE5-83BB-58CA12E384B6}]

[2008-07-02]
1.4.20.5893

Files:
%SystemDir%\diga32.dll
%SystemDir%\digarox.dll
%SystemDir%\digonyx.dll
%SystemDir%\psa32.dll
%SystemDir%\psarox.dll
%SystemDir%\psonyx.dll
%SystemDir%\sla32.dll
%SystemDir%\slarox.dll
%SystemDir%\slonyx.dll

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6D0386B3-FD72-488E-9740-90355AE21735}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D0386B3-FD72-488E-9740-90355AE21735}]

[2008-06-30]
1.4.20.5882

Privilege escalation to that of Administrator added back.

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B1892F58-1116-4DEC-92AA-577872EC3D3D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B1892F58-1116-4DEC-92AA-577872EC3D3D}]

[2008-06-28]
1.4.19.5880

Files:
%SystemDir%\asc94.dll
%SystemDir%\ascadio.dll
%SystemDir%\ascisys.dll
%SystemDir%\domsys.dll
%SystemDir%\domview.dll
%SystemDir%\domwin.dll
%SystemDir%\dop94.dll
%SystemDir%\dopadio.dll
%SystemDir%\dopisys.dll
%SystemDir%\f_sys.dll
%SystemDir%\f_view.dll
%SystemDir%\f_win.dll
%SystemDir%\ks94.dll
%SystemDir%\ksadio.dll
%SystemDir%\ksisys.dll
%SystemDir%\losowa nazwa.dll
%SystemDir%\oggsys.dll
%SystemDir%\oggview.dll
%SystemDir%\oggwin.dll
%SystemDir%\om_syssys.dll
%SystemDir%\om_sysview.dll
%SystemDir%\om_syswin.dll
%SystemDir%\xmlsys.dll
%SystemDir%\xmlview.dll
%SystemDir%\xmlwin.dll
%SystemDir%\z_sys.dll
%SystemDir%\z_view.dll
%SystemDir%\z_win.dll

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8AE578E0-6DF5-41E0-869F-F65A32D2F6BD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8AE578E0-6DF5-41E0-869F-F65A32D2F6BD}]

[2008-06-23]
1.4.19.5850

Files:
%SystemDir%\nada16.dll
%SystemDir%\nada32.dll
%SystemDir%\nada64.dll
%SystemDir%\opus16.dll
%SystemDir%\opus32.dll
%SystemDir%\opus64.dll
%SystemDir%\sigma16.dll
%SystemDir%\sigma32.dll
%SystemDir%\sigma64.dll

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4937D5D1-2039-409A-BD83-FEC9B39B2356}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{15C7D7AD-A87A-4C0D-9D8B-637FCD3488EF}]

[2008-06-20]
1.4.19.5838

Files:
%SystemDir%\codef.dll
%SystemDir%\coni.dll
%SystemDir%\copol.dll
%SystemDir%\dadef.dll
%SystemDir%\dani.dll
%SystemDir%\dapol.dll
%SystemDir%\idef.dll
%SystemDir%\ini.dll
%SystemDir%\ipol.dll

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{28F51CDA-3BD1-4F06-8F7B-2A881411983F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2FF811E6-8925-4084-A649-C159955E67E8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\browser helper objects\{28F51CDA-3BD1-4F06-8F7B-2A881411983F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\browser helper objects\{2FF811E6-8925-4084-A649-C159955E67E8}]

[2008-06-17]
1.4.19.5828

Files:
%ProgramsCommonDir%\Malware Protector 2008\How to Register Malware Protector 2008.lnk
%ProgramsCommonDir%\Malware Protector 2008\License Agreement.lnk
%ProgramsCommonDir%\Malware Protector 2008\Malware Protector 2008.lnk
%ProgramsCommonDir%\Malware Protector 2008\Register Malware Protector 2008.lnk
%ProgramsCommonDir%\Malware Protector 2008\Uninstall.lnk
%ProgramsCommonDir%\Malware Protector 2008.lnk
%DesktopCommonDir%\Malware Protector 2008.lnk
%AppData%\004849935f13e2079a2977247caf87ffb588545d7c2768b88f.dat
%AppData%\shc3skj0ee89\*.*
%AppData%\shc3skj0ee89\Quarantine\*.*
%AppData%\Microsoft\Internet Explorer\Quick Launch\Malware Protector 2008.lnk
%UserProfileDir%\Local Settings\Temp\.tt1.tmp
%UserProfileDir%\Local Settings\Temp\.tt2.tmp
%UserProfileDir%\Local Settings\Temp\.tt4.tmp
%UserProfileDir%\Local Settings\Temp\.tt17D.tmp
%ProgramFiles%\shc3skj0ee89\database.dat
%ProgramFiles%\shc3skj0ee89\license.txt
%ProgramFiles%\shc3skj0ee89\MFC71.dll
%ProgramFiles%\shc3skj0ee89\MFC71ENU.DLL
%ProgramFiles%\shc3skj0ee89\msvcp71.dll
%ProgramFiles%\shc3skj0ee89\msvcr71.dll
%ProgramFiles%\shc3skj0ee89\shc3skj0ee89.exe
%ProgramFiles%\shc3skj0ee89\shc3skj0ee89.exe.local
%ProgramFiles%\shc3skj0ee89\shc3skj0ee89skin.dll
%ProgramFiles%s\shc3skj0ee89\Uninstall.exe
%WindowsDir%\V0330Mon.exe
%WindowsDir%\bak\V0330Mon.exe
%WindowsDir%\Downloaded Program Files\setup.inf
%SystemDir%\100.tmp
%SystemDir%\103.tmp
%SystemDir%\106.tmp
%SystemDir%\109.tmp
%SystemDir%\10C.tmp
%SystemDir%\10F.tmp
%SystemDir%\112.tmp
%SystemDir%\115.tmp
%SystemDir%\118.tmp
%SystemDir%\11B.tmp
%SystemDir%\11E.tmp
%SystemDir%\121.tmp
%SystemDir%\124.tmp
%SystemDir%\127.tmp
%SystemDir%\12A.tmp
%SystemDir%\12D.tmp
%SystemDir%\130.tmp
%SystemDir%\133.tmp
%SystemDir%\136.tmp
%SystemDir%\139.tmp
%SystemDir%\13C.tmp
%SystemDir%\13F.tmp
%SystemDir%\142.tmp
%SystemDir%\145.tmp
%SystemDir%\148.tmp
%SystemDir%\14B.tmp
%SystemDir%\14E.tmp
%SystemDir%\151.tmp
%SystemDir%\154.tmp
%SystemDir%\157.tmp
%SystemDir%\15A.tmp
%SystemDir%\15D.tmp
%SystemDir%\160.tmp
%SystemDir%\163.tmp
%SystemDir%\166.tmp
%SystemDir%\169.tmp
%SystemDir%\16C.tmp
%SystemDir%\16F.tmp
%SystemDir%\172.tmp
%SystemDir%\195.tmp
%SystemDir%\1A0.tmp
%SystemDir%\1A3.tmp
%SystemDir%\1A6.tmp
%SystemDir%\1A9.tmp
%SystemDir%\1B0.tmp
%SystemDir%\1B3.tmp
%SystemDir%\1B6.tmp
%SystemDir%\1B9.tmp
%SystemDir%\1BC.tmp
%SystemDir%\1BF.tmp
%SystemDir%\1C2.tmp
%SystemDir%\1C5.tmp
%SystemDir%\1C8.tmp
%SystemDir%\1CB.tmp
%SystemDir%\1CE.tmp
%SystemDir%\1D1.tmp
%SystemDir%\1D4.tmp
%SystemDir%\2F.tmp
%SystemDir%\9.tmp
%SystemDir%\bapdfan.dll
%SystemDir%\bapdfim.dll
%SystemDir%\bapdfo.dll
%SystemDir%\baplsan.dll
%SystemDir%\baplsim.dll
%SystemDir%\baplso.dll
%SystemDir%\basdgan.dll
%SystemDir%\basdgim.dll
%SystemDir%\basdgo.dll
%SystemDir%\blphc5skj0ee89.scr
%SystemDir%\bopdfan.dll
%SystemDir%\bopdfim.dll
%SystemDir%\bopdfo.dll
%SystemDir%\boplsan.dll
%SystemDir%\boplsim.dll
%SystemDir%\boplso.dll
%SystemDir%\bosdgan.dll
%SystemDir%\bosdgim.dll
%SystemDir%\bosdgo.dll
%SystemDir%\bupdfan.dll
%SystemDir%\bupdfim.dll
%SystemDir%\bupdfo.dll
%SystemDir%\buplsan.dll
%SystemDir%\buplsim.dll
%SystemDir%\buplso.dll
%SystemDir%\busdgan.dll
%SystemDir%\busdgim.dll
%SystemDir%\busdgo.dll
%SystemDir%\C.tmp
%SystemDir%\cecolgda.dll
%SystemDir%\cecolgdo.dll
%SystemDir%\cecolgdy.dll
%SystemDir%\cecolnsa.dll
%SystemDir%\cecolnso.dll
%SystemDir%\cecolnsy.dll
%SystemDir%\cecolpda.dll
%SystemDir%\cecolpdo.dll
%SystemDir%\cecolpdy.dll
%SystemDir%\cedifgda.dll
%SystemDir%\cedifgdo.dll
%SystemDir%\cedifgdy.dll
%SystemDir%\cedifnsa.dll
%SystemDir%\cedifnso.dll
%SystemDir%\cedifnsy.dll
%SystemDir%\cedifpda.dll
%SystemDir%\cedifpdo.dll
%SystemDir%\cedifpdy.dll
%SystemDir%\cmd.pif
%SystemDir%\command.pif
%SystemDir%\cosysgda.dll
%SystemDir%\cosysgdo.dll
%SystemDir%\cosysgdy.dll
%SystemDir%\cosysnsa.dll
%SystemDir%\cosysnso.dll
%SystemDir%\cosysnsy.dll
%SystemDir%\cosyspda.dll
%SystemDir%\cosyspdo.dll
%SystemDir%\cosyspdy.dll
%SystemDir%\dr.pif
%SystemDir%\EC.tmp
%SystemDir%\EF.tmp
%SystemDir%\F.tmp
%SystemDir%\F4.tmp
%SystemDir%\F7.tmp
%SystemDir%\FA.tmp
%SystemDir%\FD.tmp
%SystemDir%\lphc5skj0ee89.exe
%SystemDir%\papdfan.dll
%SystemDir%\papdfim.dll
%SystemDir%\papdfo.dll
%SystemDir%\paplsan.dll
%SystemDir%\paplsim.dll
%SystemDir%\paplso.dll
%SystemDir%\pasdgan.dll
%SystemDir%\pasdgim.dll
%SystemDir%\pasdgo.dll
%SystemDir%\phc5skj0ee89.bmp
%SystemDir%\popdfan.dll
%SystemDir%\popdfim.dll
%SystemDir%\popdfo.dll
%SystemDir%\poplsan.dll
%SystemDir%\poplsim.dll
%SystemDir%\poplso.dll
%SystemDir%\posdgan.dll
%SystemDir%\posdgim.dll
%SystemDir%\posdgo.dll
%SystemDir%\pupdfan.dll
%SystemDir%\pupdfim.dll
%SystemDir%\pupdfo.dll
%SystemDir%\puplsan.dll
%SystemDir%\puplsim.dll
%SystemDir%\puplso.dll
%SystemDir%\pusdgan.dll
%SystemDir%\pusdgim.dll
%SystemDir%\pusdgo.dll
%SystemDir%\secolgda.dll
%SystemDir%\secolgdo.dll
%SystemDir%\secolgdy.dll
%SystemDir%\secolnsa.dll
%SystemDir%\secolnso.dll
%SystemDir%\secolnsy.dll
%SystemDir%\secolpda.dll
%SystemDir%\secolpdo.dll
%SystemDir%\secolpdy.dll
%SystemDir%\sedifgda.dll
%SystemDir%\sedifgdo.dll
%SystemDir%\sedifgdy.dll
%SystemDir%\sedifnsa.dll
%SystemDir%\sedifnso.dll
%SystemDir%\sedifnsy.dll
%SystemDir%\sedifpda.dll
%SystemDir%\sedifpdo.dll
%SystemDir%\sedifpdy.dll
%SystemDir%\sosysgda.dll
%SystemDir%\sosysgdo.dll
%SystemDir%\sosysgdy.dll
%SystemDir%\sosysnsa.dll
%SystemDir%\sosysnso.dll
%SystemDir%\sosysnsy.dll
%SystemDir%\sosyspda.dll
%SystemDir%\sosyspdo.dll
%SystemDir%\sosyspdy.dll
%SystemDir%\sysrest.sys
%SystemDir%\tapdfan.dll
%SystemDir%\tapdfim.dll
%SystemDir%\tapdfo.dll
%SystemDir%\taplsan.dll
%SystemDir%\taplsim.dll
%SystemDir%\taplso.dll
%SystemDir%\tasdgan.dll
%SystemDir%\tasdgim.dll
%SystemDir%\tasdgo.dll
%SystemDir%\topdfan.dll
%SystemDir%\topdfim.dll
%SystemDir%\topdfo.dll
%SystemDir%\toplsan.dll
%SystemDir%\toplsim.dll
%SystemDir%\toplso.dll
%SystemDir%\tosdgan.dll
%SystemDir%\tosdgim.dll
%SystemDir%\tosdgo.dll
%SystemDir%\tupdfan.dll
%SystemDir%\tupdfim.dll
%SystemDir%\tupdfo.dll
%SystemDir%\tuplsan.dll
%SystemDir%\tuplsim.dll
%SystemDir%\tuplso.dll
%SystemDir%\tusdgan.dll
%SystemDir%\tusdgim.dll
%SystemDir%\tusdgo.dll
%SystemDir%\V0330Cvw.dll
%SystemDir%\xecolgda.dll
%SystemDir%\xecolgdo.dll
%SystemDir%\xecolgdy.dll
%SystemDir%\xecolnsa.dll
%SystemDir%\xecolnso.dll
%SystemDir%\xecolnsy.dll
%SystemDir%\xecolpda.dll
%SystemDir%\xecolpdo.dll
%SystemDir%\xecolpdy.dll
%SystemDir%\xedifgda.dll
%SystemDir%\xedifgdo.dll
%SystemDir%\xedifgdy.dll
%SystemDir%\xedifnsa.dll
%SystemDir%\xedifnso.dll
%SystemDir%\xedifnsy.dll
%SystemDir%\xedifpda.dll
%SystemDir%\xedifpdo.dll
%SystemDir%\xedifpdy.dll
%SystemDir%\xosysgda.dll
%SystemDir%\xosysgdo.dll
%SystemDir%\xosysgdy.dll
%SystemDir%\xosysnsa.dll
%SystemDir%\xosysnso.dll
%SystemDir%\xosysnsy.dll
%SystemDir%\xosyspda.dll
%SystemDir%\xosyspdo.dll
%SystemDir%\xosyspdy.dll

Folders:
%ProgramsCommonDir%\Malware Protector 2008
%AppData%\shc3skj0ee89
%AppData%\shc3skj0ee89\Quarantine
%ProgramFiles%\shc3skj0ee89

Services:
sysrest.sys

Registry:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"NoDispBackgroundPage"=-
"NoDispScrSavPage"=-
[-HKEY_LOCAL_MACHINE\software\shcev9j0e1b1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BhoNew.BhoApp]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\BhoNew.BhoApp.1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5F920865-38C9-40DA-8FCF-D9DC83F84EC5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BBEEBE4F-3EDA-40F4-A0AB-87593EE49C56}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{967A494A-6AEC-4555-9CAF-FA6EB00ACF91}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CAF9D798-C659-4B9B-8E19-EE27C3D04EE7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{A8954909-1F0F-41A5-A7FA-3B376D69E226}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\browser helper objects\{5F920865-38C9-40DA-8FCF-D9DC83F84EC5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\browser helper objects\{BBEEBE4F-3EDA-40F4-A0AB-87593EE49C56}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"%SystemDir%\V0330Cvw.dll"=-
"lphc5skj0ee89"=-
"SMshc3skj0ee89"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\shcev9j0e1b1]

[2008-06-13]
1.4.19.5100

Files:
%SystemDrive%\0x0409.ini
%SystemDrive%\new_log.html
%DesktopDir%\Advanced XP Defender.lnk
%DesktopDir%\Advanced XP Fixer.lnk
%DesktopDir%\Find Drivers with DriverAgent.lnk
%DesktopDir%\pac1F.tmp
%DesktopDir%\pacB0.tmp
%DesktopDir%\SystemDefender.lnk
%AppDataDir%\ralyfev.exe
%AllUsersAppDataDir%\famoma.bin
%AllUsersAppDataDir%\mysi.db
%AllUsersAppDataDir%\savequ.pif
%AllUsersAppDataDir%\wehuhykyr.bat
%ProgramFiles%\antiviirus.exe
%ProgramFiles%\tmp1.exe
%ProgramFiles%\tmp126593.exe
%ProgramFiles%\tmp2.exe
%ProgramFiles%\tmp97421.exe
%ProgramFiles%\tmp98218.exe
%CommonProgramFiles%\debanogado.ban
%CommonProgramFiles%\ekudatasug.pif
%ProgramFiles%\XPSecurityCenter\xpsecuritycenter.exe
%WinDir%\bapost8x.dll
%WinDir%\bapost16a.dll
%WinDir%\bapost32.dll
%WinDir%\basant8x.dll
%WinDir%\basant16a.dll
%WinDir%\basant32.dll
%WinDir%\basect8x.dll
%WinDir%\basect16a.dll
%WinDir%\basect32.dll
%WinDir%\bopost8x.dll
%WinDir%\bopost16a.dll
%WinDir%\bopost32.dll
%WinDir%\bosant8x.dll
%WinDir%\bosant16a.dll
%WinDir%\bosant32.dll
%WinDir%\bosect8x.dll
%WinDir%\bosect16a.dll
%WinDir%\bosect32.dll
%WinDir%\bupost8x.dll
%WinDir%\bupost16a.dll
%WinDir%\bupost32.dll
%WinDir%\busant8x.dll
%WinDir%\busant16a.dll
%WinDir%\busant32.dll
%WinDir%\busect8x.dll
%WinDir%\busect16a.dll
%WinDir%\busect32.dll
%WinDir%\papost8x.dll
%WinDir%\papost16a.dll
%WinDir%\papost32.dll
%WinDir%\pasant8x.dll
%WinDir%\pasant16a.dll
%WinDir%\pasant32.dll
%WinDir%\pasect8x.dll
%WinDir%\pasect16a.dll
%WinDir%\pasect32.dll
%WinDir%\popost8x.dll
%WinDir%\popost16a.dll
%WinDir%\popost32.dll
%WinDir%\posant8x.dll
%WinDir%\posant16a.dll
%WinDir%\posant32.dll
%WinDir%\posect8x.dll
%WinDir%\posect16a.dll
%WinDir%\posect32.dll
%WinDir%\pupost8x.dll
%WinDir%\pupost16a.dll
%WinDir%\pupost32.dll
%WinDir%\pusant8x.dll
%WinDir%\pusant16a.dll
%WinDir%\pusant32.dll
%WinDir%\pusect8x.dll
%WinDir%\pusect16a.dll
%WinDir%\pusect32.dll
%WinDir%\tapost8x.dll
%WinDir%\tapost16a.dll
%WinDir%\tapost32.dll
%WinDir%\tasant8x.dll
%WinDir%\tasant16a.dll
%WinDir%\tasant32.dll
%WinDir%\tasect8x.dll
%WinDir%\tasect16a.dll
%WinDir%\tasect32.dll
%WinDir%\topost8x.dll
%WinDir%\topost16a.dll
%WinDir%\topost32.dll
%WinDir%\tosant8x.dll
%WinDir%\tosant16a.dll
%WinDir%\tosant32.dll
%WinDir%\tosect8x.dll
%WinDir%\tosect16a.dll
%WinDir%\tosect32.dll
%WinDir%\tupost8x.dll
%WinDir%\tupost16a.dll
%WinDir%\tupost32.dll
%WinDir%\tusant8x.dll
%WinDir%\tusant16a.dll
%WinDir%\tusant32.dll
%WinDir%\tusect8x.dll
%WinDir%\tusect16a.dll
%WinDir%\tusect32.dll
%WinDir%\bafozu.dl
%WinDir%\braviax.exe
%WinDir%\cru629.dat
%WinDir%\herinyt.dl
%WinDir%\iqexejeloj._dl
%WinDir%\sate._dl
%WinDir%\timy.scr
%WinDir%\tmark2.dat
%WinDir%\xodonu._dl
%WinDir%\ziwigipiv.dat
%SystemDir%\braviax.exe
%SystemDir%2\cru629.dat
%SystemDir%\iSecurity.cpl
%SystemDir%\mlJAqrst.dll
%SystemDir%\mssrv32.exe
%SystemDir%\NmoqBJjl.ini
%SystemDir%\NmoqBJjl.ini2
%SystemDir%\oleefdtg.ini
%SystemDir%\pkiirips.ini
%SystemDir%\rjqpapil.ini
%SystemDir%\univrs32.dat
%SystemDir%\Win.dll
%SystemDir%\WinCtrl32_0001.dll
%SystemDir%\winivstr.exe
%SystemDir%\WLCtrl32.dll
%SystemDir%\xxyyaXpQ.dll
%SystemDir%\drivers\aeH02.sys
%SystemDir%\drivers\Twa13.sys
%SystemDir%\drivers\vaD82.sys
%SystemDir%\drivers\wbD25.sys
%WinDir%\Temp\23ilqu41.TMP
%WinDir%\Temp\BN2.tmp
%WinDir%\Temp\BN3.tmp
%WinDir%\Temp\BN4.tmp
%WinDir%\Temp\BN5.tmp
%WinDir%\Temp\BN8.tmp
%WinDir%\Temp\BN9.tmp

Folders:
%SystemDrive%\iSecurity
%ProgramFiles%\iSecurity
%ProgramFiles%\XPSecurityCenter
%SystemDir%\247880
%SystemDir%\818646
%SystemDir%\824223
%SystemDir%\905757

Services:
Microsoft security update service (msupdate)

Registry:
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"braviax"=-
"Igah"=-
"iSecurity applet"=-
"KernelFaultCheck"=-
"xpsecuritycenter"=-

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"iSecurity"=-
"PreBootCheck"=-
"UnknownMon"=-

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mlJAqrst]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WinCtrl32]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WLCtrl32]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ie.ieplugin]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bapost8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bapost16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bapost32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\basant8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\basant16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\basant32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\basect8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\basect16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\basect32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bopost8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bopost16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bopost32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bosant8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bosant16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bosant32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bosect8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bosect16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bosect32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bupost8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bupost16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\bupost32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\busant8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\busant16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\busant32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\busect8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\busect16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\busect32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\papost8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\papost16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\papost32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pasant8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pasant16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pasant32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pasect8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pasect16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pasect32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\popost8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\popost16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\popost32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\posant8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\posant16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\posant32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\posect8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\posect16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\posect32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pupost8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pupost16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pupost32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pusant8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pusant16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pusant32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pusect8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pusect16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pusect32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tapost8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tapost16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tapost32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tasant8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tasant16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tasant32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tasect8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tasect16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tasect32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\topost8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\topost16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\topost32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tosant8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tosant16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tosant32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tosect8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tosect16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tosect32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tupost8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tupost16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tupost32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tusant8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tusant16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tusant32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tusect8x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tusect16a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tusect32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1FBC6925-90A0-404E-83E6-F0FBCC7AD034}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{43D65102-A7BE-4C88-9737-44D2AD81394A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{465DACD9-7035-4824-AE3E-F883EBE97261}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{50AB4474-F8B5-4F66-BAC5-4251E765B827}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{64C94B46-1079-4C75-BE9B-380F6AE7624C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{67EE7798-F2A0-415C-9473-0F174BD5A8B8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7DBF8390-552B-4D55-9F62-00D032032691}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{94EDC7BA-1D2A-4DEA-9199-1DEB916BD6F6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B095AF15-2FB6-4239-95AD-D1E27ECC11C7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D12A16B5-7FAA-43E8-B9AA-183E76F3FF13}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D3E7C926-6B3C-4F88-8113-AD357C2E208F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{E913BA95-1ADE-4D25-AC0E-E27BD8E1E43D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1FBC6925-90A0-404E-83E6-F0FBCC7AD034}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{43D65102-A7BE-4C88-9737-44D2AD81394A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{465DACD9-7035-4824-AE3E-F883EBE97261}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{50AB4474-F8B5-4F66-BAC5-4251E765B827}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64C94B46-1079-4C75-BE9B-380F6AE7624C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{67EE7798-F2A0-415C-9473-0F174BD5A8B8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7DBF8390-552B-4D55-9F62-00D032032691}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{94EDC7BA-1D2A-4DEA-9199-1DEB916BD6F6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B095AF15-2FB6-4239-95AD-D1E27ECC11C7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D12A16B5-7FAA-43E8-B9AA-183E76F3FF13}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D3E7C926-6B3C-4F88-8113-AD357C2E208F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E913BA95-1ADE-4D25-AC0E-E27BD8E1E43D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{16C65D96-EF19-4439-A6EA-F73A8BEC4DF0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{5FD23A1E-7BE2-468E-BBFC-A35447122211}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{82B7DF18-4A9E-42C3-A9AB-B95EF71A7B68}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5FD23A1E-7BE2-468E-BBFC-A35447122210}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6549E485-C533-4E58-BA92-9FBCD2F6E839}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{ABCD178D-419C-442C-9793-88D136C037E6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1FBC6925-90A0-404E-83E6-F0FBCC7AD034}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{43D65102-A7BE-4C88-9737-44D2AD81394A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{465DACD9-7035-4824-AE3E-F883EBE97261}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50AB4474-F8B5-4F66-BAC5-4251E765B827}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64C94B46-1079-4C75-BE9B-380F6AE7624C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{67EE7798-F2A0-415C-9473-0F174BD5A8B8}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DBF8390-552B-4D55-9F62-00D032032691}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{94EDC7BA-1D2A-4DEA-9199-1DEB916BD6F6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B095AF15-2FB6-4239-95AD-D1E27ECC11C7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D12A16B5-7FAA-43E8-B9AA-183E76F3FF13}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D3E7C926-6B3C-4F88-8113-AD357C2E208F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E913BA95-1ADE-4D25-AC0E-E27BD8E1E43D}]

[2008-06-04]
1.4.16.4411

Files:
%SystemDrive%\LOG000001.txt
%DesktopDir%\antivirus-2008pro.lnk
%DesktopDir%\Error Cleaner.url
%DesktopDir%\Privacy Protector.url
%DesktopDir%\Spyware&Malware Protection.url
%Temp%\rbnpsrv.exe
%ProgramFilesDir%\Antivirus 2008 PRO\antivirus-2008pro.exe
%WinDir%\atfxqogp.dll
%WinDir%\boqnrwdmble.dll
%WinDir%\ekaf.exe
%WinDir%\vltdfabw.dll
%WinDir%\vregfwlx.dll
%WinDir%\xmpstean.exe
%SystemDir%\BHOVCfhk.ini
%SystemDir%\BHOVCfhk.ini2
%SystemDir%\blackster.scr
%SystemDir%\clkcnt.txt
%SystemDir%\ctfmona.exe
%SystemDir%\ctfmonb.bmp
%SystemDir%\jejtcvqj.dll
%SystemDir%\jqvctjej.ini
%SystemDir%\kavo.exe
%SystemDir%\kavo0.dll
%SystemDir%\khfCVOHB.dll
%SystemDir%\pmnmmLDt.dll
%SystemDir%\tmp.reg
%SystemDir%\tmp.txt
%SystemDir%\WinCtrl32.dll
%SystemDir%\WinCtrl32.dl_
%SystemDir%\wmvhfefx.ini
%SystemDir%\xfefhvmw.dll
%SystemDir%\drivers\kfK77.sys
%WinDir%\TEMP\BN2.tmp
%WinDir%\TEMP\BN3.tmp

Folders:
%ProgramFilesDir%\Antivirus 2008 PRO

Services:

Registry:
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"antivirus-2008pro.exe"=-
"kava"=-

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{73AB9095-4904-4C64-83D8-01F9F7DDC41}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7EA5E375-6136-496E-9616-E03B4F9EA1C0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AAF635CA-04C2-4EBA-B022-3A2F95A05A62}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{C12FC24B-A7B9-487F-9603-5481EBF00C6F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73AB9095-4904-4C64-83D8-01F9F7DDC41}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7EA5E375-6136-496E-9616-E03B4F9EA1C0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AAF635CA-04C2-4EBA-B022-3A2F95A05A62}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C12FC24B-A7B9-487F-9603-5481EBF00C6F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{16C65D96-EF19-4439-A6EA-F73A8BEC4DF0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{6549E485-C533-4E58-BA92-9FBCD2F6E839}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73AB9095-4904-4C64-83D8-01F9F7DDC41}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7EA5E375-6136-496E-9616-E03B4F9EA1C0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AAF635CA-04C2-4EBA-B022-3A2F95A05A62}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C12FC24B-A7B9-487F-9603-5481EBF00C6F}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"antivirus-2008pro.exe"=-
"kava"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EC2B736E-2B50-4709-A63E-F69855335854}"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"3cfd4ca3"=-
"advap32"=-
"ctfmona"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"vltdfabw"=-
"vregfwlx"=-

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\pmnmmLDt]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WinCtrl32]

[2008-05-29]
1.3.15.4335

Performs additional registry edits to ensure that certain registry keys that effect the viewing of hidden files, folders, and protected operating system files and folders have the correct default settings.

Files:

Folders:

Services:

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{567462FE-24DF-44DC-9D49-D296CDB35844}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7B7F5ACA-0A87-4214-B867-7D9BC8F7EBF5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{FD36BBE5-1AF4-47D3-8681-2214DD85E152}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{567462FE-24DF-44DC-9D49-D296CDB35844}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7B7F5ACA-0A87-4214-B867-7D9BC8F7EBF5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD36BBE5-1AF4-47D3-8681-2214DD85E152}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E524CB90-D09F-4785-B3C6-FBD970F14DD5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{64618114-CAC8-49A9-9462-85B863535410}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{567462FE-24DF-44DC-9D49-D296CDB35844}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7B7F5ACA-0A87-4214-B867-7D9BC8F7EBF5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD36BBE5-1AF4-47D3-8681-2214DD85E152}]

[2008-05-26]
1.3.14.4324

Files:
%AppData%\Microsoft\Advisor\advsr.tools
%AppData%\Microsoft\Advisor\Publish-NDTI.advisor
%AppData%\Microsoft\Advisor\Publish-TBPD.advisor
%AppData%\Microsoft\Defender\Microsoft-DDRN.Defender
%AppData%\Microsoft\Publishes\Publish-ADLG.filter
%AppData%\Microsoft\Publishes\Publish-ADNG.filter
%AppData%\Microsoft\Publishes\Publish-BDQG.filter
%AppData%\Microsoft\Publishes\Publish-JDNG.filter
%AppData%\Microsoft\Publishes\Publish-PDCH.filter
%AppData%\Microsoft\Publishes\Publish-RDSG.filter

Folder:
%AppData%\Microsoft\Advisor
%AppData%\Microsoft\Defender
%AppData%\Microsoft\Publishes

Services:

Regisry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Microsoft.Advisor]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Microsoft.Defender]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Microsoft.PublishFilters]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Microsoft.RXform]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\bho.bho]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{45245B53-72FB-46CA-B5F5-ABA01D9B8E51}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{52AB58CE-9989-41BB-B117-F1BC71D6645A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{616D534C-3CA8-43AB-B439-618F850F1D2B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{86CE7BAE-CA66-4C38-88BF-B10DAA62D97E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{A54D5678-4AED-4952-AE73-C543F70B1F94}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D65BAC9F-6E32-4EBF-A50A-3F35A7122022}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F47FF447-48BA-4AD6-94EC-670E5717E3E6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{FA1D47C4-E13F-4562-B23B-39EF9017BE8B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{45245B53-72FB-46CA-B5F5-ABA01D9B8E51}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{52AB58CE-9989-41BB-B117-F1BC71D6645A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{616D534C-3CA8-43AB-B439-618F850F1D2B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{86CE7BAE-CA66-4C38-88BF-B10DAA62D97E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A54D5678-4AED-4952-AE73-C543F70B1F94}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D65BAC9F-6E32-4EBF-A50A-3F35A7122022}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F47FF447-48BA-4AD6-94EC-670E5717E3E6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FA1D47C4-E13F-4562-B23B-39EF9017BE8B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E18C3DAF-9841-4340-AFE9-27AB400650AB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{E48C3DAF-9841-4345-AFE9-27AB400650AB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{45245B53-72FB-46CA-B5F5-ABA01D9B8E51}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{52AB58CE-9989-41BB-B117-F1BC71D6645A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{616D534C-3CA8-43AB-B439-618F850F1D2B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{86CE7BAE-CA66-4C38-88BF-B10DAA62D97E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A54D5678-4AED-4952-AE73-C543F70B1F94}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D65BAC9F-6E32-4EBF-A50A-3F35A7122022}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F47FF447-48BA-4AD6-94EC-670E5717E3E6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FA1D47C4-E13F-4562-B23B-39EF9017BE8B}]


[2008-05-18]
1.3.14.4280

Files:
%WinDir%\apdogy.dll
%WinDir%\apdops.dll
%WinDir%\apdoxu.dll
%WinDir%\apsagy.dll
%WinDir%\apsaps.dll
%WinDir%\apsaxu.dll
%WinDir%\apunbegy.dll
%WinDir%\apunbeps.dll
%WinDir%\apunbexu.dll
%WinDir%\ikdogy.dll
%WinDir%\ikdops.dll
%WinDir%\ikdoxu.dll
%WinDir%\iksagy.dll
%WinDir%\iksaps.dll
%WinDir%\iksaxu.dll
%WinDir%\ikunbegy.dll
%WinDir%\ikunbeps.dll
%WinDir%\ikunbexu.dll
%WinDir%\oddogy.dll
%WinDir%\oddops.dll
%WinDir%\oddoxu.dll
%WinDir%\odsagy.dll
%WinDir%\odsaps.dll
%WinDir%\odsaxu.dll
%WinDir%\odunbegy.dll
%WinDir%\odunbeps.dll
%WinDir%\odunbexu.dll

Folders:

Services:

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\iebho.BHO]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\apdogy.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\apdops.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\apdoxu.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\apsagy.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\apsaps.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\apsaxu.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\apunbegy.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\apunbeps.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\apunbexu.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ikdogy.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ikdops.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ikdoxu.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\iksagy.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\iksaps.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\iksaxu.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ikunbegy.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ikunbeps.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ikunbexu.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\oddogy.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\oddops.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\oddoxu.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\odsagy.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\odsaps.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\odsaxu.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\odunbegy.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\odunbeps.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\odunbexu.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{09A26406-041E-4FF5-9A88-0574721445B4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{5F841E5A-AA28-4037-BE7A-96E943E91F4D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{DD556A76-A85E-4606-9239-40A8B9FC4ECB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09A26406-041E-4FF5-9A88-0574721445B4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5F841E5A-AA28-4037-BE7A-96E943E91F4D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DD556A76-A85E-4606-9239-40A8B9FC4ECB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{75E2CD3D-EBE9-4D27-8BD2-5449A900A092}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{120C9A20-4C1F-48A2-9BF9-16B30E02E366}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{09A26406-041E-4FF5-9A88-0574721445B4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5F841E5A-AA28-4037-BE7A-96E943E91F4D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DD556A76-A85E-4606-9239-40A8B9FC4ECB}]

[2008-05-12]
1.3.14.4213

Files:
%WinDir%\iebho.dll
%WinDir%\losowa nazwa.dll

Folders:

Services:

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\iebho.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\losowa nazwa.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{21BC9DFA-3E14-4753-9CBD-16A009AE1144}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{597AED5A-2DEA-431D-BE7E-F03BAB2AFB15}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7445DC17-44B7-4818-A9CB-2BC24E67E8D7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AC16362B-5EDF-4E46-B7F6-EC24BB76E8C4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{CF9146DB-16F1-4B79-8DA1-EE14C55D5B06}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F8A0D89E-875F-41AF-83BE-6B5780224682}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{21BC9DFA-3E14-4753-9CBD-16A009AE1144}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{597AED5A-2DEA-431D-BE7E-F03BAB2AFB15}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7445DC17-44B7-4818-A9CB-2BC24E67E8D7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AC16362B-5EDF-4E46-B7F6-EC24BB76E8C4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CF9146DB-16F1-4B79-8DA1-EE14C55D5B06}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F8A0D89E-875F-41AF-83BE-6B5780224682}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{21BC9DFA-3E14-4753-9CBD-16A009AE1144}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{597AED5A-2DEA-431D-BE7E-F03BAB2AFB15}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7445DC17-44B7-4818-A9CB-2BC24E67E8D7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AC16362B-5EDF-4E46-B7F6-EC24BB76E8C4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CF9146DB-16F1-4B79-8DA1-EE14C55D5B06}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F8A0D89E-875F-41AF-83BE-6B5780224682}]


[2008-05-04]
1.3.14.4193

Files:
%WinDir%\fas16.dll
%WinDir%\fas32.dll
%WinDir%\fas64.dll
%WinDir%\fk16.dll
%WinDir%\fk32.dll
%WinDir%\fk64.dll
%WinDir%\fop16.dll
%WinDir%\fop32.dll
%WinDir%\fop64.dll
%WinDir%\pnas16.dll
%WinDir%\pnas32.dll
%WinDir%\pnas64.dll
%WinDir%\pnk16.dll
%WinDir%\pnk32.dll
%WinDir%\pnk64.dll
%WinDir%\pnop16.dll
%WinDir%\pnop32.dll
%WinDir%\pnop64.dll
%WinDir%\vidas16.dll
%WinDir%\vidas32.dll
%WinDir%\vidas64.dll
%WinDir%\vidk16.dll
%WinDir%\vidk32.dll
%WinDir%\vidk64.dll
%WinDir%\vidop16.dll
%WinDir%\vidop32.dll
%WinDir%\vidop64.dll

Folders:

Services:

Registry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\video.BHO]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\fas16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\fas32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\fas64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\fk16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\fk32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\fk64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\fop16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\fop32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\fop64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pnas16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pnas32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pnas64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pnk16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pnk32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pnk64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pnop16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pnop32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pnop64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\vidas16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\vidas32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\vidas64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\vidk16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\vidk32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\vidk64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\vidop16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\vidop32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\vidop64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{681147C4-D615-461A-960F-655871E315C3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{681147C4-D615-461A-960F-655871E315C3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{748742A2-159F-4DC7-8FD6-5E293708B4A7}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{B48CAA94-24B2-475E-B6FF-A5D79C5FDEFD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{681147C4-D615-461A-960F-655871E315C3}]

1.3.14.4132
Files:
%WinDir%\onekad.dll
%WinDir%\onekek.dll
%WinDir%\onekus.dll
%WinDir%\onenasad.dll
%WinDir%\onenasek.dll
%WinDir%\onenasus.dll
%WinDir%\onepad.dll
%WinDir%\onepek.dll
%WinDir%\onepus.dll
%WinDir%\ssvakad.dll
%WinDir%\ssvakek.dll
%WinDir%\ssvakus.dll
%WinDir%\ssvanasad.dll
%WinDir%\ssvanasek.dll
%WinDir%\ssvanasus.dll
%WinDir%\ssvapad.dll
%WinDir%\ssvapek.dll
%WinDir%\ssvapus.dll
%WinDir%\unokad.dll
%WinDir%\unokek.dll
%WinDir%\unokus.dll
%WinDir%\unonasad.dll
%WinDir%\unonasek.dll
%WinDir%\unonasus.dll
%WinDir%\unopad.dll
%WinDir%\unopek.dll
%WinDir%\unopus.dll

Folders:

Services:

Regitry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SSV.SSVHelper]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\onekad.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\onekek.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\onekus.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\onenasad.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\onenasek.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\onenasus.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\onepad.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\onepek.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\onepus.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ssvakad.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ssvakek.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ssvakus.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ssvanasad.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ssvanasek.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ssvanasus.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ssvapad.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ssvapek.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ssvapus.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unokad.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unokek.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unokus.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unonasad.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unonasek.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unonasus.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unopad.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unopek.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unopus.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{69F6C0AE-0C78-4999-B6D1-62932A265C5D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{907C8FB0-1205-4189-99C9-9E8DA884B0B0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{96488BA0-1A53-4583-8AC8-DB77560E8876}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{69F6C0AE-0C78-4999-B6D1-62932A265C5D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{907C8FB0-1205-4189-99C9-9E8DA884B0B0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96488BA0-1A53-4583-8AC8-DB77560E8876}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{96A48B57-D55D-4B03-895D-7EE0281D1929}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{5522E65B-6538-431A-BDAF-0B096A3FDD1C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{69F6C0AE-0C78-4999-B6D1-62932A265C5D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{907C8FB0-1205-4189-99C9-9E8DA884B0B0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96488BA0-1A53-4583-8AC8-DB77560E8876}]

[2008-04-28]
1.3.14.4055

Files:

Folders:

Services:

Regitry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\cdx.VideoStream]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AC16362B-5EDF-4E46-B7F6-EC24BB76E8C4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AC16362B-5EDF-4E46-B7F6-EC24BB76E8C4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8107960D-7235-4DBF-A87F-F50D28643F94}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{74C9B719-AC3F-457F-9071-C858F1401C00}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AC16362B-5EDF-4E46-B7F6-EC24BB76E8C4}]

[2008-04-27]
1.3.14.4048

Files:
%WinDir%\kol.dll
%WinDir%\kona.dll
%WinDir%\konsal.dll
%WinDir%\konsana.dll
%WinDir%\konsarad.dll
%WinDir%\korad.dll
%WinDir%\ksol.dll
%WinDir%\ksona.dll
%WinDir%\ksorad.dll
%WinDir%\olada16.dll
%WinDir%\olada32.dll
%WinDir%\olada64.dll
%WinDir%\olade16.dll
%WinDir%\olade32.dll
%WinDir%\olade64.dll
%WinDir%\olady16.dll
%WinDir%\olady32.dll
%WinDir%\olady64.dll
%WinDir%\olida16.dll
%WinDir%\olida32.dll
%WinDir%\olida64.dll
%WinDir%\olide16.dll
%WinDir%\olide32.dll
%WinDir%\olide64.dll
%WinDir%\olidy16.dll
%WinDir%\olidy32.dll
%WinDir%\olidy64.dll
%WinDir%\olona16.dll
%WinDir%\olona32.dll
%WinDir%\olona64.dll
%WinDir%\olone16.dll
%WinDir%\olone32.dll
%WinDir%\olone64.dll
%WinDir%\olony16.dll
%WinDir%\olony32.dll
%WinDir%\olony64.dll
%WinDir%\podnre.dll
%WinDir%\podnru.dll
%WinDir%\podnry.dll
%WinDir%\pokre.dll
%WinDir%\pokru.dll
%WinDir%\pokry.dll
%WinDir%\ponsadnre.dll
%WinDir%\ponsadnru.dll
%WinDir%\ponsadnry.dll
%WinDir%\ponsakre.dll
%WinDir%\ponsakru.dll
%WinDir%\ponsakry.dll
%WinDir%\ponsaple.dll
%WinDir%\ponsaplu.dll
%WinDir%\ponsaply.dll
%WinDir%\pople.dll
%WinDir%\poplu.dll
%WinDir%\poply.dll
%WinDir%\psodnre.dll
%WinDir%\psodnru.dll
%WinDir%\psodnry.dll
%WinDir%\psokre.dll
%WinDir%\psokru.dll
%WinDir%\psokry.dll
%WinDir%\psople.dll
%WinDir%\psoplu.dll
%WinDir%\psoply.dll
%WinDir%\siada16.dll
%WinDir%\siada32.dll
%WinDir%\siada64.dll
%WinDir%\siade16.dll
%WinDir%\siade32.dll
%WinDir%\siade64.dll
%WinDir%\siady16.dll
%WinDir%\siady32.dll
%WinDir%\siady64.dll
%WinDir%\siida16.dll
%WinDir%\siida32.dll
%WinDir%\siida64.dll
%WinDir%\siide16.dll
%WinDir%\siide32.dll
%WinDir%\siide64.dll
%WinDir%\siidy16.dll
%WinDir%\siidy32.dll
%WinDir%\siidy64.dll
%WinDir%\simku_de16.dll
%WinDir%\simku_de32.dll
%WinDir%\simku_de64.dll
%WinDir%\simku_uk16.dll
%WinDir%\simku_uk32.dll
%WinDir%\simku_uk64.dll
%WinDir%\simku_us16.dll
%WinDir%\simku_us32.dll
%WinDir%\simku_us64.dll
%WinDir%\simop_de16.dll
%WinDir%\simop_de32.dll
%WinDir%\simop_de64.dll
%WinDir%\simop_uk16.dll
%WinDir%\simop_uk32.dll
%WinDir%\simop_uk64.dll
%WinDir%\simop_us16.dll
%WinDir%\simop_us32.dll
%WinDir%\simop_us64.dll
%WinDir%\siona16.dll
%WinDir%\siona32.dll
%WinDir%\siona64.dll
%WinDir%\sione16.dll
%WinDir%\sione32.dll
%WinDir%\sione64.dll
%WinDir%\siony16.dll
%WinDir%\siony32.dll
%WinDir%\siony64.dll
%WinDir%\todnre.dll
%WinDir%\todnru.dll
%WinDir%\todnry.dll
%WinDir%\tokre.dll
%WinDir%\tokru.dll
%WinDir%\tokry.dll
%WinDir%\tonsadnre.dll
%WinDir%\tonsadnru.dll
%WinDir%\tonsadnry.dll
%WinDir%\tonsakre.dll
%WinDir%\tonsakru.dll
%WinDir%\tonsakry.dll
%WinDir%\tonsaple.dll
%WinDir%\tonsaplu.dll
%WinDir%\tonsaply.dll
%WinDir%\tople.dll
%WinDir%\toplu.dll
%WinDir%\toply.dll
%WinDir%\tsodnre.dll
%WinDir%\tsodnru.dll
%WinDir%\tsodnry.dll
%WinDir%\tsokre.dll
%WinDir%\tsokru.dll
%WinDir%\tsokry.dll
%WinDir%\tsople.dll
%WinDir%\tsoplu.dll
%WinDir%\tsoply.dll
%WinDir%\unada16.dll
%WinDir%\unada32.dll
%WinDir%\unada64.dll
%WinDir%\unade16.dll
%WinDir%\unade32.dll
%WinDir%\unade64.dll
%WinDir%\unady16.dll
%WinDir%\unady32.dll
%WinDir%\unady64.dll
%WinDir%\unida16.dll
%WinDir%\unida32.dll
%WinDir%\unida64.dll
%WinDir%\unide16.dll
%WinDir%\unide32.dll
%WinDir%\unide64.dll
%WinDir%\unidy16.dll
%WinDir%\unidy32.dll
%WinDir%\unidy64.dll
%WinDir%\unona16.dll
%WinDir%\unona32.dll
%WinDir%\unona64.dll
%WinDir%\unone16.dll
%WinDir%\unone32.dll
%WinDir%\unone64.dll
%WinDir%\unony16.dll
%WinDir%\unony32.dll
%WinDir%\unony64.dll
%WinDir%\wokrerad.dll
%WinDir%\wol.dll
%WinDir%\wona.dll
%WinDir%\wonsal.dll
%WinDir%\wonsana.dll
%WinDir%\wonsarad.dll
%WinDir%\worad.dll
%WinDir%\wsol.dll
%WinDir%\wsona.dll
%WinDir%\wsorad.dll
%WinDir%\zodnre.dll
%WinDir%\zodnru.dll
%WinDir%\zodnry.dll
%WinDir%\zokre.dll
%WinDir%\zokru.dll
%WinDir%\zokry.dll
%WinDir%\zol.dll
%WinDir%\zona.dll
%WinDir%\zonsadnre.dll
%WinDir%\zonsadnru.dll
%WinDir%\zonsadnry.dll
%WinDir%\zonsakre.dll
%WinDir%\zonsakru.dll
%WinDir%\zonsakry.dll
%WinDir%\zonsal.dll
%WinDir%\zonsana.dll
%WinDir%\zonsaple.dll
%WinDir%\zonsaplu.dll
%WinDir%\zonsaply.dll
%WinDir%\zonsarad.dll
%WinDir%\zople.dll
%WinDir%\zoplu.dll
%WinDir%\zoply.dll
%WinDir%\zorad.dll
%WinDir%\zsodnru.dll
%WinDir%\zsodnry.dll
%WinDir%\zsokre.dll
%WinDir%\zsokru.dll
%WinDir%\zsokry.dll
%WinDir%\zsol.dll
%WinDir%\zsona.dll
%WinDir%\zsople.dll
%WinDir%\zsoplu.dll
%WinDir%\zsoply.dll
%WinDir%\zsorad.dll
%WinDir%\ztsodnre.dll

Folders:

Services:

Regitry:
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\cuskina.AVideo]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{04A67DA5-880B-452F-B193-463452C40B41}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{15977918-3A04-4982-8E45-EDC618371EBE}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{22FEDE76-4017-466D-BDE9-5D3E72EED32C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{414B0283-2228-4F26-8BB3-C2211FA99223}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{5BAD32E6-BB7B-4F57-BB1A-DB0F9C860C4A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{95E1D855-9232-48F7-80D9-1ADB65B7939C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{BC37F38C-D37C-46FC-AC8D-93ABBCE72947}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{DA40137D-AE41-4148-BFEC-916B326D5BBD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{E4DA88ED-E01E-4D88-ADC4-A3E1ED557C6A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F039C188-D8C7-4B6E-B6CC-A5E789B11329}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F856BB9E-855B-498D-883E-3509C550A031}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\kol.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\kona.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\konsal.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\konsana.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\konsarad.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\korad.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ksol.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ksona.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ksorad.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olada16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olada32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olada64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olade16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olade32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olade64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olady16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olady32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olady64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olida16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olida32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olida64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olide16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olide32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olide64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olidy16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olidy32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olidy64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olona16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olona32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olona64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olone16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olone32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olone64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olony16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olony32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\olony64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\podnre.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\podnru.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\podnry.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pokre.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pokru.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pokry.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ponsadnre.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ponsadnru.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ponsadnry.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ponsakre.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ponsakru.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ponsakry.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ponsaple.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ponsaplu.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ponsaply.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pople.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\poplu.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\poply.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\psodnru.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\psodnry.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\psokre.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\psokru.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\psokry.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\psople.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\psoplu.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\psoply.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ptsodnre.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siada16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siada32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siada64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siade16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siade32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siade64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siady16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siady32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siady64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siida16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siida32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siida64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siide16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siide32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siide64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siidy16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siidy32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\siidy64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simku_de16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simku_de32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simku_de64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simku_uk16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simku_uk32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simku_uk64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simku_us16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simku_us32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simku_us64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simop_de16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simop_de32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simop_de64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simop_uk16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simop_uk32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simop_uk64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simop_us16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simop_us32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\simop_us64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\todnre.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\todnru.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\todnry.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tokre.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tokru.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tokry.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tonsadnre.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tonsadnru.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tonsadnry.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tonsakre.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tonsakru.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tonsakry.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tonsaple.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tonsaplu.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tonsaply.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tople.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\toplu.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\toply.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tsodnre.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tsodnru.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tsodnry.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tsokre.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tsokru.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tsokry.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tsople.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tsoplu.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\tsoply.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unada16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unada32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unada64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unade16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unade32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unade64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unady16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unady32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unady64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unida16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unida32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unida64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unide16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unide32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unide64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unidy16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unidy32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unidy64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unona16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unona32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unona64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unone16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unone32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unone64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unony16.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unony32.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\unony64.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\wokrerad.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\wol.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\wona.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\wonsal.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\wonsana.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\wonsarad.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\worad.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\wsol.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\wsona.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\wsorad.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zokre.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zokru.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zokry.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zol.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zona.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zonsakre.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zonsakru.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zonsakry.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zonsal.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zonsana.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zonsaple.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zonsaplu.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zonsaply.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zonsarad.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zople.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zoplu.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zoply.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zorad.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zsokre.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zsokru.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zsokry.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zsol.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zsona.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zsople.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zsoplu.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zsoply.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\zsorad.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04A67DA5-880B-452F-B193-463452C40B41}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{15977918-3A04-4982-8E45-EDC618371EBE}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22FEDE76-4017-466D-BDE9-5D3E72EED32C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{414B0283-2228-4F26-8BB3-C2211FA99223}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5BAD32E6-BB7B-4F57-BB1A-DB0F9C860C4A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{95E1D855-9232-48F7-80D9-1ADB65B7939C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BC37F38C-D37C-46FC-AC8D-93ABBCE72947}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DA40137D-AE41-4148-BFEC-916B326D5BBD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E4DA88ED-E01E-4D88-ADC4-A3E1ED557C6A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F039C188-D8C7-4B6E-B6CC-A5E789B11329}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F856BB9E-855B-498D-883E-3509C550A031}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{04A67DA5-880B-452F-B193-463452C40B41}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15977918-3A04-4982-8E45-EDC618371EBE}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22FEDE76-4017-466D-BDE9-5D3E72EED32C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{414B0283-2228-4F26-8BB3-C2211FA99223}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAD32E6-BB7B-4F57-BB1A-DB0F9C860C4A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95E1D855-9232-48F7-80D9-1ADB65B7939C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BC37F38C-D37C-46FC-AC8D-93ABBCE72947}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DA40137D-AE41-4148-BFEC-916B326D5BBD}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4DA88ED-E01E-4D88-ADC4-A3E1ED557C6A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F039C188-D8C7-4B6E-B6CC-A5E789B11329}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F856BB9E-855B-498D-883E-3509C550A031}]

[2008-04-26]
1.3.14.3606

Files:
%AppData%\gjcdmtcf\wpwlebqj.exe
%ProgramFilesDir%\ieantivirus\ieav.exe
%ProgramFilesDir%\ieantivirus\ieas.db2
%ProgramFilesDir%\ieantivirus\ieas.db3
%ProgramFilesDir%\ieantivirus\uninst.exe
%ProgramsDir%\ie antivirus ?.?.lnk
%DesktopDir%\ie antivirus ?.?.lnk
%SystemDrive%\autorun.inf
%SystemDrive%\gjn2pjlw.exe
%SystemDrive%\jiwsxh39.exe
%SystemDrive%\mvxm.cmd
%SystemDrive%\q.com
%SystemDrive%\ranvrgn.exe
%SystemDrive%\rthrw.com
%SystemDrive%\t.com
%SystemDrive%\xyw9tmdj.com
%WinDir%\dsktbwfe.dll
%WinDir%\koapi2?.dll
%WinDir%\koapi32?.dll
%WinDir%\koapi99?.dll
%WinDir%\kodo2?.dll
%WinDir%\kodo32?.dll
%WinDir%\kodo99?.dll
%WinDir%\konet2?.dll
%WinDir%\konet32?.dll
%WinDir%\konet99?.dll
%WinDir%\netapi16?.dll
%WinDir%\netapi32?.dll
%WinDir%\netapi64?.dll
%WinDir%\netowl16?.dll
%WinDir%\netowl32?.dll
%WinDir%\netowl64?.dll
%WinDir%\netweb16?.dll
%WinDir%\netweb32?.dll
%WinDir%\netweb64?.dll
%WinDir%\nslbvxpgrno.dll
%WinDir%\nyapi2?.dll
%WinDir%\nyapi32?.dll
%WinDir%\nyapi99?.dll
%WinDir%\nydo2?.dll
%WinDir%\nydo32?.dll
%WinDir%\nydo99?.dll
%WinDir%\nynet2?.dll
%WinDir%\nynet32?.dll
%WinDir%\nynet99?.dll
%WinDir%\ogxtsepr.dll
%WinDir%\paapi2?.dll
%WinDir%\paapi32?.dll
%WinDir%\paapi99?.dll
%WinDir%\pado2?.dll
%WinDir%\pado32?.dll
%WinDir%\pado99?.dll
%WinDir%\panet2?.dll
%WinDir%\panet32?.dll
%WinDir%\panet99?.dll
%WinDir%\polapi16?.dll
%WinDir%\polapi32?.dll
%WinDir%\polapi64?.dll
%WinDir%\polowl16?.dll
%WinDir%\polowl32?.dll
%WinDir%\polowl64?.dll
%WinDir%\polweb16?.dll
%WinDir%\polweb32?.dll
%WinDir%\polweb64?.dll
%WinDir%\sgoblxtm.dll
%WinDir%\spnkfwad.exe
%WinDir%\SwSys1.bmp
%WinDir%\SwSys2.bmp
%WinDir%\sysapi16?.dll
%WinDir%\sysapi32?.dll
%WinDir%\sysapi64?.dll
%WinDir%\sysowl16?.dll
%WinDir%\sysowl32?.dll
%WinDir%\sysowl64?.dll
%WinDir%\sysweb16?.dll
%WinDir%\sysweb32?.dll
%WinDir%\sysweb64?.dll
%WinDir%\WLXPGSS.SCR
%WinDir%\YAHELITE_BUDDY.INI
%SystemDir%\amvo.exe
%SystemDir%\amvo0.dll
%SystemDir%\amvo1.dll

Folders:
%AppData%\gjcdmtcf
%ProgramFilesDir%\ieantivirus

Services:

Registry:
[-HKEY_CLASSES_ROOT\clsid\{54cf4ca2-c46c-4b5c-8dc5-0c0d42ecd69e}]

[-HKEY_CLASSES_ROOT\sgoblxtm]

[-HKEY_CLASSES_ROOT\sgoblxtm.1]

[-HKEY_CLASSES_ROOT\TypeLib\{6D2ABF11-1C46-482A-9B98-1E7C6F823EA8}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"zxjsppsq"=-

[-HKEY_LOCAL_MACHINE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C796500F-4B97-4F2B-B886-11FA6B72F13F}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{54CF4CA2-C46C-4B5C-8DC5-0C0D42ECD69E}"=-

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\shared tools\msconfig\startupreg\SelectRebates]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\windows\currentversion\policies\explorer\run]
"VvHpM8jAKU"=-

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\{D54A9F83-FA6D-4375-8520-09D019BB3E42}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\{FD3AA19B-72A5-4EE1-9D49-FE9F2B63871A}]

O2 - BHO: PCTools - {5C8494A5-7525-46B3-94C2-2F734EEBD48B} - C:\Windows\sysapi32a.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{5C8494A5-7525-46B3-94C2-2F734EEBD48B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\sysapi32a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C8494A5-7525-46B3-94C2-2F734EEBD48B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C8494A5-7525-46B3-94C2-2F734EEBD48B}]

O2 - BHO: PWS.LD.Pinch - {649E2DCE-1AD1-470B-ACC8-42842396A94C} - nydo32r.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{649E2DCE-1AD1-470B-ACC8-42842396A94C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\nydo32r.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{649E2DCE-1AD1-470B-ACC8-42842396A94C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{649E2DCE-1AD1-470B-ACC8-42842396A94C}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{935B484A-86A2-4D5D-A8D6-34B18AF7A0A3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F9C6EC65-2988-4896-976F-6EA66FAD9844}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{935B484A-86A2-4D5D-A8D6-34B18AF7A0A3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F9C6EC65-2988-4896-976F-6EA66FAD9844}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{935B484A-86A2-4D5D-A8D6-34B18AF7A0A3}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9C6EC65-2988-4896-976F-6EA66FAD9844}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ie antivirus]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"antispy"=-

[-HKEY_CURRENT_USER\SOFTWARE\ieantivirus]

[2008-04-15]
1.3.14.3501

Files:
%ProgramFilesDir%\malwarebell\malwarebell.exe
%ProgramFilesDir%\malwarebell\mb.db1
%ProgramFilesDir%\malwarebell\mb.db2
%ProgramFilesDir%\malwarebell\mb.db3
%ProgramFilesDir%\malwarebell\mb.db4
%ProgramFilesDir%\malwarebell\mb.db5
%ProgramFilesDir%\malwarebell\license.txt
%ProgramFilesDir%\malwarebell\mbuninst.exe
%ProgramsDir%\malware bell ?.?.lnk
%DesktopDir%\malware bell ?.?.lnk
%WinDir%\netweb64c.dll
%WinDir%\pctools.dll
%WinDir%\ps16sys.dll

Folders:
%ProgramFilesDir%\malwarebell

Services:

Registry:
[-HKEY_CURRENT_USER\software\malwarebell]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\thememanager]
"systemid"=-

[-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\malware bell]

O2 - BHO: WinSurf - {11160F05-7B64-4E5C-9C42-C69E2C78CE14} - C:\WINDOWS\winsurf.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{11160F05-7B64-4E5C-9C42-C69E2C78CE14}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{11160F05-7B64-4E5C-9C42-C69E2C78CE14}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11160F05-7B64-4E5C-9C42-C69E2C78CE14}]

O2 - BHO: WinSurf - {48D8CC16-82FD-4C1B-B3FF-F706C8E75399} - C:\WINDOWS\winsurf.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{48D8CC16-82FD-4C1B-B3FF-F706C8E75399}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{48D8CC16-82FD-4C1B-B3FF-F706C8E75399}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{48D8CC16-82FD-4C1B-B3FF-F706C8E75399}]

O2 - BHO: WinSurf - {53E30863-280F-4CFA-99AB-55CAEB95271C} - C:\Windows\ps16sys.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{53E30863-280F-4CFA-99AB-55CAEB95271C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ps16sys.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53E30863-280F-4CFA-99AB-55CAEB95271C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53E30863-280F-4CFA-99AB-55CAEB95271C}]

O2 - BHO: PCTools - {C9BB982C-503D-4C0C-BDC7-ECE2A7FADFE9} - C:\Windows\pctools.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{C9BB982C-503D-4C0C-BDC7-ECE2A7FADFE9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pctools.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C9BB982C-503D-4C0C-BDC7-ECE2A7FADFE9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C9BB982C-503D-4C0C-BDC7-ECE2A7FADFE9}]

O2 - BHO: PCTools - {5C8494A5-7525-46B3-94C2-2F734EEBD48B} - C:\Windows\netweb64c.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{5C8494A5-7525-46B3-94C2-2F734EEBD48B}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\netweb64c.dll]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C8494A5-7525-46B3-94C2-2F734EEBD48B}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\browser helper objects\{5C8494A5-7525-46B3-94C2-2F734EEBD48B}]

[2008-04-13]
1.3.14.3473

Includes Bug Fixes in handling file detection/deletion of %Temp%\A??-tmpaoi.exe and %Temp%\A??-tmp.exe

Files:
%SystemDir%\wjcstd32.dll
%WinDir%\winsurf.dll

Folders:

Services:

Registry:
O2 - BHO: Sofos - {44B1C291-CF3E-4B66-8BAB-31040FDC30A9} - C:\WINDOWS\sofos32x.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{44B1C291-CF3E-4B66-8BAB-31040FDC30A9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44B1C291-CF3E-4B66-8BAB-31040FDC30A9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44B1C291-CF3E-4B66-8BAB-31040FDC30A9}]

O2 - BHO: Sofos - {D6848354-33D9-4E22-B94D-91A727129920} - C:\WINDOWS\sofos32x.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\winsurf.AVideo]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D6848354-33D9-4E22-B94D-91A727129920}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D6848354-33D9-4E22-B94D-91A727129920}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D263B532-C528-49E5-8BB6-80FA67332C9A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{7165223D-D2C9-422B-8126-411B11842B8B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D6848354-33D9-4E22-B94D-91A727129920}]

O2 - BHO: Sofos - {E45B12A3-3687-4CEB-B0F5-F2CF3B901C6C} - C:\WINDOWS\sofos32x.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{E45B12A3-3687-4CEB-B0F5-F2CF3B901C6C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E45B12A3-3687-4CEB-B0F5-F2CF3B901C6C}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E45B12A3-3687-4CEB-B0F5-F2CF3B901C6C}]

O2 - BHO: Explorer - {3348D07C-7C5C-D2C4-CFBA-A47F82347C8B} - C:\WINDOWS\System32\wjcstd32.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3348D07C-7C5C-D2C4-CFBA-A47F82347C8B}]

O2 - BHO: WinSurf - {1F91C786-BBA0-41D2-8B3D-B88242677BAC} - C:\WINDOWS\winsurf.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1F91C786-BBA0-41D2-8B3D-B88242677BAC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\winsurf.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1F91C786-BBA0-41D2-8B3D-B88242677BAC}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1F91C786-BBA0-41D2-8B3D-B88242677BAC}]

[2008-04-11]
File Version 1.3.12.3454

Includes Bug fixes in search path for %DesktopCommonDir% and %ProgramsCommonDir%

Files:
%SystemDrive%\smp.bat
%Temp%\A??-tmpaoi.exe
%Temp%\A??-tmp.exe
%WinDir%\cndr32a.dll
%WinDir%\sofos16x.dll
%WinDir%\sofos32x.dll

Folders:

Services:

Registry:
[HKEY_CURRENT_USER\software\microsoft\bind]
"comment2"=-

[HKEY_CURRENT_USER\software\microsoft\bind]
"comment"=-

O2 - BHO: Media Player Codec - {54202673-BD70-423C-AE57-5B2354567629} - C:\WINDOWS\dsaip32b.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{54202673-BD70-423C-AE57-5B2354567629}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{54202673-BD70-423C-AE57-5B2354567629}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54202673-BD70-423C-AE57-5B2354567629}]

O2 - BHO: Media Codec - {53C4786E-B8BC-4245-97C4-C4AFFE28A8CA} - C:\WINDOWS\kiasys.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{53C4786E-B8BC-4245-97C4-C4AFFE28A8CA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{53C4786E-B8BC-4245-97C4-C4AFFE28A8CA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53C4786E-B8BC-4245-97C4-C4AFFE28A8CA}]

O2 - BHO: Media Codec - {547F4E57-9025-403B-B619-073854A60DA1} - C:\WINDOWS\kiasys.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{547F4E57-9025-403B-B619-073854A60DA1}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{547F4E57-9025-403B-B619-073854A60DA1}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{547F4E57-9025-403B-B619-073854A60DA1}]

O2 - BHO: Media Codec - {C41A222A-B516-4190-B0B7-0AF2CE7F5C28} - C:\WINDOWS\kiasys.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{C41A222A-B516-4190-B0B7-0AF2CE7F5C28}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C41A222A-B516-4190-B0B7-0AF2CE7F5C28}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C41A222A-B516-4190-B0B7-0AF2CE7F5C28}]

O2 - BHO: FLW Viewer - {1CF50F68-ECAD-45C6-AFC1-B5DC4B95B15E} - C:\WINDOWS\cndr32a.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\cndr32a.Video]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1CF50F68-ECAD-45C6-AFC1-B5DC4B95B15E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\cndr32a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1CF50F68-ECAD-45C6-AFC1-B5DC4B95B15E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CF50F68-ECAD-45C6-AFC1-B5DC4B95B15E}]

O2 - BHO: FLW Viewer - {2B53C730-8A79-4E13-A35F-3E41CA13E12F} - C:\WINDOWS\cndr32a.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{2B53C730-8A79-4E13-A35F-3E41CA13E12F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2B53C730-8A79-4E13-A35F-3E41CA13E12F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2B53C730-8A79-4E13-A35F-3E41CA13E12F}]

O2 - BHO: FLW Viewer - {38E4618F-E3E4-42E9-925F-6B02C798BD94} - C:\WINDOWS\cndr32a.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{38E4618F-E3E4-42E9-925F-6B02C798BD94}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{38E4618F-E3E4-42E9-925F-6B02C798BD94}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38E4618F-E3E4-42E9-925F-6B02C798BD94}]

O2 - BHO: FLW Viewer - {8D820860-2FA8-49A8-8809-B450ED80D3BB} - C:\WINDOWS\cndr32a.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{8D820860-2FA8-49A8-8809-B450ED80D3BB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8D820860-2FA8-49A8-8809-B450ED80D3BB}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8D820860-2FA8-49A8-8809-B450ED80D3BB}]

O2 - BHO: [unknown] - {B49949CA-3062-4FA3-A24A-E27BAFD7C940} - C:\WINDOWS\sofos16x.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sofos16x.AVideo]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B49949CA-3062-4FA3-A24A-E27BAFD7C940}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\sofos16x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B49949CA-3062-4FA3-A24A-E27BAFD7C940}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B49949CA-3062-4FA3-A24A-E27BAFD7C940}]

O2 - BHO: Sofos - {73776361-F206-4A50-9687-801C6FE9BA31} - C:\WINDOWS\sofos32x.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sofos32x.AVideo]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{73776361-F206-4A50-9687-801C6FE9BA31}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\sofos32x.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73776361-F206-4A50-9687-801C6FE9BA31}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CA9FB42A-B0FA-4315-A32B-19D4C715CE77}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{73776361-F206-4A50-9687-801C6FE9BA31}]

[2008-04-02]
File Version 1.3.10.3351

Conducts Registry edits to enure that REGEDIT, Task Manager, and CMD are not disabled.

Files:
%WinDir%\dsaip32b.dll
%WinDir%\kiasys.dll

Folders:

Services:

Registry:
O2 - BHO: Media Player Codec - {3084A75F-5350-4D8B-BC5F-6B378035C133} - C:\WINDOWS\dsaip32b.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\dsaip32b.Video]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\dsaip32b.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{3084A75F-5350-4D8B-BC5F-6B378035C133}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3084A75F-5350-4D8B-BC5F-6B378035C133}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3084A75F-5350-4D8B-BC5F-6B378035C133}]

O2 - BHO: Media Player Codec - {687A466A-D7CB-4FDF-965C-92462A82D7F0} - C:\WINDOWS\dsaip32b.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{687A466A-D7CB-4FDF-965C-92462A82D7F0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{687A466A-D7CB-4FDF-965C-92462A82D7F0}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{687A466A-D7CB-4FDF-965C-92462A82D7F0}]

O2 - BHO: Media Player Codec - {8B65F8A9-BAD5-4261-BB6F-25B2020C3098} - C:\WINDOWS\dsaip32b.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{8B65F8A9-BAD5-4261-BB6F-25B2020C3098}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B65F8A9-BAD5-4261-BB6F-25B2020C3098}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B65F8A9-BAD5-4261-BB6F-25B2020C3098}]

O2 - BHO: Media Player Codec - {B4EF0D13-5359-457D-BA85-C110AEC377B5} - C:\WINDOWS\dsaip32b.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B4EF0D13-5359-457D-BA85-C110AEC377B5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B4EF0D13-5359-457D-BA85-C110AEC377B5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4EF0D13-5359-457D-BA85-C110AEC377B5}]

O2 - BHO: Media Codec - {50B051EE-8EF3-4D58-828D-74F0D1FFE4AA} - C:\WINDOWS\kiasys.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\kiasys.Video]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\kiasys.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{50B051EE-8EF3-4D58-828D-74F0D1FFE4AA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{50B051EE-8EF3-4D58-828D-74F0D1FFE4AA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50B051EE-8EF3-4D58-828D-74F0D1FFE4AA}]

O2 - BHO: Media Codec - {8B580E40-6B46-44C8-9E80-A5AD6E1D1035} - C:\WINDOWS\kiasys.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{8B580E40-6B46-44C8-9E80-A5AD6E1D1035}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8B580E40-6B46-44C8-9E80-A5AD6E1D1035}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B580E40-6B46-44C8-9E80-A5AD6E1D1035}]

[2008-03-23]
File Version 1.2.10.3326

Files:

Folders:

Services:

Registry:
O2 - BHO: Media Player Classic - {486D0362-657B-4771-B56D-AE29AA31B78B} - C:\WINDOWS\ausctv32a.dll
%WinDir%\ausctv32a.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ausctv32a.Video]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ausctv32a.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{486D0362-657B-4771-B56D-AE29AA31B78B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{486D0362-657B-4771-B56D-AE29AA31B78B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{486D0362-657B-4771-B56D-AE29AA31B78B}]

O2 - BHO: Media Player Classic - {5ADB5143-1CBD-4A52-A604-CCC8D76BA8D4} - C:\WINDOWS\ausctv32a.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{5ADB5143-1CBD-4A52-A604-CCC8D76BA8D4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5ADB5143-1CBD-4A52-A604-CCC8D76BA8D4}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5ADB5143-1CBD-4A52-A604-CCC8D76BA8D4}]

O2 - BHO: Media Player Classic - {CE0487CA-8B02-431E-BA63-D38844E020B5} - C:\WINDOWS\ausctv32a.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{CE0487CA-8B02-431E-BA63-D38844E020B5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CE0487CA-8B02-431E-BA63-D38844E020B5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CE0487CA-8B02-431E-BA63-D38844E020B5}]

[2008-03-18]
File Version 1.2.10.3314

Files:
%SystemDir%\wbeconm.dll
%SystemDir%\wcptr.exe
%SystemDir%\web.exe
%SystemDir%\wfcof.dll
%SystemDir%\wfkduei.dll
%SystemDir%\whitevx.lst
%SystemDir%\wiatwain.dll
%SystemDir%\win32.exe
%SystemDir%\win32hp.dll
%SystemDir%\win64.ex
%SystemDir%\winacpi.dll
%SystemDir%\winahr32.dll
%SystemDir%\winapi32.dll
%SystemDir%\WinAvX.exe
%SystemDir%\WinAvXx.exe
%SystemDir%\winbjt32.dll
%SystemDir%\winbl32.dll
%SystemDir%\winblsrv.dll
%SystemDir%\winbrume.dll
%SystemDir%\wincgf32.dll
%SystemDir%\wincrt.exe
%SystemDir%\winctrl16.exe
%SystemDir%\winctrl32.exe
%SystemDir%\winctrl64.exe
%SystemDir%\wineil32.dll
%SystemDir%\winmfu32.dll
%SystemDir%\winlfl32.dll
%SystemDir%\winflash.dll
%SystemDir%\winghy32.dll
%SystemDir%\winhdn32.dll
%SystemDir%\winhoo32.dll
%SystemDir%\winhook.exe
%SystemDir%\win.ini.t00
%SystemDir%\WinFlyer32.dll
%SystemDir%\winjgf32.dll
%SystemDir%\winjrs32.dll
%SystemDir%\winkve32.dll
%SystemDir%\winldra.exe
%SystemDir%\winlfl32.dll
%SystemDir%\winlogon.ini
%SystemDir%\winmuse.exe
%SystemDir%\winmvj32.dll
%SystemDir%\winnook.exe
%SystemDir%\winnvy32.dll
%SystemDir%\winosl32.dll
%SystemDir%\winproc32.exe
%SystemDir%\winres.dll
%SystemDir%\winresd32.dll
%SystemDir%\winrir32.dll
%SystemDir%\winrnt32.dll
%SystemDir%\winsrv32.exe
%SystemDir%\winstall.exe
%SystemDir%\winstyle2.dll
%SystemDir%\winstyle3.dll
%SystemDir%\winsub.xml
%SystemDir%\winsysms.exe
%SystemDir%\wintbu32.dll
%SystemDir%\winter.exe
%SystemDir%\wintfj32.dll
%SystemDir%\wintime.exe
%SystemDir%\winuc386.exe
%SystemDir%\winuns32.dll
%SystemDir%\winuptd.exe
%SystemDir%\winwiz32.exe
%SystemDir%\winwly32.dll
%SystemDir%\winzlo32.dll
%SystemDir%\wldr.dll
%SystemDir%\wml.exe
%SystemDir%\wmstrbum.exe
%SystemDir%\wmvds32.dll
%SystemDir%\wmzgrab.exe
%SystemDir%\wnafdlyd.dll
%SystemDir%\wowfx.dll
%SystemDir%\wowlze.dll
%SystemDir%\wp.bmp
%SystemDir%\wpchz.dll
%SystemDir%\wpfb.dat
%SystemDir%\wppp.html
%SystemDir%\wqzdtjg.dll
%SystemDir%\wschtm35.dll
%SystemDir%\wstart.dll
%SystemDir%\wupdmgr.tmp
%SystemDir%\wupeng.exe
%SystemDir%\wuwbxp.dll
%SystemDir%\wvvwa.*
%SystemDir%\wygomd.dll
%SystemDir%\wzhtjqo.dll
%SystemDir%\xch33fr.dll
%SystemDir%\xedasn.dll
%SystemDir%\xenadot.dll
%SystemDir%\xikor.dll
%SystemDir%\xkrdk.dll
%SystemDir%\xnpfjs.exe
%SystemDir%\xnvaogd.dll
%SystemDir%\xovdzz.dll
%SystemDir%\xpupdate.dll
%SystemDir%\xpupdate.exe-up.txt
%SystemDir%\xqpauzx.dll
%SystemDir%\xtgwjrm.dll
%SystemDir%\xtsyynm.dll
%SystemDir%\xuefh.dll
%SystemDir%\xuoce.dll
%SystemDir%\xxfgmy.dll
%SystemDir%\xxxdialer.exe
%SystemDir%\xyxuic.dll
%SystemDir%\yaemu.exe
%SystemDir%\yephk.dll
%SystemDir%\yesgnhr.dll
%SystemDir%\yfysupa.dll
%SystemDir%\ygjun.dll
%SystemDir%\yhbdupd.dll
%SystemDir%\yhjbbzf.dll
%SystemDir%\ymmzwd.dll
%SystemDir%\ymsmsgs.exe
%SystemDir%\yneid.dll
%SystemDir%\yosdjh.dll
%SystemDir%\yronl.dll
%SystemDir%\ysyssuuz.exe
%SystemDir%\yuspej.dll
%SystemDir%\yvvdj.dll
%SystemDir%\ywbicim.dll
%SystemDir%\zch29sr.dll
%SystemDir%\zdwii.dll
%SystemDir%\zhopaizdupla.exe
%SystemDir%\zkpssqa.dll
%SystemDir%\zlara.dll
%SystemDir%\zlbw.dll_tobedeleted
%SystemDir%\zolk.dll
%SystemDir%\zolker???.dll
%SystemDir%\zpeolvh.dll
%SystemDir%\zphnok.dll
%SystemDir%\zpuwriz.dll
%SystemDir%\ZServ.dll
%SystemDir%\ztoolb???.dll
%SystemDir%\ztoolbar.bmp
%SystemDir%\ztoolbar.dll
%SystemDir%\ztoolbar.xml
%SystemDir%\ztoolber.dll
%SystemDir%\zcwlnic.dll
%SystemDir%\zz_duxzj.dll
%SystemDir%\components\flx?.dll
%SystemDir%\components\flx??.dll
%SystemDir%\components\flx???.dll
%SystemDir%\components\flx????.dll
%SystemDir%\drivers\uwasfsd.sys

Folders:

Services:

Registry:
O2 - BHO: Windows Media Player - {8161DF25-78BD-412D-8B45-87EFD0839BC6} - C:\WINDOWS\wmpdxm.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{8161DF25-78BD-412D-8B45-87EFD0839BC6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8161DF25-78BD-412D-8B45-87EFD0839BC6}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8161DF25-78BD-412D-8B45-87EFD0839BC6}]

O2 - BHO: Windows Media Player - {8388F272-9EDA-4F4E-88FD-4711CBA4BA2B} - C:\WINDOWS\wmpdxm.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{8388F272-9EDA-4F4E-88FD-4711CBA4BA2B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8388F272-9EDA-4F4E-88FD-4711CBA4BA2B}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8388F272-9EDA-4F4E-88FD-4711CBA4BA2B}]

O2 - BHO: Windows Media Player - {8E9C2138-EFA4-4B14-9062-7FD1F7C10E82} - C:\WINDOWS\wmpdxm.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{8E9C2138-EFA4-4B14-9062-7FD1F7C10E82}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E9C2138-EFA4-4B14-9062-7FD1F7C10E82}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E9C2138-EFA4-4B14-9062-7FD1F7C10E82}]

O2 - BHO: Windows Media Player - {C7E9503C-DA29-4183-8FA9-978C32852C20} - C:\WINDOWS\wmpdxm.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{C7E9503C-DA29-4183-8FA9-978C32852C20}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C7E9503C-DA29-4183-8FA9-978C32852C20}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7E9503C-DA29-4183-8FA9-978C32852C20}]

O2 - BHO: Windows Media Player - {D5A7151F-58D0-4AC8-9329-BEDD59625679} - C:\Windows\wmpdxm.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D5A7151F-58D0-4AC8-9329-BEDD59625679}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D5A7151F-58D0-4AC8-9329-BEDD59625679}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D5A7151F-58D0-4AC8-9329-BEDD59625679}]

[2008-03-08]
File Verion 1.2.10.3145

Files:

Folders:

Services:

Registry:
O2 - BHO: Windows Media Player - {7DB0A0E2-FD42-43AE-A12A-760DBBC3C876} - C:\WINDOWS\wmpdxm.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7DB0A0E2-FD42-43AE-A12A-760DBBC3C876}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7DB0A0E2-FD42-43AE-A12A-760DBBC3C876}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB0A0E2-FD42-43AE-A12A-760DBBC3C876}]

O2 - BHO: Windows Media Player - {D480850D-85D1-4836-9AEA-86C185CDAE29} - C:\WINDOWS\wmpdxm.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D480850D-85D1-4836-9AEA-86C185CDAE29}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D480850D-85D1-4836-9AEA-86C185CDAE29}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D480850D-85D1-4836-9AEA-86C185CDAE29}]

O2 - BHO: Windows Media Player - {E01D62BE-3C96-4165-A54F-1A51CD75D6F9} - C:\WINDOWS\wmpdxm.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{E01D62BE-3C96-4165-A54F-1A51CD75D6F9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E01D62BE-3C96-4165-A54F-1A51CD75D6F9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E01D62BE-3C96-4165-A54F-1A51CD75D6F9}]

O2 - BHO: Windows Media Player - {F3167A8F-30FF-4BA1-9FF8-03568E53BC1A} - C:\WINDOWS\wmpdxm.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F3167A8F-30FF-4BA1-9FF8-03568E53BC1A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3167A8F-30FF-4BA1-9FF8-03568E53BC1A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3167A8F-30FF-4BA1-9FF8-03568E53BC1A}]

O2 - BHO: Windows Media Player - {F757B0A0-E8CA-4CC3-BFF5-DECD70DFEEDA} - C:\WINDOWS\wmpdxm.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F757B0A0-E8CA-4CC3-BFF5-DECD70DFEEDA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F757B0A0-E8CA-4CC3-BFF5-DECD70DFEEDA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F757B0A0-E8CA-4CC3-BFF5-DECD70DFEEDA}]

[2008-03-03]
File Version 1.2.10.3130

Files:
%DesktopCommonDir%\Search And Destroy.lnk
%ProgramsCommonDir%\Search And Destroy\Search And Destroy.lnk
%ProgramsCommonDir%\Search And Destroy\Uninstall Search And Destroy.lnk
%DesktopDir%\Search And Destroy.lnk
%ProgramsDir%\Search And Destroy\Search And Destroy.lnk
%ProgramsDir%\Search And Destroy\Uninstall Search And Destroy.lnk
%ProgramFilesDir%\Search And Destroy\Search And Destroy.exe
%ProgramFilesDir%\Search And Destroy\Uninstall\IRIMG1.JPG
%ProgramFilesDir%\Search And Destroy\Uninstall\IRIMG2.JPG
%ProgramFilesDir%\Search And Destroy\Uninstall\IRIMG3.JPG
%ProgramFilesDir%\Search And Destroy\Uninstall\uninstall.dat
%ProgramFilesDir%\Search And Destroy\Uninstall\uninstall.xml
%WinDir%\Search And Destroy Setup Log.txt
%WinDir%\Search And Destroy\uninstall.exe
%WinDir%\wmpdxm.dll
%SystemDir%\tio???.dll
%SystemDir%\tipp.dat
%SystemDir%\tippcls.dat
%SystemDir%\tisa.cnf
%SystemDir%\tips.exe
%SystemDir%\tiqmcx.dll
%SystemDir%\tisa.dll
%SystemDir%\titiau.dll
%SystemDir%\tkrsw.dll
%SystemDir%\tkosvv.dll
%SystemDir%\tload.ocx
%SystemDir%\tmp?.tmp.dll
%SystemDir%\tmp??.tmp.dll
%SystemDir%\tmp???.tmp.dll
%SystemDir%\tmp.req
%SystemDir%\tmpf00.exe
%SystemDir%\tmxxxh.dll
%SystemDir%\tnvocyn.dll
%SystemDir%\tpedvf.dll
%SystemDir%\tqcwm.dll
%SystemDir%\trf32.dll
%SystemDir%\tromomwin32.exe
%SystemDir%\truetype.exe
%SystemDir%\ts.ico
%SystemDir%\ttu.exe
%SystemDir%\tu.exe
%SystemDir%\tvomnc.dll
%SystemDir%\tvtpwp.dll
%SystemDir%\twain32.dll
%SystemDir%\txfdb32.dll
%SystemDir%\txxkb.dll
%SystemDir%\ucbrrt.dll
%SystemDir%\ucmbegr.dll
%SystemDir%\udpmod.dll
%SystemDir%\ugbtna.dll
%SystemDir%\uglgs.dll
%SystemDir%\ugofuq.dll
%SystemDir%\uhvjsul.dll
%SystemDir%\uimcu.dll
%SystemDir%\ulztc.dll
%SystemDir%\unaoakg.dll
%SystemDir%\Uninstall.ico
%SystemDir%\unpfrwb.dll
%SystemDir%\updwebmin.exe
%SystemDir%\ur72.dll
%SystemDir%\urroxtl.dll
%SystemDir%\users32.exe
%SystemDir%\uxzj.dll
%SystemDir%\vblhanf.dll
%SystemDir%\vbsys2.dll
%SystemDir%\vcehaeb.dll
%SystemDir%\vcodec.exe
%SystemDir%\veklo.dll
%SystemDir%\veptlh.dll
%SystemDir%\vgibz.dll
%SystemDir%\vhywj.dll
%SystemDir%\vindows32.exe
%SystemDir%\viruxz.dll
%SystemDir%\viuaoq.dll
%SystemDir%\viwpzla.dll
%SystemDir%\vjxwnn.dll
%SystemDir%\vmlwp.dll
%SystemDir%\voblaizdupla.exe
%SystemDir%\vobler.exe
%SystemDir%\voi???.exe
%SystemDir%\VOI???.OXE
%SystemDir%\vophqmn.dll
%SystemDir%\vpccw.dll
%SystemDir%\vpxnk.dll
%SystemDir%\vsl04.exe
%SystemDir%\vtewupi.dll
%SystemDir%\vtr???.dll
%SystemDir%\vtsqr.dll
%SystemDir%\vtstq.dll
%SystemDir%\vusxqm.dll
%SystemDir%\vvihh.dll
%SystemDir%\vwfps.dll
%SystemDir%\vwlummc.dll
%SystemDir%\vwsrv.exe
%SystemDir%\vx.tll
%SystemDir%\vxddsk.exe
%SystemDir%\vxgame?.exe
%SystemDir%\vxgame?.exe
%SystemDir%\vxgame?.exe????.exe
%SystemDir%\vxgamet?.exe
%SystemDir%\vxgamet?.exe????.exe
%SystemDir%\vxg?ame?.exe
%SystemDir%\vxg?amet?.exe
%SystemDir%\vxg?am?et?.exe
%SystemDir%\vxga?me?t?.exe
%SystemDir%\vxh8jkdq?.exe
%SystemDir%\vxt?.game
%SystemDir%\vzvbvs.exe
%SystemDir%\vzfhprk.dll
%SystemDir%\w8673492.exe
%SystemDir%\wallp2.exe
%SystemDir%\wbc32.exe

Folders:
%ProgramsCommonDir%\Search And Destroy
%ProgramsDir%\Search And Destroy
%ProgramFilesDir%\Search And Destroy
%ProgramFilesDir%\Search And Destroy\Uninstall
%WinDir%\Search And Destroy

Services:
vwservice
vwsrv

Registry:
O2 - BHO: MS Video Control 1.0 - {38E0A84D-A691-406F-93B2-7DC709C2D0F9} - C:\WINDOWS\msvidc32.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{38E0A84D-A691-406F-93B2-7DC709C2D0F9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{38E0A84D-A691-406F-93B2-7DC709C2D0F9}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38E0A84D-A691-406F-93B2-7DC709C2D0F9}]

O2 - BHO: MS Video Control 1.0 - {708F8B95-4012-4A3A-9494-5EEE5F8CC89E} - C:\WINDOWS\msvidc32.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{708F8B95-4012-4A3A-9494-5EEE5F8CC89E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{708F8B95-4012-4A3A-9494-5EEE5F8CC89E}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{708F8B95-4012-4A3A-9494-5EEE5F8CC89E}]

O2 - BHO: MS Video Control 1.0 - {AD50B648-6165-46EE-9FA9-81F73D8F84DA} - C:\WINDOWS\msvidc32.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AD50B648-6165-46EE-9FA9-81F73D8F84DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AD50B648-6165-46EE-9FA9-81F73D8F84DA}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AD50B648-6165-46EE-9FA9-81F73D8F84DA}]

O2 - BHO: Windows Media Player - {61FEBF12-793B-4D8A-8513-D1814FE2A395} - C:\WINDOWS\wmpdxm.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\wmpdxm.Video]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\wmpdxm.dll]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{61FEBF12-793B-4D8A-8513-D1814FE2A395}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{61FEBF12-793B-4D8A-8513-D1814FE2A395}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61FEBF12-793B-4D8A-8513-D1814FE2A395}]

O2 - BHO: Windows Media Player - {7CF52009-F408-49AE-BBCB-6279CB53BB42} - C:\WINDOWS\wmpdxm.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7CF52009-F408-49AE-BBCB-6279CB53BB42}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7CF52009-F408-49AE-BBCB-6279CB53BB42}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7CF52009-F408-49AE-BBCB-6279CB53BB42}]

O2 - BHO: Windows Media Player - {AFCB0C91-199F-4C49-9F62-09F8CBDAD17A} - C:\WINDOWS\wmpdxm.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AFCB0C91-199F-4C49-9F62-09F8CBDAD17A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AFCB0C91-199F-4C49-9F62-09F8CBDAD17A}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AFCB0C91-199F-4C49-9F62-09F8CBDAD17A}]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SearchAndDestroyMFC"=-
[-HKEY_CURRENT_USER\Software\MPMFC1]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search And Destroy5.2]

[2008-02-17]
File Version 1.2.10.3004

Files:
%SystemDir%\s.exe
%SystemDir%\sachostc.exe
%SystemDir%\sachostp.exe
%SystemDir%\sachostm.exe
%SystemDir%\sachosts.exe
%SystemDir%\sacskza.dll
%SystemDir%\sbnudh.dll
%SystemDir%\scdochop.dll
%SystemDir%\scmt16.exe
%SystemDir%\scpsssh2.dll
%SystemDir%\sdfdil.exe
%SystemDir%\sdfghjgewaertyutrew.exe
%SystemDir%\search.html
%SystemDir%\searchdll.dll
%SystemDir%\secitipx.dll
%SystemDir%\secure32.txt
%SystemDir%\sefe.exe
%SystemDir%\senssrv.dll
%SystemDir%\service.exe
%SystemDir%\services32.exe
%SystemDir%\sethcd.exe
%SystemDir%\sft.res
%SystemDir%\shdochop.dll
%SystemDir%\shdocpl.dll
%SystemDir%\shdocvn.dll
%SystemDir%\shdocnvt.dll
%SystemDir%\shell386.exe
%SystemDir%\shellgui32.dll
%SystemDir%\shlapimext.dll
%SystemDir%\shnlog.exe
%SystemDir%\siiyal.dll
%SystemDir%\simpole.tlb
%SystemDir%\sipov.dll
%SystemDir%\sivudro.dll
%SystemDir%\sjablonen.dll
%SystemDir%\skuns.dat
%SystemDir%\SkyAffiliate.exe
%SystemDir%\smaexp32.dll
%SystemDir%\smartdrv.exe
%SystemDir%\smbdins.exe
%SystemDir%\soft3.exe
%SystemDir%\spb32.dll
%SystemDir%\split?.exe
%SystemDir%\spnping.exe
%SystemDir%\spoolsrv32.exe
%SystemDir%\spoolsvv.exe
%SystemDir%\spy_sys.exe
%SystemDir%\spyware.ico
%SystemDir%\srpcsrv32.dll
%SystemDir%\ss1001.exe
%SystemDir%\ssk3.exe
%SystemDir%\ssk3_b5 seedcorn 4.exe
%SystemDir%\ssk_b5 ventura marketing 15.exe
%SystemDir%\st3.dll
%SystemDir%\stdole3.tlb
%SystemDir%\stera.job
%SystemDir%\stera.log
%SystemDir%\stickrep.dll
%SystemDir%\stickrep.dll.Delete
%SystemDir%\stickrep1.dll
%SystemDir%\stlb2.dll
%SystemDir%\stlb2.xml
%SystemDir%\stobj32.exe
%SystemDir%\sttwrd.dll
%SystemDir%\Suchspur.dll
%SystemDir%\SudokuInstaller.exe
%SystemDir%\sulimo.dat
%SystemDir%\Sumsw32.exe
%SystemDir%\supdate2.dll
%SystemDir%\suprox.dll
%SystemDir%\surzzh.dll
%SystemDir%\susp.exe
%SystemDir%\svchop.exe
%SystemDir%\svchosts.dll
%SystemDir%\svchost72.exe
%SystemDir%\svcp.csv
%SystemDir%\svcnt.exe
%SystemDir%\svcnt32.exe
%SystemDir%\svcnut.exe
%SystemDir%\svcnva.exe
%SystemDir%\svcnvt.exe
%SystemDir%\svwhost.exe
%SystemDir%\swqzdtj.dll
%SystemDir%\symcsvc.exe
%SystemDir%\symsvcsa.exe
%SystemDir%\sysinit32.exe
%SystemDir%\sysobjwertb.dll
%SystemDir%\system.exe
%SystemDir%\system1.dat6
%SystemDir%\system32.dll
%SystemDir%\systemdll.exe
%SystemDir%\systems.txt
%SystemDir%\systime.exe
%SystemDir%\sysvcs.exe
%SystemDir%\sysvx.exe
%SystemDir%\sywsvcs.exe
%SystemDir%\syycum.dll
%SystemDir%\Sweeper.cfg
%SystemDir%\sxpdr32.dll
%SystemDir%\sxrun32.ini
%SystemDir%\sxwbfqgl.exe
%SystemDir%\t1t.exe
%SystemDir%\tahxqcj.dll
%SystemDir%\taskdir.dll
%SystemDir%\taskdir.exe
%SystemDir%\taskdir~.exe
%SystemDir%\taskmang.exe
%SystemDir%\taskmgr.com
%SystemDir%\tazth.dll
%SystemDir%\tconini.dat
%SystemDir%\tcpipmon.exe
%SystemDir%\tcprp.dll
%SystemDir%\tcpservice2.exe
%SystemDir%\tczij.dll
%SystemDir%\tetriz3.exe
%SystemDir%\TheMatrixHasYou.exe
%SystemDir%\thlwin32.dll
%SystemDir%\thn.dll
%SystemDir%\thun.dll
%SystemDir%\thun32.dll
%SystemDir%\tibs.exe
%SystemDir%\ticads.exe
%SystemDir%\tickcnt.bin
%SystemDir%\ticont.dll
%SystemDir%\tt.exe
%SystemDir%\ttt.exe
%SystemDir%\tttt.exe
%SystemDir%\ttttt.exe

Folders:

Services:

Registry:
O2 - BHO: MS Video Control 1.0 - {2E09C916-948C-42AF-8451-17B1439DFFD5} - C:\WINDOWS\msvidc32.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{2E09C916-948C-42AF-8451-17B1439DFFD5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2E09C916-948C-42AF-8451-17B1439DFFD5}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E09C916-948C-42AF-8451-17B1439DFFD5}]

O2 - BHO: MS Video Control 1.0 - {E9601C0B-FA98-4E6D-A015-AE5B43F47962} - C:\WINDOWS\msvidc32.dll
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{E9601C0B-FA98-4E6D-A015-AE5B43F47962}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E9601C0B-FA98-4E6D-A015-AE5B43F47962}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E9601C0B-FA98-4E6D-A015-AE5B43F47962}]


[2008-02-25]
File Version 1.2.10.2869

Files:
  %SystemDir%\msiefr40.dll
  %SystemDir%\MSIEHelper.dll
  %SystemDir%\msits.exe
  %SystemDir%\msjwer.exe
  %SystemDir%\msjwer.hts
  %SystemDir%\msmsgs.exe
  %SystemDir%\msnscps.dll
  %SystemDir%\msnsrv.exe
  %SystemDir%\msole32.exe
  %SystemDir%\msorcl32.exe
  %SystemDir%\mspostsp.exe
  %SystemDir%\msrexe.exe
  %SystemDir%\msscds32.dll
  %SystemDir%\mssearchnet.exe
  %SystemDir%\mstlb.exe
  %SystemDir%\msupdate32.dll
  %SystemDir%\msvcrt64.dll
  %SystemDir%\msvcrtid.exe
  %SystemDir%\msvcp.exe
  %SystemDir%\msvol.tlb
  %SystemDir%\msvsres.dll
  %SystemDir%\mswerqwd.dll
  %SystemDir%\mswinb32.dll
  %SystemDir%\mswinb32.exe
  %SystemDir%\mswinf32.dll
  %SystemDir%\mswinf32.exe
  %SystemDir%\mswinup32.dll
  %SystemDir%\mswinxml.dll
  %SystemDir%\msxmlpp.dll
  %SystemDir%\msxslab.dll
  %SystemDir%\mtc.dll
  %SystemDir%\MTC.ini
  %SystemDir%\multitran.exe
  %SystemDir%\muvdjo.dll
  %SystemDir%\mvwqn.dll
  %SystemDir%\mxhfjy.dll
  %SystemDir%\mydriver64.sys
  %SystemDir%\mysvcc.exe
  %SystemDir%\mytob.exe
  %SystemDir%\mytool.com
  %SystemDir%\mzoeut.dll
  %SystemDir%\mzrun.exe
  %SystemDir%\n04s0ah7ed4.dll
  %SystemDir%\nbbrhbd.dll
  %SystemDir%\ncompat.tlb
  %SystemDir%\ncompat(2).tlb
  %SystemDir%\ncrjf.dll
  %SystemDir%\nczupfw.dll
  %SystemDir%\nieyn.dll
  %SystemDir%\netfilt4.exe
  %SystemDir%\netstat2.exe
  %SystemDir%\netsupp.dll
  %SystemDir%\NetWrap.dll
  %SystemDir%\NetWrap.dll.ren
  %SystemDir%\newdial?.exe
  %SystemDir%\newmaxxsv234.exe
  %SystemDir%\nexpegp.dll
  %SystemDir%\ninja.rar
  %SystemDir%\nmp.log
  %SystemDir%\nopctrl.dll
  %SystemDir%\norpl.exe
  %SystemDir%\notifysb.dll
  %SystemDir%\notifysb.dll.bak
  %SystemDir%\ntfsnlpa.exe
  %SystemDir%\ntsysv.exe
  %SystemDir%\nuclabdll.dll
  %SystemDir%\nun.dll
  %SystemDir%\nun.dll.tcf
  %SystemDir%\nuqjici.dll
  %SystemDir%\nusrmgr.exe
  %SystemDir%\nvctrl.exe
  %SystemDir%\nzdd.dll
  %SystemDir%\oebxpba.dll
  %SystemDir%\oembios32.dll
  %SystemDir%\oerucu.dll
  %SystemDir%\ofcukiz.dll
  %SystemDir%\office_pnl.dll
  %SystemDir%\officescan.exe
  %SystemDir%\okkmtv.dll
  %SystemDir%\oleadm.dll
  %SystemDir%\oleadm32.dll
  %SystemDir%\oins.exe
  %SystemDir%\oksrqqu.dll
  %SystemDir%\ole32vbs.exe
  %SystemDir%\oleext.dll
  %SystemDir%\oleext32.dll
  %SystemDir%\olemdb32.dl_
  %SystemDir%\olemdb32.dll
  %SystemDir%\olnohdw.dll
  %SystemDir%\onljweo.dll
  %SystemDir%\onofub.dll
  %SystemDir%\onwtj.dll
  %SystemDir%\OODBS.lor
  %SystemDir%\Open.ico
  %SystemDir%\openconf.exe
  %SystemDir%\opssd.dat
  %SystemDir%\oqabf.dll
  %SystemDir%\oqipt.dll
  %SystemDir%\oqtwa.*
  %SystemDir%\ornzq.dll
  %SystemDir%\osdjhjc.dll
  %SystemDir%\osdsreg?.exe
  %SystemDir%\ot.ico
  %SystemDir%\ownyhr.dll
  %SystemDir%\oybgrql.dll
  %SystemDir%\oyopu.dll
  %SystemDir%\parad.raw.exe
  %SystemDir%\paradise.raw.exe
  %SystemDir%\param32.dll
  %SystemDir%\pasmew.dll
  %SystemDir%\paydial.exe
  %SystemDir%\paytime.com
  %SystemDir%\paytime.exe
  %SystemDir%\pavas.ico
  %SystemDir%\pbdev2.dll
  %SystemDir%\pdqhmd.dll
  %SystemDir%\per.exe
  %SystemDir%\perfcii.ini
  %SystemDir%\performent???.dll
  %SystemDir%\pfrmj.dll
  %SystemDir%\phhr.bat
  %SystemDir%\pjgerka.dll
  %SystemDir%\pinch.exe
  %SystemDir%\pkgvyg.dll
  %SystemDir%\pkjcoxq.dll
  %SystemDir%\pluwue.dll
  %SystemDir%\pmdsrego.exe
  %SystemDir%\pmnqguh.dll
  %SystemDir%\pndsregs.exe
  %SystemDir%\p?dsreg?.exe
  %SystemDir%\posem.dll
  %SystemDir%\present?.txt
  %SystemDir%\prflbmsgp32.dll
  %SystemDir%\printer.exe
  %SystemDir%\priva.exe
  %SystemDir%\private.exe
  %SystemDir%\proper.exe
  %SystemDir%\ProtEX32.exe
  %SystemDir%\ps.a3d
  %SystemDir%\psndz.dll
  %SystemDir%\psnint.exe
  %SystemDir%\ptainfo?.ico
  %SystemDir%\qjrkvy.exe
  %SystemDir%\qch29sr.dll
  %SystemDir%\qnusjji.dll
  %SystemDir%\qomnono.dll
  %SystemDir%\qrucmr.dll
  %SystemDir%\qrzsyr.dll
  %SystemDir%\qscem.vob
  %SystemDir%\qtstv.*
  %SystemDir%\questmod.dll
  %SystemDir%\Quick.ico
  %SystemDir%\qrucmr.dll
  %SystemDir%\qumgdn.exe
  %SystemDir%\qvjpt.dll
  %SystemDir%\gwquvw.dll
  %SystemDir%\qvxgamet?.exe
  %SystemDir%\qxfgcg.dll
  %SystemDir%\qzviz.dll
  %SystemDir%\ramtmb.dll
  %SystemDir%\rcohty.dll
  %SystemDir%\rdccba.exe
  %SystemDir%\rdihost.dll
  %SystemDir%\rdpslip.exe
  %SystemDir%\rdsndin.exe
  %SystemDir%\reger.exe
  %SystemDir%\reglogs.dll
  %SystemDir%\regperf.exe
  %SystemDir%\repairs.dll
  %SystemDir%\repairs302??????.dll
  %SystemDir%\repairs303??????.dll
  %SystemDir%\repigsp.exe
  %SystemDir%\RegistryCleanerSetup.exe
  %SystemDir%\replmap.dll
  %SystemDir%\remadm32.dll
  %SystemDir%\Remove Spyware.ico
  %SystemDir%\res.dll
  %SystemDir%\ResourceHelper.dll
  %SystemDir%\rftjpkh.dll
  %SystemDir%\rldsregn.exe
  %SystemDir%\rldsregs.exe
  %SystemDir%\rldyt.dll
  %SystemDir%\rmtdvc.dll
  %SystemDir%\rmzdzx.dll
  %SystemDir%\rnxwph.dll
  %SystemDir%\rock.exe
  %SystemDir%\rosdzop.dll
  %SystemDir%\rpcc.dll
  %SystemDir%\rpcc.exe
  %SystemDir%\RpcxSs.dll
  %SystemDir%\rrtcany.dll
  %SystemDir%\rrtrit.dll
  %SystemDir%\rtwwf.exe
  %SystemDir%\runsrv32.dll
  %SystemDir%\runsrv32.exe
  %SystemDir%\rxqcpn.dll
  %SystemDir%\ryxrho.dll

Folders:

Services:

Registry:
  O2 - BHO: MS Video Control 1.0 - {54629298-47B2-4F79-BC62-7B3648D70020} - C:\Windows\msvidc32.dll
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{54629298-47B2-4F79-BC62-7B3648D70020}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{54629298-47B2-4F79-BC62-7B3648D70020}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54629298-47B2-4F79-BC62-7B3648D70020}]

  O2 - BHO: MS Video Control 1.0 - {B8DE8F32-8900-4F89-BFD5-CB4D49FEBE47} - C:\Windows\msvidc32.dll
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B8DE8F32-8900-4F89-BFD5-CB4D49FEBE47}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B8DE8F32-8900-4F89-BFD5-CB4D49FEBE47}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B8DE8F32-8900-4F89-BFD5-CB4D49FEBE47}]

[2008-02-23]
File Version 1.2.10.2661

  O2 - BHO: MS Video Control 1.0 - {96074552-3830-40E3-8274-FB9E092F04EC} - C:\Windows\msvidc32.dll
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{96074552-3830-40E3-8274-FB9E092F04EC}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{96074552-3830-40E3-8274-FB9E092F04EC}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96074552-3830-40E3-8274-FB9E092F04EC}]

  O2 - BHO: MS Video Control 1.0 - {CAD36397-AF2B-4F5D-9172-1D3874222A23} - C:\WINDOWS\msvidc32.dll
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{CAD36397-AF2B-4F5D-9172-1D3874222A23}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CAD36397-AF2B-4F5D-9172-1D3874222A23}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAD36397-AF2B-4F5D-9172-1D3874222A23}]

  O2 - BHO: MS Video Control 1.0 - {CBC3486E-92D1-419D-BEBF-D3D972B87902} - C:\WINDOWS\msvidc32.dll
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{CBC3486E-92D1-419D-BEBF-D3D972B87902}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CBC3486E-92D1-419D-BEBF-D3D972B87902}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CBC3486E-92D1-419D-BEBF-D3D972B87902}]

WinXDefender:
  O2 - BHO: SearchHelper Class - {505087B6-49F1-4B75-853B-47BD7BF30A30} - C:\WINDOWS\System32\FeedMerge.dll
-Files-
  %AppData%\WinXDefender\base.dat
  %AppData%\WinXDefender\base2.dat
  %AppData%\WinXDefender\Desc.dat
  %AppData%\WinXDefender\spline.dat
  %AppData%\WinXDefender\WinXDefender.ini
  %Programs%\WinXDefender\Purchase License.lnk
  %Programs%\WinXDefender\Support Page.lnk
  %Programs%\WinXDefender\WinXDefender Uninstall.lnk
  %Programs%\WinXDefender\WinXDefender.lnk
  %ProgramFiles%\WinXDefender\Buy.url
  %ProgramFiles%\WinXDefender\gqfix.exe
  %ProgramFiles%\WinXDefender\Help.url
  %ProgramFiles%\WinXDefender\Uninstall.exe
  %ProgramFiles%\WinXDefender\WinXDefender.exe
  %SystemDir%\FeedMerge.dll
-Folders-
  %AppData%\WinXDefender
  %Programs%\WinXDefender
  %ProgramFiles%\WinXDefender
-Registry Items-
  [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
  "WinXDefender"=-
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinXDefender]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YGHelper.SearchHelper]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YGHelper.SearchHelper.1]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\YGHelper.DLL]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7F8FD529-8CBF-4998-A602-FCE3E74CA9A3}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{505087B6-49F1-4B75-853B-47BD7BF30A30}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{ED0BE1F5-6822-4E15-BA40-FF593A769FEE}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{23E0D79C-E8D7-4163-8902-4C1C11BD9A41}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{505087B6-49F1-4B75-853B-47BD7BF30A30}]

Miscellaneous Deletions:
  %SystemDir%\ipztub.dll
  %SystemDir%\iqzv.dll
  %SystemDir%\isfmdl.dll
  %SystemDir%\isfmm.exe
  %SystemDir%\ishost.exe
  %SystemDir%\ishost.exe_tobedeleted
  %SystemDir%\ismini.exe
  %SystemDir%\ismon.exe
  %SystemDir%\isnotify.exe
  %SystemDir%\isntfy.exe
  %SystemDir%\issearch.exe
  %SystemDir%\issrch.exe
  %SystemDir%\itDD.exe
  %SystemDir%\itdtjjf.dll
  %SystemDir%\its.txt
  %SystemDir%\ivrllc.dll
  %SystemDir%\iwwvh.dll
  %SystemDir%\ixt?.dll
  %SystemDir%\ixt??.dll
  %SystemDir%\jac.dll
  %SystemDir%\jao.dll
  %SystemDir%\jbhbolcl.exe
  %SystemDir%\jbtazy.dll
  %SystemDir%\jevtxpg.dll
  %SystemDir%\jkhob.dll
  %SystemDir%\jnuxc.dll
  %SystemDir%\jpqet.dll
  %SystemDir%\jrpkmgh.dll
  %SystemDir%\kbui32.dll
  %SystemDir%\kdfat.exe
  %SystemDir%\kduev.exe
  %SystemDir%\kernel32.exe
  %SystemDir%\kernels32.exe
  %SystemDir%\kernels64.exe
  %SystemDir%\kernels8.bak.exe
  %SystemDir%\kernels8.exe
  %SystemDir%\keydsp.exe
  %SystemDir%\kfhrvq.dll
  %SystemDir%\kgkdbsk.dll
  %SystemDir%\khfedec.dll
  %SystemDir%\khtbpdl.dll
  %SystemDir%\kkqfb.dll
  %SystemDir%\kldtm.exe
  %SystemDir%\kspydoc.log
  %SystemDir%\ktrxe.dll
  %SystemDir%\kuhmk.dll
  %SystemDir%\kvfvw.dll
  %SystemDir%\kzpkwj.dll
  %SystemDir%\lanH32.dll
  %SystemDir%\lapmvzf.dll
  %SystemDir%\latest.exe
  %SystemDir%\lcch.dat
  %SystemDir%\lcsrsrv.dll
  %SystemDir%\ld???.tmp
  %SystemDir%\ld????.tmp
  %SystemDir%\ldsm.exe
  %SystemDir%\lfd32.ini
  %SystemDir%\lgaac.dll
  %SystemDir%\li.exe
  %SystemDir%\lich.exe
  %SystemDir%\links.exe
  %SystemDir%\ll.exe
  %SystemDir%\loadadv???.exe
  %SystemDir%\loadctr32.exe
  %SystemDir%\loader.exe
  %SystemDir%\localhost32.exe
  %SystemDir%\loggiver.dll
  %SystemDir%\logic.sam
  %SystemDir%\lognch.exe
  %SystemDir%\logon032.dll
  %SystemDir%\lqvkx.fkq
  %SystemDir%\lrnjnzf.dll
  %SystemDir%\lssvs.exe
  %SystemDir%\lt.res
  %SystemDir%\LuResult.txt
  %SystemDir%\lut.dat
  %SystemDir%\lwpfwjb.dll
  %SystemDir%\m00.exe
  %SystemDir%\main.exe
  %SystemDir%\maxd1.exe
  %SystemDir%\maxd64.exe
  %SystemDir%\mcc.exe
  %SystemDir%\mdms.exe
  %SystemDir%\mfjfge.dll
  %SystemDir%\migicons.exe
  %SystemDir%\mirarsearch_toolbar.exe
  %SystemDir%\mirarsearch_tool cash.exe
  %SystemDir%\mivmv.dll
  %SystemDir%\mljigge.dll
  %SystemDir%\mlraakb.dll
  %SystemDir%\mnmsrv.exe
  %SystemDir%\monem.dll
  %SystemDir%\moywh.dll
  %SystemDir%\mpcsvc.exe
  %SystemDir%\MS13.exe
  %SystemDir%\msahgjee.dll
  %SystemDir%\msalert.exe
  %SystemDir%\msasvc.exe
  %SystemDir%\msbind32.exe
  %SystemDir%\mscnf.dll
  %SystemDir%\mscomserv.bin
  %SystemDir%\mscomserv.exe
  %SystemDir%\mscornet.exe
  %SystemDir%\msdcom32.dll
  %SystemDir%\msdde.dll
  %SystemDir%\msdn_lib.dll
  %SystemDir%\msgcli.dll
  %SystemDir%\mshtml32.tdb

Services:
  Microsoft authenticate service
  MS COMMON SERVICE

[2008-02-22]
File Version 1.2.10.2526

  O2 - BHO: MS Video Control 1.0 - {4E21495F-0004-4614-9DC9-6B8F7E5024F5} - C:\Windows\msvidc32.dll
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{4E21495F-0004-4614-9DC9-6B8F7E5024F5}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E21495F-0004-4614-9DC9-6B8F7E5024F5}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E21495F-0004-4614-9DC9-6B8F7E5024F5}]

  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{917F93BF-6714-4E11-8982-59DB2E0F88FC}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D9F6CE57-0718-4BD1-916F-5FB1F86911C2}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
  "{917F93BF-6714-4E11-8982-59DB2E0F88FC}"=-
  "{D9F6CE57-0718-4BD1-916F-5FB1F86911C2}"=-
  "{E94EB13E-D78F-0857-7734-5E67A49FFFF1}"=-
  "{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C}"=-

  %MyDocumentsDir%\pos0.tmp
  %MyDocumentsDir%\pos1.tmp
  %MyDocumentsDir%\pos2.tmp
  %MyDocumentsDir%\pos3.tmp
  %MyDocumentsDir%\pos4.tmp
  %MyDocumentsDir%\pos5.tmp
  %MyDocumentsDir%\pos6.tmp
  %MyDocumentsDir%\pos7.tmp
  %MyDocumentsDir%\pos8.tmp
  %MyDocumentsDir%\pos9.tmp
  %MyDocumentsDir%\posA.tmp
  %MyDocumentsDir%\posB.tmp
  %MyDocumentsDir%\posC.tmp
  %MyDocumentsDir%\posD.tmp
  %MyDocumentsDir%\posE.tmp
  %MyDocumentsDir%\posF.tmp
  %MyDocumentsDir%\pos0?.tmp
  %MyDocumentsDir%\pos1?.tmp
  %MyDocumentsDir%\pos2?.tmp
  %MyDocumentsDir%\pos4?.tmp
  %MyDocumentsDir%\pos5?.tmp
  %MyDocumentsDir%\pos6?.tmp
  %MyDocumentsDir%\pos7?.tmp
  %MyDocumentsDir%\pos8?.tmp
  %MyDocumentsDir%\pos9?.tmp
  %MyDocumentsDir%\posA?.tmp
  %MyDocumentsDir%\posB?.tmp
  %MyDocumentsDir%\posC?.tmp
  %MyDocumentsDir%\posD?.tmp
  %MyDocumentsDir%\posE?.tmp
  %MyDocumentsDir%\posF?.tmp
  %MyDocumentsDir%\pos0??.tmp
  %MyDocumentsDir%\pos1??.tmp
  %MyDocumentsDir%\pos2??.tmp
  %MyDocumentsDir%\pos3??.tmp
  %MyDocumentsDir%\pos4??.tmp
  %MyDocumentsDir%\pos5??.tmp
  %MyDocumentsDir%\pos6??.tmp
  %MyDocumentsDir%\pos7??.tmp
  %MyDocumentsDir%\pos8??.tmp
  %MyDocumentsDir%\pos9??.tmp
  %MyDocumentsDir%\posA??.tmp
  %MyDocumentsDir%\posB??.tmp
  %MyDocumentsDir%\posC??.tmp
  %MyDocumentsDir%\posD??.tmp
  %MyDocumentsDir%\posE??.tmp
  %MyDocumentsDir%\posF??.tmp
  %MyDocumentsDir%\pos0???.tmp
  %MyDocumentsDir%\pos1???.tmp
  %MyDocumentsDir%\pos2???.tmp
  %MyDocumentsDir%\pos3???.tmp
  %MyDocumentsDir%\pos4???.tmp
  %MyDocumentsDir%\pos5???.tmp
  %MyDocumentsDir%\pos6???.tmp
  %MyDocumentsDir%\pos7???.tmp
  %MyDocumentsDir%\pos8???.tmp
  %MyDocumentsDir%\pos9???.tmp
  %MyDocumentsDir%\posA???.tmp
  %MyDocumentsDir%\posB???.tmp
  %MyDocumentsDir%\posC???.tmp
  %MyDocumentsDir%\posD???.tmp
  %MyDocumentsDir%\posE???.tmp
  %MyDocumentsDir%\posF???.tmp
  %MyDocumentsDir%\pos0????.tmp
  %MyDocumentsDir%\pos1????.tmp
  %MyDocumentsDir%\pos2????.tmp
  %MyDocumentsDir%\pos3????.tmp
  %MyDocumentsDir%\pos4????.tmp
  %MyDocumentsDir%\pos5????.tmp
  %MyDocumentsDir%\pos6????.tmp
  %MyDocumentsDir%\pos7????.tmp
  %MyDocumentsDir%\pos8????.tmp
  %MyDocumentsDir%\pos9????.tmp
  %MyDocumentsDir%\posA????.tmp
  %MyDocumentsDir%\posB????.tmp
  %MyDocumentsDir%\posC????.tmp
  %MyDocumentsDir%\posD????.tmp
  %MyDocumentsDir%\posE????.tmp
  %MyDocumentsDir%\posF????.tmp
  %SystemDir%\IEFilter.dll
  %SystemDir%\IeHelperExVS.dll
  %SystemDir%\iesplg.dll
  %SystemDir%\igkvf.dll
  %SystemDir%\igpfced.dll
  %SystemDir%\igzxwrl.dll
  %SystemDir%\iheuv.dll
  %SystemDir%\ijftc.dll
  %SystemDir%\ikhcore.log
  %SystemDir%\iklqcx.dll
  %SystemDir%\ilmpjy.dll
  %SystemDir%\image.gif.exe
  %SystemDir%\image1.gif.exe
  %SystemDir%\ImaS3r
  %SystemDir%\imfdfcj.dll
  %SystemDir%\impgsje.dll
  %SystemDir%\index_dsp.html
  %SystemDir%\indwvm.dll
  %SystemDir%\inetp60.dll
  %SystemDir%\info.txt
  %SystemDir%\inst.exe
  %SystemDir%\intel32.exe
  %SystemDir%\intell32.exe
  %SystemDir%\intelli321.exe
  %SystemDir%\intercept.dll
  %SystemDir%\interf.tlb
  %SystemDir%\intmon.exe
  %SystemDir%\intmonp.exe
  %SystemDir%\intxt.exe
  %SystemDir%\ioctl.dll
  %SystemDir%\ioctrl.dll
  %SystemDir%\ipf.exe
  %SystemDir%\txdkfh.dll
  %SystemDir%\wbchha.dll

[2008-02-19]
File Version 1.2.10.2397

  O2 - BHO: MS Video Control 1.0 - {853D915E-40FF-4125-996E-89DD934B2060} - C:\Windows\msvidc32.dll
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{853D915E-40FF-4125-996E-89DD934B2060}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{853D915E-40FF-4125-996E-89DD934B2060}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{853D915E-40FF-4125-996E-89DD934B2060]

  O2 - BHO: MS Video Control 1.0 - {EEBA7DF1-A821-469A-BD31-206AD73CFA9B} - C:\Windows\msvidc32.dll
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{EEBA7DF1-A821-469A-BD31-206AD73CFA9B}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EEBA7DF1-A821-469A-BD31-206AD73CFA9B}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEBA7DF1-A821-469A-BD31-206AD73CFA9B}]

  O2 - BHO: MS Video Control 1.0 - {F7B62E04-C4AF-4814-88EE-D5EBDBAD6387} - C:\Windows\msvidc32.dll
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F7B62E04-C4AF-4814-88EE-D5EBDBAD6387}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F7B62E04-C4AF-4814-88EE-D5EBDBAD6387}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F7B62E04-C4AF-4814-88EE-D5EBDBAD6387}]

  VirusHeat:
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{37F89457-1208-4670-9245-58C62BD6D870}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\VirusHeat 4.3.exe 4.3]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "VirusHeat 4.3"=-
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusHeat 4.3]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\VirusHeat 4.3]

  Files:
  %SystemDir%\audiosrv32.dll
  %SystemDir%\authz32.dll
  %SystemDir%\autodisc32.dll
  %SystemDir%\avifile32.dll
  %SystemDir%\avisynthex32.dll
  %SystemDir%\aviwrap32.dll
  %SystemDir%\avtmd.exe
  %SystemDir%\awtqo.dll
  %SystemDir%\awvvw.dll
  %SystemDir%\axlet.dll
  %SystemDir%\ayjhc.dll
  %SystemDir%\azdd.exe
  %SystemDir%\azebar.xml
  %SystemDir%\azesearch.inf
  %SystemDir%\azesearch?
  %SystemDir%\barseek.dll.ocx
  %SystemDir%\bbgif32.dll
  %SystemDir%\bdzzzcl.dll
  %SystemDir%\beahahl.dll
  %SystemDir%\bensorty03.dll
  %SystemDir%\bggif32.dll
  %SystemDir%\bgif32.dll
  %SystemDir%\bgwttyl.dll
  %SystemDir%\bhoimpl.dll
  %SystemDir%\biasfardihuy.dll
  %SystemDir%\bin29a.log
  %SystemDir%\birdasfihuy.dll
  %SystemDir%\birdasfihuy32.dll
  %SystemDir%\birdihuy.dll
  %SystemDir%\bk.exe
  %SystemDir%\bndmod.exe
  %SystemDir%\bnmsrv.exe
  %SystemDir%\boln.dll
  %SystemDir%\bolnyz.dll
  %SystemDir%\bootcf64.exe
  %SystemDir%\bpkwb.dll
  %SystemDir%\bpvcou.dll
  %SystemDir%\bqrcr.dll
  %SystemDir%\bre.dll
  %SystemDir%\bre32.dll
  %SystemDir%\bridge.dll
  %SystemDir%\bronto.dll
  %SystemDir%\browsela.dll
  %SystemDir%\browserad.dll
  %SystemDir%\bspsupport.exe
  %SystemDir%\bubbj.dll
  %SystemDir%\buddy.exe
  %SystemDir%\bum???.exe
  %SystemDir%\burre.dll
  %SystemDir%\ccyszwl.dll
  %SystemDir%\cdwvhbf.dll
  %SystemDir%\cefrjsh.dll
  %SystemDir%\cfcdfebedcbcb.dll
  %SystemDir%\cfgmngr32.dll
  %SystemDir%\cflcfv5.dll
  %SystemDir%\cfltygd.dll
  %SystemDir%\cfqbw.dll
  %SystemDir%\checkin.dll
  %SystemDir%\child.dll
  %SystemDir%\chke.dll
  %SystemDir%\chp.dll
  %SystemDir%\chp32.dll
  %SystemDir%\chzbi.dll
  %SystemDir%\cjuvwa.dll
  %SystemDir%\ckimzeb.dll
  %SystemDir%\clbrcek.dll
  %SystemDir%\cloudsim.exe
  %SystemDir%\clsemixer.dll
  %SystemDir%\cm.dll
  %SystemDir%\cmd32.exe
  %SystemDir%\comdlg64.dl
  %SystemDir%\comi.dll
  %SystemDir%\compstuia.dll
  %SystemDir%\compstuib.dll
  %SystemDir%\compstuic.dll
  %SystemDir%\compstuid.dll
  %SystemDir%\confl.dll
  %SystemDir%\countrydial.exe
  %SystemDir%\cqsfk.dll
  %SystemDir%\csrls.dll
  %SystemDir%\cthkpcv.dll
  %SystemDir%\ctpmon.exe
  %SystemDir%\cvnzie.dll
  %SystemDir%\cvxh8jkdq?.exe
  %SystemDir%\cwfsoopt.dll
  %SystemDir%\cwgppb.dll
  %SystemDir%\CWS_iestart.exe
  %SystemDir%\czxtyx.dll
  %SystemDir%\d2kpax.dll
  %SystemDir%\D9775779.exe
  %SystemDir%\dailytoolbar.dll
  %SystemDir%\dbgif32.dll
  %SystemDir%\dbqlrij.dll
  %SystemDir%\dcom_??.dll
  %SystemDir%\dcomcfg.exe
  %SystemDir%\dcvwaah.dll
  %SystemDir%\ddllup.dll
  %SystemDir%\ddr64.dll
  %SystemDir%\ddomv.dll
  %SystemDir%\dbqlrij.dll
  %SystemDir%\Desktop.ico
  %SystemDir%\dfrep.dll
  %SystemDir%\dflnl.exe
  %SystemDir%\dfrgsrv.exe
  %SystemDir%\dial32.exe
  %SystemDir%\directprt.sys
  %SystemDir%\dkdial.exe
  %SystemDir%\dktibs.exe
  %SystemDir%\dlh9jkdq?.exe
  %SystemDir%\dll2.dll
  %SystemDir%\dmdlgs.exe
  %SystemDir%\dnefhw.dll
  %SystemDir%\dnsersnd.dll
  %SystemDir%\docent0.dll
  %SystemDir%\dooep.dll
  %SystemDir%\down3.exe
  %SystemDir%\dped.dll
  %SystemDir%\dpfwu.dll
  %SystemDir%\DReplace.dll
  %SystemDir%\drpmon.dll
  %SystemDir%\drv???.dll
  %SystemDir%\dsibr.dll
  %SystemDir%\dsreg.exe
  %SystemDir%\dtjby.dll
  %SystemDir%\duxzj.dll
  %SystemDir%\duznhje.dll
  %SystemDir%\dvdcap.dll
  %SystemDir%\dvd4free.dll
  %SystemDir%\dwdsreg?.exe
  %SystemDir%\dxmpp.dll
  %SystemDir%\dxole32.exe
  %SystemDir%\dxovx.dll
  %SystemDir%\dxpg.exe
  %SystemDir%\dxvw????.exe
  %SystemDir%\dyrwls.dll
  %SystemDir%\e404d.dll
  %SystemDir%\e6f1873b.dll
  %SystemDir%\eeuydc.dll
  %SystemDir%\efcdedb.dll
  %SystemDir%\efsdfgxg.exe
  %SystemDir%\egzcqg.dll
  %SystemDir%\eigbbb.dll
  %SystemDir%\ek7y.exe
  %SystemDir%\ekvrlfzz.exe
  %SystemDir%\emujogu.exe
  %SystemDir%\eowygj.dll
  %SystemDir%\esent32.dll
  %SystemDir%\erxbx.dll
  %SystemDir%\eulbn.dll
  %SystemDir%\eventwvr.exe
  %SystemDir%\exa32.exe
  %SystemDir%\exec1.exe
  %SystemDir%\exec2.exe
  %SystemDir%\exeha?.exe
  %SystemDir%\exp.vbs
  %SystemDir%\exuc32.tmp
  %SystemDir%\ezzhjmt.dll
  %SystemDir%\favme.exe
  %SystemDir%\faxwin32.bin
  %SystemDir%\fcfno.exe
  %SystemDir%\fdpzgi.dll
  %SystemDir%\fedrgasb.exe
  %SystemDir%\fftktmk.dll
  %SystemDir%\fhmfes.dll
  %SystemDir%\ficqv.dll
  %SystemDir%\fifzqip.dll
  %SystemDir%\fjdcy.dll
  %SystemDir%\flirek.dll
  %SystemDir%\floop32.dll
  %SystemDir%\fmrmhc.dll
  %SystemDir%\fnczfh.dll
  %SystemDir%\fnexvt.dll
  %SystemDir%\fqdqs.dll
  %SystemDir%\fqgwiw.dll
  %SystemDir%\fsehfcu.dll
  %SystemDir%\fshqaln.dll
  %SystemDir%\fsg32.exe
  %SystemDir%\fuamfu32.ini
  %SystemDir%\funk.exe
  %SystemDir%\fwjgtk.dll
  %SystemDir%\fwrkqfl.dll
  %SystemDir%\fwzozx.dll
  %SystemDir%\fyhhxw.dll
  %SystemDir%\fyhwfc.dll
  %SystemDir%\fyxkaah.dll
  %SystemDir%\gaaplp.dll
  %SystemDir%\gadf32.exe
  %SystemDir%\gbjkog.dll
  %SystemDir%\gdrtul.dll
  %SystemDir%\geplxss.dll
  %SystemDir%\gkymhk.dll
  %SystemDir%\gqagksr.dll
  %SystemDir%\ginuerep.dll
  %SystemDir%\gnjsjc.dll
  %SystemDir%\gsrnxgh.dll
  %SystemDir%\gtawclv.dll
  %SystemDir%\gtpbl.dll
  %SystemDir%\gtpbx.dll
  %SystemDir%\gtpbxaaa.dll
  %SystemDir%\gtps.dll
  %SystemDir%\gtv_sd.bin
  %SystemDir%\guard.tmp
  %SystemDir%\guninst.exe
  %SystemDir%\gusur.dll
  %SystemDir%\gutwra.exe
  %SystemDir%\guxmhcd.dll
  %SystemDir%\guxxa.dll
  %SystemDir%\gvfsc.dll
  %SystemDir%\hadjajr.ini
  %SystemDir%\hanonvt.ini
  %SystemDir%\hard.lck
  %SystemDir%\hp??.tmp
  %SystemDir%\hp???.tmp
  %SystemDir%\hp????.tmp
  %SystemDir%\hclean32.exe
  %SystemDir%\HCLEAN32.EXE.*
  %SystemDir%\Help.ico
  %SystemDir%\helper.exe
  %SystemDir%\helperymsmsgs.exe
  %SystemDir%\hhk.dll
  %SystemDir%\higehsg.dll
  %SystemDir%\higjxe.dll
  %SystemDir%\hjfjhigjxe.dll
  %SystemDir%\hjpprpu.dll
  %SystemDir%\hlmicro.exe
  %SystemDir%\holnvvf.dll
  %SystemDir%\hookdump.exe
  %SystemDir%\hrum133.txt
  %SystemDir%\hteogat.dll
  %SystemDir%\htey.dll
  %SystemDir%\httge.dll
  %SystemDir%\hvcycg.dll
  %SystemDir%\hvnwm.dll
  %SystemDir%\hwiper.exe
  %SystemDir%\hybsys32.dll
  %SystemDir%\hymww.dll
  %SystemDir%\hzclqhc.dll
  %SystemDir%\iacad.dll
  %SystemDir%\iap386.enh
  %SystemDir%\iasad.dll
  %SystemDir%\iasada.dll
  %SystemDir%\iasadm.dll
  %SystemDir%\iassdo32.dll
  %SystemDir%\iauoi.dll
  %SystemDir%\ib14.dll
  %SystemDir%\icima.dll
  %SystemDir%\IE.ico
  %SystemDir%\ieffse32.dll
  %SystemDir%\ldcore.dll

[2008-02-17]
File Version 1.2.10.2112

  O2 - BHO: Adobe PDF Reader Link Helper - {463F66BC-3B6F-4FDE-969C-94F594FECE07} - C:\WINDOWS\AcroIEHelper.dll
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{463F66BC-3B6F-4FDE-969C-94F594FECE07}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{463F66BC-3B6F-4FDE-969C-94F594FECE07}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{463F66BC-3B6F-4FDE-969C-94F594FECE07}]

  O2 - BHO: Adobe PDF Reader Link Helper - {8CF21D67-EDE6-4BBC-A009-D2CF3AAA0AE2} - C:\WINDOWS\AcroIEHelper.dll
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{8CF21D67-EDE6-4BBC-A009-D2CF3AAA0AE2}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8CF21D67-EDE6-4BBC-A009-D2CF3AAA0AE2}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8CF21D67-EDE6-4BBC-A009-D2CF3AAA0AE2}]

  O2 - BHO: MS Video Control 1.0 - {E76AA4DA-7388-4D1E-B7E4-CC809F4E8F1B} - C:\WINDOWS\msvidc32.dll
  %WinDir%\msvidc32.dll
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\msvidc32.Video]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\msvidc32.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{E76AA4DA-7388-4D1E-B7E4-CC809F4E8F1B}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E76AA4DA-7388-4D1E-B7E4-CC809F4E8F1B}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76AA4DA-7388-4D1E-B7E4-CC809F4E8F1B}]

  O2 - BHO: MS Video Control 1.0 - {2A4601BC-8376-422D-A2FC-DDF0A40570BD} - C:\WINDOWS\msvidc32.dll
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{2A4601BC-8376-422D-A2FC-DDF0A40570BD}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2A4601BC-8376-422D-A2FC-DDF0A40570BD}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A4601BC-8376-422D-A2FC-DDF0A40570BD}]

  O2 - BHO: MS Video Control 1.0 - {C3253D15-672D-46D5-8FE1-3FAB8E291E4F} - C:\WINDOWS\msvidc32.dll
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{C3253D15-672D-46D5-8FE1-3FAB8E291E4F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{C3253D15-672D-46D5-8FE1-3FAB8E291E4F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C3253D15-672D-46D5-8FE1-3FAB8E291E4F}]

  %SystemDrive%\pos0.tmp
  %SystemDrive%\pos1.tmp
  %SystemDrive%\pos2.tmp
  %SystemDrive%\pos3.tmp
  %SystemDrive%\pos4.tmp
  %SystemDrive%\pos5.tmp
  %SystemDrive%\pos6.tmp
  %SystemDrive%\pos7.tmp
  %SystemDrive%\pos8.tmp
  %SystemDrive%\pos9.tmp
  %SystemDrive%\posA.tmp
  %SystemDrive%\posB.tmp
  %SystemDrive%\posC.tmp
  %SystemDrive%\posD.tmp
  %SystemDrive%\posE.tmp
  %SystemDrive%\posF.tmp
  %SystemDrive%\pos0?.tmp
  %SystemDrive%\pos1?.tmp
  %SystemDrive%\pos2?.tmp
  %SystemDrive%\pos4?.tmp
  %SystemDrive%\pos5?.tmp
  %SystemDrive%\pos6?.tmp
  %SystemDrive%\pos7?.tmp
  %SystemDrive%\pos8?.tmp
  %SystemDrive%\pos9?.tmp
  %SystemDrive%\posA?.tmp
  %SystemDrive%\posB?.tmp
  %SystemDrive%\posC?.tmp
  %SystemDrive%\posD?.tmp
  %SystemDrive%\posE?.tmp
  %SystemDrive%\posF?.tmp
  %SystemDrive%\pos0??.tmp
  %SystemDrive%\pos1??.tmp
  %SystemDrive%\pos2??.tmp
  %SystemDrive%\pos3??.tmp
  %SystemDrive%\pos4??.tmp
  %SystemDrive%\pos5??.tmp
  %SystemDrive%\pos6??.tmp
  %SystemDrive%\pos7??.tmp
  %SystemDrive%\pos8??.tmp
  %SystemDrive%\pos9??.tmp
  %SystemDrive%\posA??.tmp
  %SystemDrive%\posB??.tmp
  %SystemDrive%\posC??.tmp
  %SystemDrive%\posD??.tmp
  %SystemDrive%\posE??.tmp
  %SystemDrive%\posF??.tmp
  %SystemDrive%\pos0???.tmp
  %SystemDrive%\pos1???.tmp
  %SystemDrive%\pos2???.tmp
  %SystemDrive%\pos3???.tmp
  %SystemDrive%\pos4???.tmp
  %SystemDrive%\pos5???.tmp
  %SystemDrive%\pos6???.tmp
  %SystemDrive%\pos7???.tmp
  %SystemDrive%\pos8???.tmp
  %SystemDrive%\pos9???.tmp
  %SystemDrive%\posA???.tmp
  %SystemDrive%\posB???.tmp
  %SystemDrive%\posC???.tmp
  %SystemDrive%\posD???.tmp
  %SystemDrive%\posE???.tmp
  %SystemDrive%\posF???.tmp
  %SystemDrive%\pos0????.tmp
  %SystemDrive%\pos1????.tmp
  %SystemDrive%\pos2????.tmp
  %SystemDrive%\pos3????.tmp
  %SystemDrive%\pos4????.tmp
  %SystemDrive%\pos5????.tmp
  %SystemDrive%\pos6????.tmp
  %SystemDrive%\pos7????.tmp
  %SystemDrive%\pos8????.tmp
  %SystemDrive%\pos9????.tmp
  %SystemDrive%\posA????.tmp
  %SystemDrive%\posB????.tmp
  %SystemDrive%\posC????.tmp
  %SystemDrive%\posD????.tmp
  %SystemDrive%\posE????.tmp
  %SystemDrive%\posF????.tmp
  %WinDir%\System\csrss.exe
  %WinDir%\System\ext32inc.dll
  %WinDir%\System\Loader.dll
  %WinDir%\System\svchost.exe
  %WinDir%\System\svchost.dll
  %WinDir%\System\svchosthook.dll
  %WinDir%\System\svwhost.dll
  %WinDir%\System\svwhost.exe
  %WinDir%\System\svwhost.exe.bak
  %SystemDir%\~update.exe
  %SystemDir%\_nvidia_xxx_.log
  %SystemDir%\_winlogon32.exe
  %SystemDir%\__c00?????.dat
  %SystemDir%\__delete_on_reboot__higjxe.dll
  %SystemDir%\__delete_on_reboot__ld????.tmp
  %SystemDir%\__delete_on_reboot__stickrep.dll
  %SystemDir%\__delete_on_reboot__ulztc.dll
  %SystemDir%\__delete_on_reboot__u_r_r_o_x_t_l_._d_l_l_
  %SystemDir%\__delete_on_reboot__winhoo32.dll
  %SystemDir%\__delete_on_reboot__winzoa32.dll
  %SystemDir%\0_exception.nls
  %SystemDir%\00392551.dll
  %SystemDir%\0mcamcap.exe
  %SystemDir%\1.txt
  %SystemDir%\2.exe
  %SystemDir%\3.exe
  %SystemDir%\41.dl_
  %SystemDir%\4ccc3cea.exe
  %SystemDir%\50.exe
  %SystemDir%\a.exe
  %SystemDir%\A00?????.tlb
  %SystemDir%\a0844217.exe
  %SystemDir%\abirvalg.dll
  %SystemDir%\abirvalg32.dll
  %SystemDir%\actskn45.ocx
  %SystemDir%\acvgxw.dll
  %SystemDir%\addinsx.dll
  %SystemDir%\AddQuit.ico
  %SystemDir%\admparsek.dll
  %SystemDir%\admparsel.dll
  %SystemDir%\adwerkz.dll
  %SystemDir%\adobeacr.dll
  %SystemDir%\adobepnl.dll
  %SystemDir%\AdServ.bat
  %SystemDir%\AdServ.dll
  %SystemDir%\AdService.bat
  %SystemDir%\AdService.dll
  %SystemDir%\adsldpb?.dll
  %SystemDir%\afkvvy.dll
  %SystemDir%\afzdbl.dll
  %SystemDir%\aghmao.dll
  %SystemDir%\aivskurq.dll
  %SystemDir%\alxres.dll
  %SystemDir%\amewq32.exe
  %SystemDir%\antzozc.dll
  %SystemDir%\apphelp32.dll
  %SystemDir%\appmagr.dll
  %SystemDir%\appwiz.dll
  %SystemDir%\ariert.dll
  %SystemDir%\asferror32.dll
  %SystemDir%\asgp32.dll
  %SystemDir%\asrupnp.exe
  %SystemDir%\asxbbx.dll
  %SystemDir%\asycfilt32.dll
  %SystemDir%\athprxy32.dll
  %SystemDir%\ati2dvaa32.dll
  %SystemDir%\ati2dvag32.dll
  %SystemDir%\atmclk.exe
  %SystemDir%\atmclk2.exe
  %SystemDir%\atmghe.exe
  %SystemDir%\atmtd.dll
  %SystemDir%\atmtd.dll_
  %SystemDir%\attrib.ini
  %SystemDir%\atzrdada.dll
  %SystemDir%\autosys.exe
  %SystemDir%\1024\*.exe
  %SystemDir%\1024\*.dll
  %SystemDir%\1024\*.*
  %SystemDir%\config\drxvp.exe
  %SystemDir%\drivers\4_stars.gif
  %SystemDir%\drivers\5_stars.gif
  %SystemDir%\drivers\alert_icon.gif
  %SystemDir%\drivers\arrow.gif
  %SystemDir%\drivers\bg_bg.gif
  %SystemDir%\drivers\blank.gif
  %SystemDir%\drivers\box_?.gif
  %SystemDir%\drivers\button_buynow.gif
  %SystemDir%\drivers\button_freescan.gif
  %SystemDir%\drivers\buy_btn.gif
  %SystemDir%\drivers\cell_bg.gif
  %SystemDir%\drivers\cell_footer.gif
  %SystemDir%\drivers\cell_header_block.gif
  %SystemDir%\drivers\cell_header_remove.gif
  %SystemDir%\drivers\cell_header_scan.gif
  %SystemDir%\drivers\close_ico.gif
  %SystemDir%\drivers\close_icon.gif
  %SystemDir%\drivers\detect.htm
  %SystemDir%\drivers\download_box.gif
  %SystemDir%\drivers\download_btn.gif
  %SystemDir%\drivers\download_now_btn.gif
  %SystemDir%\drivers\DP.sys
  %SystemDir%\drivers\egmno^wr.sys
  %SystemDir%\drivers\ersd.sys
  %SystemDir%\drivers\features.gif
  %SystemDir%\drivers\footer_back.jpg
  %SystemDir%\drivers\fopf.sys
  %SystemDir%\drivers\header_*.gif
  %SystemDir%\drivers\hesvc.sys
  %SystemDir%\drivers\icon_warning.gif
  %SystemDir%\drivers\icon_warning_big.gif
  %SystemDir%\drivers\infected.gif
  %SystemDir%\drivers\logo.gif
  %SystemDir%\drivers\logo_bg.gif
  %SystemDir%\drivers\perfect_cleaner_box.jpg
  %SystemDir%\drivers\perfect_cleaner_box_small.jpg
  %SystemDir%\drivers\perfect_cleaner_header.gif
  %SystemDir%\drivers\perfect_cleaner_header_small.gif
  %SystemDir%\drivers\product_*.gif
  %SystemDir%\drivers\protect.gif
  %SystemDir%\drivers\pt.htm
  %SystemDir%\drivers\rating.gif
  %SystemDir%\drivers\remove_spyware_button.gif
  %SystemDir%\drivers\remove_spyware_header.gif
  %SystemDir%\drivers\s_detect.htm
  %SystemDir%\drivers\screenshot.jpg
  %SystemDir%\drivers\secuity_center_logo.gif
  %SystemDir%\drivers\sep_hor.gif
  %SystemDir%\drivers\sep_vert.gif
  %SystemDir%\drivers\shadow.jpg
  %SystemDir%\drivers\shadow_bg.gif
  %SystemDir%\drivers\spacer.gif
  %SystemDir%\drivers\spy_away_box.jpg
  %SystemDir%\drivers\spy_away_box_small.jpg
  %SystemDir%\drivers\spy_away_header.gif
  %SystemDir%\drivers\spy_away_header_small.gif
  %SystemDir%\drivers\spyware_detected.gif
  %SystemDir%\drivers\star.gif
  %SystemDir%\drivers\star_gray.gif
  %SystemDir%\drivers\star_gray_small.gif
  %SystemDir%\drivers\star_small.gif
  %SystemDir%\drivers\style.css
  %SystemDir%\drivers\users_rating.gif
  %SystemDir%\drivers\v.gif
  %SystemDir%\drivers\warning_ico.gif
  %SystemDir%\drivers\warning_icon.gif
  %SystemDir%\drivers\win_logo.gif
  %SystemDir%\drivers\winut.dat
  %SystemDir%\drivers\x.gif
  %SystemDir%\drivers\yellow_warning_ico.gif
  %SystemDir%\drivers\etc\.protected
  %SystemDir%\drives\pnpdrv.sys
  %SystemDir%\drives\*.*
  %SystemDir%\kqgubstd\*.dll
  %SystemDir%\kqgubstd\*.*
  %SystemDir%\LogFiles\A04111925.so
  %SystemDir%\LogFiles\A54102200.so
  %SystemDir%\LogFiles\H53131712.so
  %SystemDir%\LogFiles\M54111925.so
  %SystemDir%\LogFiles\P54111925.so
  %SystemDir%\LogFiles\S53252000.so
  %SystemDir%\LogFiles\T54111925.so
  %SystemDir%\msdrives\driverpp.sys
  %SystemDir%\msdrives\*.dll
  %SystemDir%\msdrives\*.*
  %SystemDir%\policies\driverpp.sys
  %SystemDir%\policies\*.dll
  %SystemDir%\policies\*.*

  %WinDir%\System\1024
  %SystemDir%\1024
  %SystemDir%\drives
  %SystemDir%\kqgubstd
  %SystemDir%\msdrives
  %SystemDir%\policies

[2008-02-15]
File Version 1.2.8.2261

  Bug Fix - Refinement of files targeted in the %SystemDrive%\downloads\ folder

  Checks Process Path of malicious processes.  Determines PID of malicious process, and then terminates the malicious process by PID.  Before deleting the malicious process.

  Stops and Deletes a malicious Service.

  O2 - BHO: Adobe PDF Reader Link Helper - {D79145D5-535E-4B27-BCD3-9AFBB326829C} - C:\WINDOWS\AcroIEHelper.dll
  [-HKEY_CLASSES_ROOT\AppID\{D79145D5-535E-4B27-BCD3-9AFBB326829C}]
  [-HKEY_CLASSES_ROOT\CLSID\{D79145D5-535E-4B27-BCD3-9AFBB326829C}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D79145D5-535E-4B27-BCD3-9AFBB326829C}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D79145D5-535E-4B27-BCD3-9AFBB326829C}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D79145D5-535E-4B27-BCD3-9AFBB326829C}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D79145D5-535E-4B27-BCD3-9AFBB326829C}]

  %SystemDrive%\downloads\SpySpotterEWebInstall.exe
  %SystemDrive%\downloads\eCodec-V4.??.exe
  %SystemDrive%\downloads\mediaCodec-V4.???.exe
  %SystemDrive%\downloads\sv-codec-V?.exe
  %SystemDrive%\downloads\svideocodec4_???.exe
  %SystemDrive%\downloads\vcodec_ver3_???.exe
  %SystemDrive%\downloads\xpassman_v3.???.exe
  %WinDir%\svchost.exe
  %WinDir%\svchost72.exe
  %WinDir%\svcnt32.exe
  %WinDir%\svcproc.exe
  %WinDir%\svhjdsah.exe
  %WinDir%\sys1?.exe
  %WinDir%\sys1??.exe
  %WinDir%\sys1???.exe
  %WinDir%\sys2?.exe
  %WinDir%\sys2??.exe
  %WinDir%\sys2???.exe
  %WinDir%\sys3?.exe
  %WinDir%\sys3??.exe
  %WinDir%\sys3???.exe
  %WinDir%\sys4?.exe
  %WinDir%\sys4??.exe
  %WinDir%\sys4???.exe
  %WinDir%\sys5?.exe
  %WinDir%\sys5??.exe
  %WinDir%\sys5???.exe
  %WinDir%\sys6?.exe
  %WinDir%\sys6??.exe
  %WinDir%\sys6???.exe
  %WinDir%\sys7?.exe
  %WinDir%\sys7??.exe
  %WinDir%\sys7???.exe
  %WinDir%\sys8?.exe
  %WinDir%\sys8??.exe
  %WinDir%\sys8???.exe
  %WinDir%\sys9?.exe
  %WinDir%\sys9??.exe
  %WinDir%\sys9???.exe
  %WinDir%\syscore.dll
  %WinDir%\sysdx.dll
  %WinDir%\sysldr32.exe
  %WinDir%\system.exe
  %WinDir%\system1.dat?
  %WinDir%\System32fab.exe
  %WinDir%\sysvx_.exe
  %WinDir%\tas.exe
  %WinDir%\teller2.chk
  %WinDir%\temp.000.exe
  %WinDir%\tempf.txt
  %WinDir%\test
  %WinDir%\timessquare.exe
  %WinDir%\timessquare1.dat
  %WinDir%\tlhelp.dll
  %WinDir%\toffel32.exe
  %WinDir%\tool?.exe
  %WinDir%\tool??.exe
  %WinDir%\toolbar.exe
  %WinDir%\tpopup.exe
  %WinDir%\true-stories.gif
  %WinDir%\trustinbar.exe
  %WinDir%\ts.gif
  %WinDir%\ts_header.gif
  %WinDir%\ttvbon???.dll
  %WinDir%\uninstDsk.exe
  %WinDir%\uninstiu.exe
  %WinDir%\uniq
  %WinDir%\update12.js
  %WinDir%\update13.js
  %WinDir%\update911.js
  %WinDir%\uptodate.exe
  %WinDir%\ur72.dll
  %WinDir%\utufctex.exe
  %WinDir%\v.gif
  %WinDir%\vh4h.exe
  %WinDir%\videoc.dll
  %WinDir%\videoslots.ico
  %WinDir%\vindows32.exe
  %WinDir%\vipext???.dll
  %WinDir%\vpnconfig.dll
  %WinDir%\vpsnetwork.dll
  %WinDir%\vpssup.dll
  %WinDir%\vsl04.exe
  %WinDir%\vsmart.dll
  %WinDir%\vobler.exe
  %WinDir%\voipwet.dll
  %WinDir%\vr_sys.dll
  %WinDir%\vxddsk.exe
  %WinDir%\wallp2.exe
  %WinDir%\warnhp.html
  %WinDir%\warning-bar-ico.gif
  %WinDir%\warning_icon.gif
  %WinDir%\wbc32.exe
  %WinDir%\wbecheck.exe
  %WinDir%\wbecheck.old
  %WinDir%\wbecheck.tmp
  %WinDir%\werbet???.dll
  %WinDir%\win-sec-center-logo.gif
  %WinDir%\wincom??.dll
  %WinDir%\wininet32.exe
  %WinDir%\windows-compatible.gif
  %WinDir%\WindowsUpdates.exe
  %WinDir%\win_logo.gif
  %WinDir%\winlogon(2).exe
  %WinDir%\winres.dll
  %WinDir%\winstall.exe
  %WinDir%\winsysban?.exe
  %WinDir%\winsysupd?.exe
  %WinDir%\winsysupd??.exe
  %WinDir%\wml.exe
  %WinDir%\wmpconf.dll
  %WinDir%\wmpdev.dll
  %WinDir%\wmpenv.dll
  %WinDir%\wmphost.dll
  %WinDir%\wmplayer.dll
  %WinDir%\wmsound.dll
  %WinDir%\wmzgrab.exe
  %WinDir%\wnsp.dll
  %WinDir%\wow.dll
  %WinDir%\wowsupport.dll
  %WinDir%\wsremover.exe
  %WinDir%\wtopmod.exe
  %WinDir%\wupdmgr.exe
  %WinDir%\x.gif
  %WinDir%\xadbrk.dll
  %WinDir%\xadbrk.exe
  %WinDir%\xadbrk_.exe
  %WinDir%\xadbrk?.tmp
  %WinDir%\xcvwer.dll
  %WinDir%\xpupdate.exe
  %WinDir%\xvideo.dll
  %WinDir%\YAXUninst.exe
  %WinDir%\yellow_warning_ico.gif
  %WinDir%\yes-icon.gif
  %WinDir%\yod.htm
  %WinDir%\zloader3.exe
  %WinDir%\ZServ.dll
  %WinDir%\zsettings.dll
  %WinDir%\Downloaded Program Files\f3initialsetup1.0.0.15.inf
  %WinDir%\Downloaded Program Files\udc6_0001_d???????netinstaller.exe
  %WinDir%\Downloaded Program Files\udc6?_0001_d???????netinstaller.exe
  %WinDir%\Downloaded Program Files\YazzleActiveX.ocx
  %WinDir%\inf\btgrab.inf
  %WinDir%\inf\d3db32.dll
  %WinDir%\Media\msio32.dll
  %WinDir%\TEMP\CA83F864.exe
  %WinDir%\TEMP\drsmartload????.exe
  %WinDir%\TEMP\h91746.exe
  %WinDir%\TEMP\obnomppc.exe
  %WinDir%\TEMP\spyaxe_setup.exe

  System Startup Service (SvcProc)

[2008-02-14]
File Version 1.0.7.2102

  No longer obfuscating source code during compile.  This is to increase the speed of FixIEDef and to reduce the overall size of the executable.

  O2 - BHO: Adobe PDF Reader Link Helper - {358A14C3-CB2F-4366-9A6C-1AEB63F0B036} - C:\WINDOWS\AcroIEHelper.dll
  [-HKEY_CLASSES_ROOT\AppID\{358A14C3-CB2F-4366-9A6C-1AEB63F0B036}]
  [-HKEY_CLASSES_ROOT\CLSID\{358A14C3-CB2F-4366-9A6C-1AEB63F0B036}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{358A14C3-CB2F-4366-9A6C-1AEB63F0B036}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{358A14C3-CB2F-4366-9A6C-1AEB63F0B036}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{358A14C3-CB2F-4366-9A6C-1AEB63F0B036}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{358A14C3-CB2F-4366-9A6C-1AEB63F0B036}]

  O2 - BHO: Adobe PDF Reader Link Helper - {427DA36C-DC88-48D4-B090-1FD304BECAB2} - C:\Windows\AcroIEHelper.dll
  [-HKEY_CLASSES_ROOT\AppID\{427DA36C-DC88-48D4-B090-1FD304BECAB2}]
  [-HKEY_CLASSES_ROOT\CLSID\{427DA36C-DC88-48D4-B090-1FD304BECAB2}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{427DA36C-DC88-48D4-B090-1FD304BECAB2}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{427DA36C-DC88-48D4-B090-1FD304BECAB2}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{427DA36C-DC88-48D4-B090-1FD304BECAB2}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{427DA36C-DC88-48D4-B090-1FD304BECAB2}]

  O2 - BHO: Adobe PDF Reader Link Helper - {44970071-468F-432F-8F5E-429B2414619A} - C:\Windows\AcroIEHelper.dll
  [-HKEY_CLASSES_ROOT\AppID\{44970071-468F-432F-8F5E-429B2414619A}]
  [-HKEY_CLASSES_ROOT\CLSID\{44970071-468F-432F-8F5E-429B2414619A}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{44970071-468F-432F-8F5E-429B2414619A}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{44970071-468F-432F-8F5E-429B2414619A}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{44970071-468F-432F-8F5E-429B2414619A}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{44970071-468F-432F-8F5E-429B2414619A}]

  O2 - BHO: Adobe PDF Reader Link Helper - {6FA2DDCA-DD68-4E58-9CF6-005B10D60F31} - C:\WINDOWS\AcroIEHelper.dll
  [-HKEY_CLASSES_ROOT\AppID\{6FA2DDCA-DD68-4E58-9CF6-005B10D60F31}]
  [-HKEY_CLASSES_ROOT\CLSID\{6FA2DDCA-DD68-4E58-9CF6-005B10D60F31}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6FA2DDCA-DD68-4E58-9CF6-005B10D60F31}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{6FA2DDCA-DD68-4E58-9CF6-005B10D60F31}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FA2DDCA-DD68-4E58-9CF6-005B10D60F31}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6FA2DDCA-DD68-4E58-9CF6-005B10D60F31}]

  O2 - BHO: Adobe PDF Reader Link Helper - {A8607BAF-0EB3-473C-84C9-F3A5B901A796} - C:\WINDOWS\AcroIEHelper.dll
  [-HKEY_CLASSES_ROOT\AppID\{A8607BAF-0EB3-473C-84C9-F3A5B901A796}]
  [-HKEY_CLASSES_ROOT\CLSID\{A8607BAF-0EB3-473C-84C9-F3A5B901A796}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A8607BAF-0EB3-473C-84C9-F3A5B901A796}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{A8607BAF-0EB3-473C-84C9-F3A5B901A796}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A8607BAF-0EB3-473C-84C9-F3A5B901A796}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A8607BAF-0EB3-473C-84C9-F3A5B901A796}]

  O2 - BHO: Adobe PDF Reader Link Helper - {DA67288F-069B-449D-BA4C-0CE0C3C42265} - C:\WINDOWS\AcroIEHelper.dll
  [-HKEY_CLASSES_ROOT\AppID\{DA67288F-069B-449D-BA4C-0CE0C3C42265}]
  [-HKEY_CLASSES_ROOT\CLSID\{DA67288F-069B-449D-BA4C-0CE0C3C42265}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DA67288F-069B-449D-BA4C-0CE0C3C42265}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{DA67288F-069B-449D-BA4C-0CE0C3C42265}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DA67288F-069B-449D-BA4C-0CE0C3C42265}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DA67288F-069B-449D-BA4C-0CE0C3C42265}]

  %WinDir%\.protected
  %WinDir%\ltosie.old
  %WinDir%\loadadv728.exe
  %WinDir%\loader138.exe
  %WinDir%\loadnew.exe
  %WinDir%\local.html
  %WinDir%\localhost32.exe
  %WinDir%\loggiver.dll
  %WinDir%\logic.sam
  %WinDir%\logo.gif
  %WinDir%\logon032.dll
  %WinDir%\main_back.gif
  %WinDir%\main_uninstaller.exe
  %WinDir%\mc-110-12-0000234.exe
  %WinDir%\messengersystem.exe
  %WinDir%\mgrs.exe
  %WinDir%\Microsoft.exe
  %WinDir%\money.exe
  %WinDir%\monhop.exe
  %WinDir%\mousepad?.exe
  %WinDir%\mousepad??.exe
  %WinDir%\movctrl???.dll
  %WinDir%\mpatrol.dll
  %WinDir%\mrjj.exe
  %WinDir%\ms1.exe
  %WinDir%\ms2.exe
  %WinDir%\ms4.exe
  %WinDir%\msalert.exe
  %WinDir%\mscore.dll
  %WinDir%\msdde.dll
  %WinDir%\msddx.dll
  %WinDir%\msdn.dll
  %WinDir%\msdns.dll
  %WinDir%\msduo2.dll
  %WinDir%\msdrv.exe
  %WinDir%\msdrvctrl.exe
  %WinDir%\msie.dll
  %WinDir%\msio32.dll
  %WinDir%\msjwer.dll
  %WinDir%\mslog.exe
  %WinDir%\msmdev.dll
  %WinDir%\msmduo.dll
  %WinDir%\msmhost.dll
  %WinDir%\msng.exe
  %WinDir%\msole.dll
  %WinDir%\msqnx.dll
  %WinDir%\mssmart.dll
  %WinDir%\mssms.dll
  %WinDir%\mssql.dll
  %WinDir%\msstasks?.exe
  %WinDir%\mssys.com
  %WinDir%\mstasks?.exe
  %WinDir%\mstlb.exe
  %WinDir%\msvb.dll
  %WinDir%\mtuninst.exe
  %WinDir%\mxd.exe
  %WinDir%\mxduo.dll
  %WinDir%\mydriver64.sys
  %WinDir%\mytob.exe
  %WinDir%\mytool.com
  %WinDir%\myupdates.exe
  %WinDir%\myupdates1.dat
  %WinDir%\nail.exe
  %WinDir%\NavExt.dll
  %WinDir%\navibar_*.gif
  %WinDir%\neobus.dll
  %WinDir%\netadv.dll
  %WinDir%\netdx.dat
  %WinDir%\nethop.exe
  %WinDir%\netsup.dll
  %WinDir%\newname.dat
  %WinDir%\newname?.exe
  %WinDir%\newname??.exe
  %WinDir%\ninja.rar
  %WinDir%\nmcuninstall.exe
  %WinDir%\no-icon.gif
  %WinDir%\nopctrl
  %WinDir%\nopzet.dll
  %WinDir%\notepad.exe.tmp
  %WinDir%\nretcip.exe
  %WinDir%\nsduo.dll
  %WinDir%\nssfrch.dll
  %WinDir%\ntspk???.dll
  %WinDir%\nxmuma.exe
  %WinDir%\ocgrep.dll
  %WinDir%\odidbu.ini
  %WinDir%\onlineshopping.ico
  %WinDir%\oprev???.dll
  %WinDir%\opssd.dat
  %WinDir%\optnet.dll
  %WinDir%\osaupd.exe
  %WinDir%\ossmart.dll
  %WinDir%\otbqqddozuh.exe
  %WinDir%\param32.dll
  %WinDir%\pasmew.dll
  %WinDir%\pbsysie.dll
  %WinDir%\picview.exe
  %WinDir%\pinch.exe
  %WinDir%\plotpp.tmp
  %WinDir%\pmkret.dll
  %WinDir%\policies.dll
  %WinDir%\policyverifier.exe
  %WinDir%\popnet???.dll
  %WinDir%\popuper.exe
  %WinDir%\preredir.bak.exe
  %WinDir%\process.exe
  %WinDir%\product_box.gif
  %WinDir%\psg.exe
  %WinDir%\pssms.dll
  %WinDir%\puygb.dll
  %WinDir%\Pynix.dll
  %WinDir%\pyzer0sl.exe
  %WinDir%\q??????_disk.dll
  %WinDir%\qnxplugin.dll
  %WinDir%\qrxbvy.exe
  %WinDir%\qscem.vob
  %WinDir%\questmod.dll
  %WinDir%\rbs.exe
  %WinDir%\red_warning_ico.gif
  %WinDir%\reg-freeze-*.gif
  %WinDir%\remadm32.dll
  %WinDir%\removeadware.ico
  %WinDir%\remove-spyware-btn.gif
  %WinDir%\remove_spyware_header.gif
  %WinDir%\retnsrp.dll
  %WinDir%\rf.gif
  %WinDir%\rf_header.gif
  %WinDir%\rfscanax.dll
  %WinDir%\rbs.exe
  %WinDir%\rmvgor.dll
  %WinDir%\run33.exe
  %WinDir%\runwin32.exe
  %WinDir%\rzs.exe
  %WinDir%\sachostx.exe
  %WinDir%\safe_and_trusted.gif
  %WinDir%\sapnet.dll
  %WinDir%\sawkip.exe
  %WinDir%\scan_btn.gif
  %WinDir%\sconf32.dll
  %WinDir%\screen.html
  %WinDir%\sdrmod.dll
  %WinDir%\se.exe
  %WinDir%\sec.exe
  %WinDir%\security.html
  %WinDir%\secure.html
  %WinDir%\secure32.html
  %WinDir%\secure32.php
  %WinDir%\secure?.html
  %WinDir%\SecureWin??.dll
  %WinDir%\SecureWin??.exe
  %WinDir%\security-center-*.gif
  %WinDir%\seksdialer.exe
  %WinDir%\sep_*.gif
  %WinDir%\se_spoof.dll
  %WinDir%\service.dll
  %WinDir%\settn.dll
  %WinDir%\setup.exe
  %WinDir%\sexpersonals.ico
  %WinDir%\sfita.exe
  %WinDir%\shell.exe
  %WinDir%\shginas.dll
  %WinDir%\shopping.ico
  %WinDir%\sites.ini
  %WinDir%\slassac.dll
  %WinDir%\smdat32m.sys
  %WinDir%\smgr.exe
  %WinDir%\soft.exe
  %WinDir%\sounddrv.dll
  %WinDir%\soundplugin.dll
  %WinDir%\sp2update00.exe
  %WinDir%\spacer.gif
  %WinDir%\spb32.dll
  %WinDir%\spp3.dll
  %WinDir%\spyware-detected.gif
  %WinDir%\spyware-sheriff-*.gif
  %WinDir%\spy_sys.exe
  %WinDir%\spywareremoval.ico
  %WinDir%\Spyware Remover.ico
  %WinDir%\sqlsyszs32.exe
  %WinDir%\ss1001.exe
  %WinDir%\ssk.exe
  %WinDir%\ssk3_b5.exe
  %WinDir%\sskb5.exe
  %WinDir%\sss_main.ini
  %WinDir%\star*.gif
  %WinDir%\stchost.exe
  %WinDir%\stup3.exe
  %WinDir%\style.css
  %WinDir%\susp.exe

  %WinDir%\privacy_danger


[2008-02-11]
File Version 1.0.7.1872

  O2 - BHO: Adobe PDF Reader Link Helper - {445A3D12-EBA3-4054-AB54-587BF3FF40EA} - C:\Windows\AcroIEHelper.dll
  %WinDir%\AcroIEHelper.dll
  [-HKEY_CLASSES_ROOT\AcroIEHelper.Video]
  [-HKEY_CLASSES_ROOT\AppID\AcroIEHelper.dll]
  [-HKEY_CLASSES_ROOT\AppID\{445A3D12-EBA3-4054-AB54-587BF3FF40EA}]
  [-HKEY_CLASSES_ROOT\CLSID\{445A3D12-EBA3-4054-AB54-587BF3FF40EA}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{445A3D12-EBA3-4054-AB54-587BF3FF40EA}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AcroIEHelper.Video]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\AcroIEHelper.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{445A3D12-EBA3-4054-AB54-587BF3FF40EA}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{445A3D12-EBA3-4054-AB54-587BF3FF40EA}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{445A3D12-EBA3-4054-AB54-587BF3FF40EA}]

  O2 - BHO: Adobe PDF Reader Link Helper - {54A98DD5-0357-4EF1-A698-BB08E73CF725} - C:\Windows\AcroIEHelper.dll
  [-HKEY_CLASSES_ROOT\AppID\{54A98DD5-0357-4EF1-A698-BB08E73CF725}]
  [-HKEY_CLASSES_ROOT\CLSID\{54A98DD5-0357-4EF1-A698-BB08E73CF725}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{54A98DD5-0357-4EF1-A698-BB08E73CF725}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{54A98DD5-0357-4EF1-A698-BB08E73CF725}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{54A98DD5-0357-4EF1-A698-BB08E73CF725}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54A98DD5-0357-4EF1-A698-BB08E73CF725}]

  O2 - BHO: Adobe PDF Reader Link Helper - {5CF87193-FD1E-4400-863D-FD9AFC5F402F} - C:\Windows\AcroIEHelper.dll
  [-HKEY_CLASSES_ROOT\AppID\{5CF87193-FD1E-4400-863D-FD9AFC5F402F}]
  [-HKEY_CLASSES_ROOT\CLSID\{5CF87193-FD1E-4400-863D-FD9AFC5F402F}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5CF87193-FD1E-4400-863D-FD9AFC5F402F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{5CF87193-FD1E-4400-863D-FD9AFC5F402F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5CF87193-FD1E-4400-863D-FD9AFC5F402F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CF87193-FD1E-4400-863D-FD9AFC5F402F}]

  O2 - BHO: Adobe PDF Reader Link Helper - {B782EDE4-CCB3-4E3E-981F-96C68116F38C} - C:\WINDOWS\system32\AcroIeHelp.dll
  O2 - BHO: Adobe PDF Reader Link Helper - {B782EDE4-CCB3-4E3E-981F-96C68116F38C} - C:\WINDOWS\system32\AcroIeHelpU2.dll
  %SystemDir%\AcroIeHelp.dll
  %SystemDir%\AcroIeHelpU2.dll
  [-HKEY_CLASSES_ROOT\AcroIEHelp.Video]
  [-HKEY_CLASSES_ROOT\AcroIEHelpU2.Video]
  [-HKEY_CLASSES_ROOT\AppID\AcroIEHelp.dll]
  [-HKEY_CLASSES_ROOT\AppID\AcroIEHelpU2.dll]
  [-HKEY_CLASSES_ROOT\AppID\{B782EDE4-CCB3-4E3E-981F-96C68116F38C}]
  [-HKEY_CLASSES_ROOT\CLSID\{B782EDE4-CCB3-4E3E-981F-96C68116F38C}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B782EDE4-CCB3-4E3E-981F-96C68116F38C}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AcroIEHelp.Video]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AcroIEHelpU2.Video]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\AcroIEHelp.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\AcroIEHelpU2.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B782EDE4-CCB3-4E3E-981F-96C68116F38C}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B782EDE4-CCB3-4E3E-981F-96C68116F38C}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B782EDE4-CCB3-4E3E-981F-96C68116F38C}]

  %AppDataDir%\Microsoft\Internet Explorer\Quick Launch\VirusHeat ?.?.lnk
  %StartMenuDir%\VirusHeat ?.?.lnk
  %ProgramsDir%\VirusHeat ?.?
  %DesktopDir%\VirusHeat ?.?.lnk
  %ProgramFilesDir%\VirusHeat ?.?
  %SystemDir%\iinqyl.dll
  %SystemDir%\wuuawkz.dll

  [-HKEY_CLASSES_ROOT\E404.e404mgr]
  [-HKEY_CLASSES_ROOT\E404.e404mgr.1]
  [-HKEY_CLASSES_ROOT\CLSID\{27CB634D-C84E-4C00-9B53-F5523601DBAD}]
  [-HKEY_CLASSES_ROOT\CLSID\{747E1FBE-B70F-441D-BBCA-6E536C04924A}]
  [-HKEY_CLASSES_ROOT\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}]
  [-HKEY_CLASSES_ROOT\Interface\{0979850F-6C3E-4294-B225-B3D3C4A6F2A1}]
  [-HKEY_CLASSES_ROOT\Interface\{1BB2DA5F-B78F-44EA-BDA1-771CBE1DEC68}]
  [-HKEY_CLASSES_ROOT\Interface\{2A4E73C5-BA3C-4391-B7E5-FFE8D3BD6245}]
  [-HKEY_CLASSES_ROOT\Interface\{44A923CA-F430-4F85-9F84-5153ECDB882E}]
  [-HKEY_CLASSES_ROOT\Interface\{4E6E21EC-9D72-4164-8A53-74786A467872}]
  [-HKEY_CLASSES_ROOT\Interface\{631E9E48-B066-43DA-92AC-6DADF61B173B}]
  [-HKEY_CLASSES_ROOT\Interface\{65C1361C-E696-4AF0-9E21-81910193F352}]
  [-HKEY_CLASSES_ROOT\Interface\{77DCE805-C8CE-48AA-A47F-BFA6CC7704B3}]
  [-HKEY_CLASSES_ROOT\Interface\{8D42769F-07D8-494D-AAB4-AA1652C541FA}]
  [-HKEY_CLASSES_ROOT\Interface\{A1922071-390C-418D-916D-91209E95D286}]
  [-HKEY_CLASSES_ROOT\Interface\{A1F8CD95-CFB3-43D1-A956-63441CC058C1}]
  [-HKEY_CLASSES_ROOT\Interface\{A63B46AD-96A7-4A2C-BD8F-8CD097E1593A}]
  [-HKEY_CLASSES_ROOT\Interface\{A65F98DD-2360-468C-B76E-B1B84C0D547C}]
  [-HKEY_CLASSES_ROOT\Interface\{AE2AEED0-BE1B-4BA2-826E-20D1991081B8}]
  [-HKEY_CLASSES_ROOT\Interface\{D7F73787-6206-4BBA-BDC0-7CFA9940DBCB}]
  [-HKEY_CLASSES_ROOT\Interface\{E770F739-2968-4ED9-A63C-DC1938DC82A2}]
  [-HKEY_CLASSES_ROOT\TypeLib\{CFAFA83C-855B-4E3D-92B9-A587995B675A}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{27CB634D-C84E-4C00-9B53-F5523601DBAD}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{747E1FBE-B70F-441D-BBCA-6E536C04924A}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{0979850F-6C3E-4294-B225-B3D3C4A6F2A1}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{1BB2DA5F-B78F-44EA-BDA1-771CBE1DEC68}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2A4E73C5-BA3C-4391-B7E5-FFE8D3BD6245}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{44A923CA-F430-4F85-9F84-5153ECDB882E}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4E6E21EC-9D72-4164-8A53-74786A467872}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{631E9E48-B066-43DA-92AC-6DADF61B173B}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{65C1361C-E696-4AF0-9E21-81910193F352}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{77DCE805-C8CE-48AA-A47F-BFA6CC7704B3}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{8D42769F-07D8-494D-AAB4-AA1652C541FA}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A1922071-390C-418D-916D-91209E95D286}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A1F8CD95-CFB3-43D1-A956-63441CC058C1}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A63B46AD-96A7-4A2C-BD8F-8CD097E1593A}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{A65F98DD-2360-468C-B76E-B1B84C0D547C}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{AE2AEED0-BE1B-4BA2-826E-20D1991081B8}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{D7F73787-6206-4BBA-BDC0-7CFA9940DBCB}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E770F739-2968-4ED9-A63C-DC1938DC82A2}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{CFAFA83C-855B-4E3D-92B9-A587995B675A}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\VirusHeat 3.9.exe 3.9]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F10587E9-0E47-4CBE-ABCD-7DD20B862223}]
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "VirusHeat 3.9"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
  "{27CB634D-C84E-4C00-9B53-F5523601DBAD}"=-
  "{747E1FBE-B70F-441D-BBCA-6E536C04924A}"=-
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
  "cariniana"=-
  "didact"=-
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusHeat 3.9]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\VirusHeat 3.9]

[2008-02-10]
File Version 1.0.7.1773

  Now displays Time Zone information in FixIEDef Log header.

  O2 - BHO: Office toolbar - {4722D065-A352-42FB-924C-EAEF5A1AE571} - C:\WINDOWS\sysosa.dll
  [-HKEY_CLASSES_ROOT\AppID\{4722D065-A352-42FB-924C-EAEF5A1AE571}]
  [-HKEY_CLASSES_ROOT\CLSID\{4722D065-A352-42FB-924C-EAEF5A1AE571}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4722D065-A352-42FB-924C-EAEF5A1AE571}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{4722D065-A352-42FB-924C-EAEF5A1AE571}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4722D065-A352-42FB-924C-EAEF5A1AE571}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4722D065-A352-42FB-924C-EAEF5A1AE571}]

  O2 - BHO: PDS Viewer - {5CB10D4A-0C14-4546-865D-935ECBFFA346} - C:\WINDOWS\pdswin.dll
  [-HKEY_CLASSES_ROOT\AppID\{5CB10D4A-0C14-4546-865D-935ECBFFA346}]
  [-HKEY_CLASSES_ROOT\CLSID\{5CB10D4A-0C14-4546-865D-935ECBFFA346}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5CB10D4A-0C14-4546-865D-935ECBFFA346}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{5CB10D4A-0C14-4546-865D-935ECBFFA346}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5CB10D4A-0C14-4546-865D-935ECBFFA346}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CB10D4A-0C14-4546-865D-935ECBFFA346}]

  O2 - BHO: Player - {242C7F77-BDAC-48B9-89E2-42940CBAE846} - C:\WINDOWS\orgnavi.dll
  [-HKEY_CLASSES_ROOT\AppID\{242C7F77-BDAC-48B9-89E2-42940CBAE846}]
  [-HKEY_CLASSES_ROOT\CLSID\{242C7F77-BDAC-48B9-89E2-42940CBAE846}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{242C7F77-BDAC-48B9-89E2-42940CBAE846}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{242C7F77-BDAC-48B9-89E2-42940CBAE846}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{242C7F77-BDAC-48B9-89E2-42940CBAE846}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{242C7F77-BDAC-48B9-89E2-42940CBAE846}]

  O2 - BHO: player addon - {6A219F2A-3ECA-4258-9A8A-FD7312EB7391} - C:\WINDOWS\oggview32.dll
  [-HKEY_CLASSES_ROOT\AppID\{6A219F2A-3ECA-4258-9A8A-FD7312EB7391}]
  [-HKEY_CLASSES_ROOT\CLSID\{6A219F2A-3ECA-4258-9A8A-FD7312EB7391}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6A219F2A-3ECA-4258-9A8A-FD7312EB7391}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{6A219F2A-3ECA-4258-9A8A-FD7312EB7391}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A219F2A-3ECA-4258-9A8A-FD7312EB7391}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A219F2A-3ECA-4258-9A8A-FD7312EB7391}]

  O2 - BHO: System DivX4 - {052FB21E-D259-485E-AA2A-FDD489D090F9} - C:\WINDOWS\System32\sysvideo32.dll
  [-HKEY_CLASSES_ROOT\AppID\{052FB21E-D259-485E-AA2A-FDD489D090F9}]
  [-HKEY_CLASSES_ROOT\CLSID\{052FB21E-D259-485E-AA2A-FDD489D090F9}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{052FB21E-D259-485E-AA2A-FDD489D090F9}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{052FB21E-D259-485E-AA2A-FDD489D090F9}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{052FB21E-D259-485E-AA2A-FDD489D090F9}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{052FB21E-D259-485E-AA2A-FDD489D090F9}]

  O2 - BHO: Video - {14A6B963-7C6C-414B-B5BD-9CD0929F928F} - C:\WINDOWS\stream32a.dll
  [-HKEY_CLASSES_ROOT\AppID\{14A6B963-7C6C-414B-B5BD-9CD0929F928F}]
  [-HKEY_CLASSES_ROOT\CLSID\{14A6B963-7C6C-414B-B5BD-9CD0929F928F}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14A6B963-7C6C-414B-B5BD-9CD0929F928F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{14A6B963-7C6C-414B-B5BD-9CD0929F928F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14A6B963-7C6C-414B-B5BD-9CD0929F928F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14A6B963-7C6C-414B-B5BD-9CD0929F928F}]

  O2 - BHO: Video - {6D64B03B-3B93-4AF2-BFC6-01264A4C7F2A} - C:\WINDOWS\msvideo.dll
  [-HKEY_CLASSES_ROOT\AppID\{6D64B03B-3B93-4AF2-BFC6-01264A4C7F2A}]
  [-HKEY_CLASSES_ROOT\CLSID\{6D64B03B-3B93-4AF2-BFC6-01264A4C7F2A}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6D64B03B-3B93-4AF2-BFC6-01264A4C7F2A}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{6D64B03B-3B93-4AF2-BFC6-01264A4C7F2A}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6D64B03B-3B93-4AF2-BFC6-01264A4C7F2A}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D64B03B-3B93-4AF2-BFC6-01264A4C7F2A}]

  O2 - BHO: Video DivX 3.12 - {16096942-15C5-4629-BD81-00A46B2408CA} - C:\WINDOWS\system32\sysdivx.dll
  [-HKEY_CLASSES_ROOT\AppID\{16096942-15C5-4629-BD81-00A46B2408CA}]
  [-HKEY_CLASSES_ROOT\CLSID\{16096942-15C5-4629-BD81-00A46B2408CA}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{16096942-15C5-4629-BD81-00A46B2408CA}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{16096942-15C5-4629-BD81-00A46B2408CA}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{16096942-15C5-4629-BD81-00A46B2408CA}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{16096942-15C5-4629-BD81-00A46B2408CA}]

  O2 - BHO: Video DivX 3.12 - {BB2A8FD4-B015-43C4-A282-904FDF8B2F09} - C:\WINDOWS\system32\sysdivx.dll
  [-HKEY_CLASSES_ROOT\AppID\{BB2A8FD4-B015-43C4-A282-904FDF8B2F09}]
  [-HKEY_CLASSES_ROOT\CLSID\{BB2A8FD4-B015-43C4-A282-904FDF8B2F09}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BB2A8FD4-B015-43C4-A282-904FDF8B2F09}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{BB2A8FD4-B015-43C4-A282-904FDF8B2F09}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BB2A8FD4-B015-43C4-A282-904FDF8B2F09}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BB2A8FD4-B015-43C4-A282-904FDF8B2F09}]

  O2 - BHO: Video DivX 3.12 - {E4DF0054-13B7-4A75-967E-1CC787C69FAA} - C:\WINDOWS\system32\sysdivx.dll
  [-HKEY_CLASSES_ROOT\AppID\{E4DF0054-13B7-4A75-967E-1CC787C69FAA}]
  [-HKEY_CLASSES_ROOT\CLSID\{E4DF0054-13B7-4A75-967E-1CC787C69FAA}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E4DF0054-13B7-4A75-967E-1CC787C69FAA}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{E4DF0054-13B7-4A75-967E-1CC787C69FAA}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E4DF0054-13B7-4A75-967E-1CC787C69FAA}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E4DF0054-13B7-4A75-967E-1CC787C69FAA}]

  O2 - BHO: Video On-line - {333E0189-EB79-4D24-BA64-FAF768284313} - C:\WINDOWS\system32\PowerVideo.dll
  [-HKEY_CLASSES_ROOT\AppID\{333E0189-EB79-4D24-BA64-FAF768284313}]
  [-HKEY_CLASSES_ROOT\CLSID\{333E0189-EB79-4D24-BA64-FAF768284313}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{333E0189-EB79-4D24-BA64-FAF768284313}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{333E0189-EB79-4D24-BA64-FAF768284313}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{333E0189-EB79-4D24-BA64-FAF768284313}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{333E0189-EB79-4D24-BA64-FAF768284313}]

  O2 - BHO: Video On-line - {5AF8125F-9BB3-482D-8B49-B4B3E9D8DB59} - C:\WINDOWS\system32\PowerVideo.dll
  [-HKEY_CLASSES_ROOT\AppID\{5AF8125F-9BB3-482D-8B49-B4B3E9D8DB59}]
  [-HKEY_CLASSES_ROOT\CLSID\{5AF8125F-9BB3-482D-8B49-B4B3E9D8DB59}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5AF8125F-9BB3-482D-8B49-B4B3E9D8DB59}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{5AF8125F-9BB3-482D-8B49-B4B3E9D8DB59}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5AF8125F-9BB3-482D-8B49-B4B3E9D8DB59}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5AF8125F-9BB3-482D-8B49-B4B3E9D8DB59}]

  O2 - BHO: Video On-line - {7D8BD0D7-8FD8-48CB-A0B5-472F68B92BC4} - C:\WINDOWS\system32\PowerVideo.dll
  [-HKEY_CLASSES_ROOT\AppID\{7D8BD0D7-8FD8-48CB-A0B5-472F68B92BC4}]
  [-HKEY_CLASSES_ROOT\CLSID\{7D8BD0D7-8FD8-48CB-A0B5-472F68B92BC4}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7D8BD0D7-8FD8-48CB-A0B5-472F68B92BC4}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7D8BD0D7-8FD8-48CB-A0B5-472F68B92BC4}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7D8BD0D7-8FD8-48CB-A0B5-472F68B92BC4}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7D8BD0D7-8FD8-48CB-A0B5-472F68B92BC4}]

  O2 - BHO: Video On-line - {EF425F00-2D4C-4273-A610-3403026681A6} - C:\WINDOWS\System32\PowerVideo.dll
  [-HKEY_CLASSES_ROOT\AppID\{EF425F00-2D4C-4273-A610-3403026681A6}]
  [-HKEY_CLASSES_ROOT\CLSID\{EF425F00-2D4C-4273-A610-3403026681A64}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF425F00-2D4C-4273-A610-3403026681A6}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{EF425F00-2D4C-4273-A610-3403026681A6}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EF425F00-2D4C-4273-A610-3403026681A6}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF425F00-2D4C-4273-A610-3403026681A6}]

  %WinDir%\flag.bla
  %WinDir%\footer.gif
  %WinDir%\footer.jpg
  %WinDir%\footer_back.gif
  %WinDir%\footer_back.jpg
  %WinDir%\foxflpd.exe
  %WinDir%\free-scan-btn.gif
  %WinDir%\free_scan_red_btn.gif
  %WinDir%\fsg32.exe
  %WinDir%\gadf32.exe
  %WinDir%\gbesgr.exe
  %WinDir%\gimmygames.dat
  %WinDir%\gimmygames?.exe
  %WinDir%\gimmygames??.exe
  %WinDir%\gimmygames???.exe
  %WinDir%\gormet.dll
  %WinDir%\h-line-gradient.gif
  %WinDir%\hammer.exe
  %WinDir%\hcwprn.exe
  %WinDir%\hdtip.dll
  %WinDir%\header_*.gif
  %WinDir%\hjoqor.dll
  %WinDir%\hostctrl.dll
  %WinDir%\hosts
  %WinDir%\hstsys.dll
  %WinDir%\htunistock.dll
  %WinDir%\hupsrv.dll
  %WinDir%\icon_warning_big.gif
  %WinDir%\iebrowser.dll
  %WinDir%\iecontext.dll
  %WinDir%\iedebug.dll
  %WinDir%\iedrives.dll
  %WinDir%\iedrv.exe
  %WinDir%\iedrvctrl.exe
  %WinDir%\IEMonitor.ocx
  %WinDir%\ieproxy.dll
  %WinDir%\ieredir.vir.exe
  %WinDir%\iereport.dll
  %WinDir%\iesettings.dll
  %WinDir%\iesup.dll
  %WinDir%\iesupport.dll
  %WinDir%\ietools.dll
  %WinDir%\ievpnctrl.dll
  %WinDir%\iexplore.dll
  %WinDir%\iexploree.dll
  %WinDir%\ieyi.dll
  %WinDir%\index_dsp.html
  %WinDir%\inetloader.dll
  %WinDir%\infected.gif
  %WinDir%\infected_top_bg.gif
  %WinDir%\info.gif
  %WinDir%\intercept.dll
  %WinDir%\ipwyp???.dll
  %WinDir%\iun6002.exe
  %WinDir%\jetctrl.dll
  %WinDir%\jokvip.exe
  %WinDir%\jokwmp.dll
  %WinDir%\kbdctrl.dll
  %WinDir%\keyboard1.dat
  %WinDir%\keyboard?.exe
  %WinDir%\keyboard??.exe
  %WinDir%\keydsp.exe
  %WinDir%\kkcomp.dll
  %WinDir%\kkcomp.exe
  %WinDir%\kkcomp.old
  %WinDir%\kkcomp.tmp
  %WinDir%\kl?.exe
  %WinDir%\kl.txt
  %WinDir%\kliksoftware.exe
  %WinDir%\kopmet.dll
  %WinDir%\kthemup.exe
  %WinDir%\kvnab.dll
  %WinDir%\kvnab.exe
  %WinDir%\kvnab.ini
  %WinDir%\kvnab.old
  %WinDir%\kvnab.tmp
  %WinDir%\kvnab$.exe
  %WinDir%\ldsm.exe
  %WinDir%\leorop.dll
  %WinDir%\libasco.exe
  %WinDir%\liqad.dll
  %WinDir%\liqad.exe
  %WinDir%\liqad.ini
  %WinDir%\liqad.old
  %WinDir%\liqad.tmp
  %WinDir%\liqui.dll
  %WinDir%\liqui.exe
  %WinDir%\liqui.ini
  %WinDir%\liqui.old
  %WinDir%\liqui?.tmp

  %WinDir%\inet200??
  %WinDir%\inetdata

[2008-02-09]
File Version 1.0.6.1593

  O2 - BHO: Sysem Player - {D70E28A7-AA79-4D62-A59F-87024840BB62} - C:\WINDOWS\sysvol32.dll
  [-HKEY_CLASSES_ROOT\AppID\{D70E28A7-AA79-4D62-A59F-87024840BB62}]
  [-HKEY_CLASSES_ROOT\CLSID\{D70E28A7-AA79-4D62-A59F-87024840BB62}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D70E28A7-AA79-4D62-A59F-87024840BB62}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D70E28A7-AA79-4D62-A59F-87024840BB62}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D70E28A7-AA79-4D62-A59F-87024840BB62}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D70E28A7-AA79-4D62-A59F-87024840BB62}]

  O2 - BHO: Sysem Player - {EDB33932-35A4-4566-9FBC-5750DCAF8F89} - C:\WINDOWS\sysvol32.dll
  [-HKEY_CLASSES_ROOT\AppID\{EDB33932-35A4-4566-9FBC-5750DCAF8F89}]
  [-HKEY_CLASSES_ROOT\CLSID\{EDB33932-35A4-4566-9FBC-5750DCAF8F89}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EDB33932-35A4-4566-9FBC-5750DCAF8F89}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{EDB33932-35A4-4566-9FBC-5750DCAF8F89}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EDB33932-35A4-4566-9FBC-5750DCAF8F89}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EDB33932-35A4-4566-9FBC-5750DCAF8F89}]

  %CommonProgramFiles%\Microsoft Shared\Web Folders\ibm000??.*
  %CommonProgramFiles%\Microsoft Shared\Web Folders\_ibm000??.*
  %WinDir%\as.gif
  %WinDir%\as_header.gif
  %WinDir%\asupdate.exe
  %WinDir%\at.exe
  %WinDir%\aupdate32.exe
  %WinDir%\avalon_6.txt
  %WinDir%\avp.exe
  %WinDir%\azdd.exe
  %WinDir%\azentretien.dll
  %WinDir%\azesearch.bmp
  %WinDir%\azesearch3.dll
  %WinDir%\azesearch4.ocx
  %WinDir%\back.gif
  %WinDir%\bandserv.dll
  %WinDir%\banmanpro.exe
  %WinDir%\bg.gif
  %WinDir%\bg_bg.gif
  %WinDir%\big_red_x.gif
  %WinDir%\bindmod.dll
  %WinDir%\bklgvsf.dll
  %WinDir%\blank.mht
  %WinDir%\blopenv???.dll
  %WinDir%\blue-bg.gif
  %WinDir%\bndsr???.dll
  %WinDir%\bonrep.dll
  %WinDir%\bonsws.dll
  %WinDir%\booterror.exe
  %WinDir%\bootlog2.exe
  %WinDir%\box_*.gif
  %WinDir%\bspsupport.exe
  %WinDir%\btgrab.dll
  %WinDir%\button_buynow.gif
  %WinDir%\button_freescan.gif
  %WinDir%\buy-btn.gif
  %WinDir%\buy_now.gif
  %WinDir%\bvtqfvx.dll
  %WinDir%\bxproxy.exe
  %WinDir%\bxsbang.dll
  %WinDir%\casino.ico
  %WinDir%\cb5b5629a145a3b29ab93f90a63566a1.exe
  %WinDir%\cbinst$.exe
  %WinDir%\cc.exe
  %WinDir%\ceres.dll
  %WinDir%\click_for_free_scan.gif
  %WinDir%\close-bar.gif
  %WinDir%\close_ico.gif
  %WinDir%\cmdmgr3.exe
  %WinDir%\comfix.bat
  %WinDir%\corner-left.gif
  %WinDir%\corner-right.gif
  %WinDir%\consol32.exe
  %WinDir%\country.exe
  %WinDir%\countrydial.exe
  %WinDir%\cracrwinz.exe
  %WinDir%\ddesupport.dll
  %WinDir%\ddkret.dll
  %WinDir%\de.exe
  %WinDir%\default.htm
  %WinDir%\defender1.exe
  %WinDir%\degbes.exe
  %WinDir%\desktop.exe
  %WinDir%\desktop.html
  %WinDir%\DHU.exe
  %WinDir%\dinst.exe
  %WinDir%\div32.dll
  %WinDir%\dl.exe
  %WinDir%\dll2.dll
  %WinDir%\dlm.exe
  %WinDir%\dlmax.dll
  %WinDir%\dlx.exe
  %WinDir%\dollar.exe
  %WinDir%\domnftw???.dll
  %WinDir%\download.gif
  %WinDir%\download_box.gif
  %WinDir%\download-btn.gif
  %WinDir%\download_product.gif
  %WinDir%\dp.dll
  %WinDir%\dp2_log.txt
  %WinDir%\dpe.dll
  %WinDir%\dped.dll
  %WinDir%\dpr.dll
  %WinDir%\drsmartload*.dat
  %WinDir%\drsmartload~1.exe
  %WinDir%\dsr.dll
  %WinDir%\dsr.exe
  %WinDir%\duocore.dll
  %WinDir%\dvpd.dll
  %WinDir%\dxpvqlmgtv.dll
  %WinDir%\efml.exe
  %WinDir%\elos.exe
  %WinDir%\enewsletterpro.exe
  %WinDir%\ensfolr.dll
  %WinDir%\errorfix.exe
  %WinDir%\exp.vbs
  %WinDir%\expro.dll
  %WinDir%\exrem.ini
  %WinDir%\extctrl.dll
  %WinDir%\facts.gif
  %WinDir%\features.gif
  %WinDir%\fhfmm.dll
  %WinDir%\fhfmm.exe
  %WinDir%\fhfmm.txt
  %WinDir%\fhfmm?.tmp


[2008-02-08]
File Version 1.0.6.1469

  O2 - BHO: Sysem Player - {861EA552-6309-490A-AC97-1F574E730CF1} - C:\WINDOWS\sysvol32.dll
  [-HKEY_CLASSES_ROOT\AppID\{861EA552-6309-490A-AC97-1F574E730CF1}]
  [-HKEY_CLASSES_ROOT\CLSID\{861EA552-6309-490A-AC97-1F574E730CF1}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{861EA552-6309-490A-AC97-1F574E730CF1}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{861EA552-6309-490A-AC97-1F574E730CF1}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{861EA552-6309-490A-AC97-1F574E730CF1}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{861EA552-6309-490A-AC97-1F574E730CF1}]

[2008-02-07]
File Version 1.0.6.1463

  Bug Fix - logic error in determination of FilePath

File Version 1.0.5.1463

  O2 - BHO: Sysem Player - {2AE4C401-AAC4-4F41-9665-1EC88C3BDD7D} - C:\WINDOWS\sysvol32.dll
  %WinDir%\sysvol32.dll
  [-HKEY_CLASSES_ROOT\sysvol32.Video]
  [-HKEY_CLASSES_ROOT\AppID\sysvol32.dll]
  [-HKEY_CLASSES_ROOT\AppID\{2AE4C401-AAC4-4F41-9665-1EC88C3BDD7D}]
  [-HKEY_CLASSES_ROOT\CLSID\{2AE4C401-AAC4-4F41-9665-1EC88C3BDD7D}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2AE4C401-AAC4-4F41-9665-1EC88C3BDD7D}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sysvol32.Video]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\sysvol32.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{2AE4C401-AAC4-4F41-9665-1EC88C3BDD7D}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2AE4C401-AAC4-4F41-9665-1EC88C3BDD7D}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2AE4C401-AAC4-4F41-9665-1EC88C3BDD7D}]

[2008-02-06]
File Version 1.0.5.1450
  When removing directories first checks that the FileObject is in fact a directory before executing file operations and removing the directory.

  O2 - BHO: Player - {22347AEE-A37A-45D3-8804-FDC7F9289CE1} - C:\WINDOWS\orgnavi.dll
  [-HKEY_CLASSES_ROOT\AppID\{22347AEE-A37A-45D3-8804-FDC7F9289CE}]
  [-HKEY_CLASSES_ROOT\CLSID\{22347AEE-A37A-45D3-8804-FDC7F9289CE}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{22347AEE-A37A-45D3-8804-FDC7F9289CE}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{22347AEE-A37A-45D3-8804-FDC7F9289CE}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{22347AEE-A37A-45D3-8804-FDC7F9289CE}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22347AEE-A37A-45D3-8804-FDC7F9289CE}]

  O2 - BHO: Player - {72AC05E3-89FD-42BB-A646-C2EE381A4908} - C:\WINDOWS\orgnavi.dll
  [-HKEY_CLASSES_ROOT\AppID\{72AC05E3-89FD-42BB-A646-C2EE381A4908}]
  [-HKEY_CLASSES_ROOT\CLSID\{72AC05E3-89FD-42BB-A646-C2EE381A4908}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{72AC05E3-89FD-42BB-A646-C2EE381A4908}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{72AC05E3-89FD-42BB-A646-C2EE381A4908}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72AC05E3-89FD-42BB-A646-C2EE381A4908}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72AC05E3-89FD-42BB-A646-C2EE381A4908}]

  O2 - BHO: Player - {E5AF0624-F539-47D9-BA37-D8B339E858F4} - C:\WINDOWS\orgnavi.dll
  [-HKEY_CLASSES_ROOT\AppID\{E5AF0624-F539-47D9-BA37-D8B339E858F4}]
  [-HKEY_CLASSES_ROOT\CLSID\{E5AF0624-F539-47D9-BA37-D8B339E858F4}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E5AF0624-F539-47D9-BA37-D8B339E858F4}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{E5AF0624-F539-47D9-BA37-D8B339E858F4}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E5AF0624-F539-47D9-BA37-D8B339E858F4}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E5AF0624-F539-47D9-BA37-D8B339E858F4}]

  %SystemDrive%\applog\redir32.lgc
  %SystemDrive%\My Documents\naamloos.bmp
  %ProgamFiles%\pgybc.exe
  %ProgamFiles%\secure32.html
  %ProgamFiles%\mpvideocodec
  %ProgamFiles%\MrAntispy
  %ProgamFiles%\MSmessangerapi
  %ProgamFiles%\My Pass Generator
  %ProgamFiles%\Need2Find
  %ProgamFiles%\netpumper
  %ProgamFiles%\Netscape\Netscape Browser\plugins\NPNd2fn.dll
  %ProgamFiles%\NewMediaCodec
  %ProgamFiles%\Oemji
  %ProgamFiles%\Ofb11
  %ProgamFiles%\online add-on
  %ProgamFiles%\online video add-on
  %ProgamFiles%\p2pnetworks
  %ProgamFiles%\PCODEC
  %ProgamFiles%\PCTurboPro_Free
  %ProgamFiles%\Perfect Codec
  %ProgamFiles%\PestCapture
  %ProgamFiles%\pesttrap
  %ProgamFiles%\popupwall
  %ProgamFiles%\pornpass manager
  %ProgamFiles%\PornMag Pass
  %ProgamFiles%\PowerCodec
  %ProgamFiles%\PrivacyKit
  %ProgamFiles%\PrivacyProtector Free
  %ProgamFiles%\Protection Tools
  %ProgamFiles%\p.s.guard
  %ProgamFiles%\psguard
  %ProgamFiles%\QualityCodec
  %ProgamFiles%\RegistryCleaner
  %ProgamFiles%\RegistryCleanerxp
  %ProgamFiles%\RemedyAntispy
  %ProgamFiles%\RichVideoCodec
  %ProgamFiles%\Safety Bar
  %ProgamFiles%\SearchSpy
  %ProgamFiles%\SecureMYpc
  %ProgamFiles%\SecurePCCleaner
  %ProgamFiles%\Security Toolbar
  %ProgamFiles%\Security Tools
  %ProgamFiles%\SelectiveAdmission
  %ProgamFiles%\Silver Codec
  %ProgamFiles%\SiteEntry
  %ProgamFiles%\SoftCodec
  %ProgamFiles%\SpyAway
  %ProgamFiles%\spyaxe
  %ProgamFiles%\SpyBro
  %ProgamFiles%\SpyCrush*
  %ProgamFiles%\SpyDawn
  %ProgamFiles%\SpyFalcon
  %ProgamFiles%\SpyGuard
  %ProgamFiles%\SpyHeal
  %ProgamFiles%\spyhealer
  %ProgamFiles%\SpyHeals
  %ProgamFiles%\Spy-Heal
  %ProgamFiles%\SpyLax
  %ProgamFiles%\SpyLocked*
  %ProgamFiles%\spy officer
  %ProgamFiles%\Spy-Quake2.com
  %ProgamFiles%\spy-shield
  %ProgamFiles%\spyshield
  %ProgamFiles%\SpyShield Demo
  %ProgamFiles%\SpyKiller
  %ProgamFiles%\SpyShredder
  %ProgamFiles%\SpySpotter*
  %ProgamFiles%\SpySheriff
  %ProgamFiles%\spywareaxe
  %ProgamFiles%\SpywareBot
  %ProgamFiles%\SpywareHeal
  %ProgamFiles%\SpywareLock
  %ProgamFiles%\SpywareLocked*
  %ProgamFiles%\Spyware Soft Stop
  %ProgamFiles%\SpywareQuake*
  %ProgamFiles%\spywarewall
  %ProgamFiles%\strCodec
  %ProgamFiles%\Super Codec
  %ProgamFiles%\SurfSideKick*
  %ProgamFiles%\SysObjectsEX
  %ProgamFiles%\System Alert Popup
  %ProgamFiles%\systemdoctor 2006 free
  %ProgamFiles%\TagASaurus
  %ProgamFiles%\tbonas
  %ProgamFiles%\tbonbin
  %ProgamFiles%\TitanShield Antispyware
  %ProgamFiles%\TrueCodec
  %ProgamFiles%\trustedprotection
  %ProgamFiles%\TrustIn Bar
  %ProgamFiles%\TrustIn Search
  %ProgamFiles%\TrustIn Contextual
  %ProgamFiles%\TrustIn Popups
  %ProgamFiles%\ultimate defender
  %ProgamFiles%\VAXCodec
  %ProgamFiles%\VCClient
  %ProgamFiles%\VidCodecs
  %ProgamFiles%\VideoAccessCodec
  %ProgamFiles%\Video ActiveX Access
  %ProgamFiles%\video access activex object
  %ProgamFiles%\Video ActiveX Object
  %ProgamFiles%\Video Add-on
  %ProgamFiles%\Video Add-on Setup
  %ProgamFiles%\VideoBox
  %ProgamFiles%\Video AX Object
  %ProgamFiles%\VideoCompressionCodec
  %ProgamFiles%\video icodec
  %ProgamFiles%\VideoKeyCodec
  %ProgamFiles%\VideoPlugin
  %ProgamFiles%\VideosCodec
  %ProgamFiles%\VirusBlast
  %ProgamFiles%\VirusBlasters
  %ProgamFiles%\VirusBurst
  %ProgamFiles%\Virus-Burst
  %ProgamFiles%\VirusBurster
  %ProgamFiles%\VirusBursters
  %ProgamFiles%\Virus-Bursters
  %ProgamFiles%\VirusHeal*
  %ProgamFiles%\VirusLocker
  %ProgamFiles%\VirusProtect*
  %ProgamFiles%\VirusProtectPro*
  %ProgamFiles%\VirusRay*
  %ProgamFiles%\VirusRescue
  %ProgamFiles%\virusvakt
  %ProgamFiles%\vb
  %ProgamFiles%\VSAdd-in
  %ProgamFiles%\WatchPorn
  %ProgamFiles%\WebSecureAlert
  %ProgamFiles%\WebSpyShield
  %ProgamFiles%\Win32z1Messenger
  %ProgamFiles%\WinAntiSpyware*
  %ProgamFiles%\WinAntiVirus*
  %ProgamFiles%\WinMediaCodec
  %ProgamFiles%\WinMsg
  %ProgamFiles%\wsnpoem
  %ProgamFiles%\xpantivirus
  %ProgamFiles%\x password generator
  %ProgamFiles%\x password manager
  %ProgamFiles%\XXXAccess
  %ProgamFiles%\XXXPlugin
  %ProgamFiles%\xxxVideo Access ActiveX Object
  %ProgamFiles%\zipcodec
  %CommonProgramFiles%\commgr32.dll
  %CommonProgramFiles%\ers_startupmon.exe
  %CommonProgramFiles%\msio32.dll
  %CommonProgramFiles%\trjdwnl2.dll
  %CommonProgramFiles%\AntiSpywareSuite
  %CommonProgramFiles%\AntivirusPCSuite
  %CommonProgramFiles%\AntiWorm2008
  %CommonProgramFiles%\Companion Wizard
  %CommonProgramFiles%\Microsoft Shared\dao\faq.url
  %CommonProgramFiles%\Microsoft Shared\dao\svchost.exe
  %CommonProgramFiles%\Microsoft Shared\dao\website.url
  %CommonProgramFiles%\Microsoft Shared\Web Folders\ibm0000?.*
  %CommonProgramFiles%\Microsoft Shared\Web Folders\_ibm0000?.*
  %CommonProgramFiles%\Microsoft Shared\Web Folders\tmp.tmp
  %CommonProgramFiles%\Microsoft Shared\Web Folders\MSInfo\InfoMz.Ime
  %CommonProgramFiles%\Oem Common
  %CommonProgramFiles%\PCTurboPro Free
  %CommonProgramFiles%\PrivacyProtector Free
  %CommonProgramFiles%\spywarequake
  %CommonProgramFiles%\trustedprotection
  %CommonProgramFiles%\vcclient
  %CommonProgramFiles%\virusvakt
  %CommonProgramFiles%\WinAntiSpyware*
  %CommonProgramFiles%\WinAntiVirus*
  %WinDir%\__delete_on_reboot__popuper.exe
  %WinDir%\__delete_on_reboot__q??????_disk.dll
  %WinDir%\_winlogon32.exe
  %WinDir%\1.bak.exe
  %WinDir%\3.exe
  %WinDir%\about_spyware_bg.gif
  %WinDir%\about_spyware_bottom.gif
  %WinDir%\admparsel.dll
  %WinDir%\adsldpbd.dll
  %WinDir%\adsldpbe.dll
  %WinDir%\adsldpbf.dll
  %WinDir%\adsldpbg.dll
  %WinDir%\adsldpbk.dll
  %WinDir%\adsldpbl.dll
  %WinDir%\adsldpby.dll
  %WinDir%\adsldpbz.dll
  %WinDir%\adtech2005.exe
  %WinDir%\adtech2006.exe
  %WinDir%\adtech2006a.exe
  %WinDir%\adult.ico
  %WinDir%\advpn.dll
  %WinDir%\advrep???.dll
  %WinDir%\adw.htm
  %WinDir%\adware-sheriff-box.gif
  %WinDir%\adware-sheriff-header.gif
  %WinDir%\affbun.txt
  %WinDir%\afxp.dll
  %WinDir%\alexaie.dll
  %WinDir%\alt.exe
  %WinDir%\alxie328.dll
  %WinDir%\alxtb1.dll
  %WinDir%\alxvdvm.dll
  %WinDir%\amewq32.exe
  %WinDir%\ampkfst.dll
  %WinDir%\antispylab-logo.gif
  %WinDir%\apsn.exe
  %WinDir%\aqehgef.exe
  %WinDir%\aqehgefa.exe
  %WinDir%\Desktop\awd_setup.exe
  %WinDir%\Desktop\PSGuardInstall.exe
  %WinDir%\Downloaded Program Files\azesearch.inf
  %WinDir%\Downloaded Program Files\CONFLICT.*\gdnUS2218.exe
  %WinDir%\Downloaded Program Files\gdnUS2218.exe
  %WinDir%\Downloaded Program Files\loader2.exe
  %WinDir%\Downloaded Program Files\saix.dll
  %WinDir%\Downloaded Program Files\usdr6_0001_???????netinstaller.exe
  %WinDir%\Downloaded Program Files\usdr6t_0001_d13m1007netinstaller.exe
  %WinDir%\Downloaded Program Files\win32.exe
  %WinDir%\tasks\AntiSpyware Scheduled Scan.job
  %WinDir%\tasks\AntiSpywareBot Scheduled Scan.job
  %WinDir%\TEMP\childporn.wmv
  %WinDir%\TEMP\PSGuardInstall.exe
  %WinDir%\TEMP\sa?.exe
  %WinDir%\TEMP\sa??.exe
  %WinDir%\TEMP\sa???.exe
  %WinDir%\TEMP\sa????.exe
  %WinDir%\TEMP\sqlanguage.ini
  %WinDir%\TEMP\win??.tmp.exe
  %WinDir%\TEMP\win???.tmp.exe
  %WinDir%\TEMP\win????.tmp.exe
  %WinDir%\web\desktop.html
  %WinDir%\web\i_??.gif
  %WinDir%\web\wallpaper.html

[2008-02-02]
File Version 1.0.1.1200
  Refined determining of OS Type, will display Windows 2000 Professional, Windows XP Home, Windows XP Professional, Windows Vista Home Basic, etc.

  O2 - BHO: Office toolbar - {88452E1F-D91A-4A66-AA39-FD53F15B13AF} - C:\WINDOWS\sysosa.dll
  [-HKEY_CLASSES_ROOT\AppID\{88452E1F-D91A-4A66-AA39-FD53F15B13AF}]
  [-HKEY_CLASSES_ROOT\CLSID\{88452E1F-D91A-4A66-AA39-FD53F15B13AF}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{88452E1F-D91A-4A66-AA39-FD53F15B13AF}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{88452E1F-D91A-4A66-AA39-FD53F15B13AF}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{88452E1F-D91A-4A66-AA39-FD53F15B13AF}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88452E1F-D91A-4A66-AA39-FD53F15B13AF}]

  O2 - BHO: Office toolbar - {BC660FC4-4B54-4CC7-AC65-23B0CA1FBBB0} - C:\WINDOWS\sysosa.dll
  [-HKEY_CLASSES_ROOT\AppID\{BC660FC4-4B54-4CC7-AC65-23B0CA1FBBB0}]
  [-HKEY_CLASSES_ROOT\CLSID\{BC660FC4-4B54-4CC7-AC65-23B0CA1FBBB0}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BC660FC4-4B54-4CC7-AC65-23B0CA1FBBB0}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{BC660FC4-4B54-4CC7-AC65-23B0CA1FBBB0}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BC660FC4-4B54-4CC7-AC65-23B0CA1FBBB0}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BC660FC4-4B54-4CC7-AC65-23B0CA1FBBB0}]

  O2 - BHO: Player - {2B75E214-4DE0-4BDC-AE5D-63FAA5BA02AE} - C:\WINDOWS\orgnavi.dll
  [-HKEY_CLASSES_ROOT\AppID\{2B75E214-4DE0-4BDC-AE5D-63FAA5BA02AE}]
  [-HKEY_CLASSES_ROOT\CLSID\{2B75E214-4DE0-4BDC-AE5D-63FAA5BA02AE}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2B75E214-4DE0-4BDC-AE5D-63FAA5BA02AE}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{2B75E214-4DE0-4BDC-AE5D-63FAA5BA02AE}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2B75E214-4DE0-4BDC-AE5D-63FAA5BA02AE}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2B75E214-4DE0-4BDC-AE5D-63FAA5BA02AE}]

  O2 - BHO: Player - {8109B74C-F63F-43EA-84A4-3D43351C4021} - C:\WINDOWS\orgnavi.dll
  [-HKEY_CLASSES_ROOT\AppID\{8109B74C-F63F-43EA-84A4-3D43351C4021}]
  [-HKEY_CLASSES_ROOT\CLSID\{8109B74C-F63F-43EA-84A4-3D43351C4021}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8109B74C-F63F-43EA-84A4-3D43351C4021}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{8109B74C-F63F-43EA-84A4-3D43351C4021}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8109B74C-F63F-43EA-84A4-3D43351C4021}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8109B74C-F63F-43EA-84A4-3D43351C4021}]

  O2 - BHO: Player - {83FD1F86-B40A-41EE-8512-929F005ED2A8} - C:\WINDOWS\orgnavi.dll
  [-HKEY_CLASSES_ROOT\AppID\{83FD1F86-B40A-41EE-8512-929F005ED2A8}]
  [-HKEY_CLASSES_ROOT\CLSID\{83FD1F86-B40A-41EE-8512-929F005ED2A8}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FD1F86-B40A-41EE-8512-929F005ED2A8}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{83FD1F86-B40A-41EE-8512-929F005ED2A8}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{83FD1F86-B40A-41EE-8512-929F005ED2A8}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FD1F86-B40A-41EE-8512-929F005ED2A8}]

  O2 - BHO: Player - {AAED19A0-D72D-4AD1-8F94-B53D36C835A7} - C:\WINDOWS\orgnavi.dll
  [-HKEY_CLASSES_ROOT\AppID\{AAED19A0-D72D-4AD1-8F94-B53D36C835A7}]
  [-HKEY_CLASSES_ROOT\CLSID\{AAED19A0-D72D-4AD1-8F94-B53D36C835A7}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AAED19A0-D72D-4AD1-8F94-B53D36C835A7}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AAED19A0-D72D-4AD1-8F94-B53D36C835A7}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AAED19A0-D72D-4AD1-8F94-B53D36C835A7}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AAED19A0-D72D-4AD1-8F94-B53D36C835A7}]

  O2 - BHO: Player - {B5307BCB-64A5-4416-9BC2-5AF01DB90123} - C:\WINDOWS\orgnavi.dll
  [-HKEY_CLASSES_ROOT\AppID\{B5307BCB-64A5-4416-9BC2-5AF01DB90123}]
  [-HKEY_CLASSES_ROOT\CLSID\{B5307BCB-64A5-4416-9BC2-5AF01DB90123}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B5307BCB-64A5-4416-9BC2-5AF01DB90123}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B5307BCB-64A5-4416-9BC2-5AF01DB90123}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B5307BCB-64A5-4416-9BC2-5AF01DB90123}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B5307BCB-64A5-4416-9BC2-5AF01DB90123}]

  O2 - BHO: Player - {BA2020CE-AF34-4B1A-82D4-507C7F002079} - C:\WINDOWS\orgnavi.dll
  [-HKEY_CLASSES_ROOT\AppID\{BA2020CE-AF34-4B1A-82D4-507C7F002079}]
  [-HKEY_CLASSES_ROOT\CLSID\{BA2020CE-AF34-4B1A-82D4-507C7F002079}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA2020CE-AF34-4B1A-82D4-507C7F002079}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{BA2020CE-AF34-4B1A-82D4-507C7F002079}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BA2020CE-AF34-4B1A-82D4-507C7F002079}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA2020CE-AF34-4B1A-82D4-507C7F002079}]

  O2 - BHO: Player - {D989E9EA-8F56-4864-A1EA-2F9059A421BE} - C:\WINDOWS\orgnavi.dll
  [-HKEY_CLASSES_ROOT\AppID\{D989E9EA-8F56-4864-A1EA-2F9059A421BE}]
  [-HKEY_CLASSES_ROOT\CLSID\{D989E9EA-8F56-4864-A1EA-2F9059A421BE}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D989E9EA-8F56-4864-A1EA-2F9059A421BE}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D989E9EA-8F56-4864-A1EA-2F9059A421BE}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D989E9EA-8F56-4864-A1EA-2F9059A421BE}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D989E9EA-8F56-4864-A1EA-2F9059A421BE}]

  O2 - BHO: Player - {F3DDAB38-C6E3-4EF8-A543-6E8625A61D93} - C:\WINDOWS\orgnavi.dll
  [-HKEY_CLASSES_ROOT\AppID\{F3DDAB38-C6E3-4EF8-A543-6E8625A61D93}]
  [-HKEY_CLASSES_ROOT\CLSID\{F3DDAB38-C6E3-4EF8-A543-6E8625A61D93}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3DDAB38-C6E3-4EF8-A543-6E8625A61D93}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F3DDAB38-C6E3-4EF8-A543-6E8625A61D93}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3DDAB38-C6E3-4EF8-A543-6E8625A61D93}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3DDAB38-C6E3-4EF8-A543-6E8625A61D93}]

  O2 - BHO: Player - {FAB71C44-8C45-43EF-B1BE-2E33076166D4} - C:\WINDOWS\orgnavi.dll
  [-HKEY_CLASSES_ROOT\AppID\{FAB71C44-8C45-43EF-B1BE-2E33076166D4}]
  [-HKEY_CLASSES_ROOT\CLSID\{FAB71C44-8C45-43EF-B1BE-2E33076166D4}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FAB71C44-8C45-43EF-B1BE-2E33076166D4}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{FAB71C44-8C45-43EF-B1BE-2E33076166D4}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FAB71C44-8C45-43EF-B1BE-2E33076166D4}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FAB71C44-8C45-43EF-B1BE-2E33076166D4}]

  O2 - BHO: Video decompressor - {12723304-463C-4377-8FEE-FCAB14BF8083} - C:\WINDOWS\pandsf.dll
  [-HKEY_CLASSES_ROOT\AppID\{12723304-463C-4377-8FEE-FCAB14BF8083}]
  [-HKEY_CLASSES_ROOT\CLSID\{12723304-463C-4377-8FEE-FCAB14BF8083}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{12723304-463C-4377-8FEE-FCAB14BF8083}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{12723304-463C-4377-8FEE-FCAB14BF8083}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{12723304-463C-4377-8FEE-FCAB14BF8083}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{12723304-463C-4377-8FEE-FCAB14BF8083}]

[2008-01-27]
File Version 1.0.0.1126
  O2 - BHO: Player - {99F785E5-5394-4826-A515-034A34A36377} - C:\WINDOWS\orgnavi.dll
  [-HKEY_CLASSES_ROOT\AppID\{99F785E5-5394-4826-A515-034A34A36377}]
  [-HKEY_CLASSES_ROOT\CLSID\{99F785E5-5394-4826-A515-034A34A36377}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99F785E5-5394-4826-A515-034A34A36377}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{99F785E5-5394-4826-A515-034A34A36377}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99F785E5-5394-4826-A515-034A34A36377}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99F785E5-5394-4826-A515-034A34A36377}]

  %ProgamFiles%\AntivirusGold
  %ProgamFiles%\AntivirusGolden
  %ProgamFiles%\AntivirusPCSuite
  %ProgamFiles%\AntiWorm2008
  %ProgamFiles%\appliedsearch_autoinstall
  %ProgamFiles%\AviCodecEX
  %ProgamFiles%\BazookaBar
  %ProgamFiles%\Brain Codec
  %ProgamFiles%\BraveSentry
  %ProgamFiles%\Break Spyware
  %ProgamFiles%\Codec Pack - All In 1
  %ProgamFiles%\codec_setup.exe
  %ProgamFiles%\ContraVirus
  %ProgamFiles%\Crystalys Media
  %ProgamFiles%\DigiKeygen
  %ProgamFiles%\digipass
  %ProgamFiles%\DioCleaner
  %ProgamFiles%\DriveCleaner 2006 Free
  %ProgamFiles%\elitecodec
  %ProgamFiles%\eMedia-Codec
  %ProgamFiles%\Error Safe
  %ProgamFiles%\Error Safe Free
  %ProgamFiles%\ExpertAntivirus
  %ProgamFiles%\ezPorn
  %ProgamFiles%\EZVideo
  %ProgamFiles%\FreeVideo
  %ProgamFiles%\Gold Codec
  %ProgamFiles%\helper
  %ProgamFiles%\HQ Codec
  %ProgamFiles%\HQvideoCodec
  %ProgamFiles%\iCodecPack
  %ProgamFiles%\IECodec
  %ProgamFiles%\image access activex object
  %ProgamFiles%\Image ActiveX Access
  %ProgamFiles%\Image ActiveX Object
  %ProgamFiles%\Image Add-on
  %ProgamFiles%\image ax object
  %ProgamFiles%\intcodec
  %ProgamFiles%\Internet Security
  %ProgamFiles%\iVideoCodec
  %ProgamFiles%\iWatchNow, Inc
  %ProgamFiles%\JPEG Encoder
  %ProgamFiles%\JustPorn
  %ProgamFiles%\keycodec
  %ProgamFiles%\Key Generator
  %ProgamFiles%\KeyToPorn
  %ProgamFiles%\Media-Codec
  %ProgamFiles%\mmediacodec
  %ProgamFiles%\MalwareAlarm
  %ProgamFiles%\MalwareCrush
  %ProgamFiles%\MalwareStopper
  %ProgamFiles%\malwarewipe
  %ProgamFiles%\malwarewiped
  %ProgamFiles%\malwarewipeds
  %ProgamFiles%\MalwareWipePro
  %ProgamFiles%\malwarewiper
  %ProgamFiles%\Media-Codec
  %ProgamFiles%\MediaCodec
  %ProgamFiles%\MediaCodec.ocx
  %ProgamFiles%\MMediaCodec
  %ProgamFiles%\MovieBox
  %ProgamFiles%\mozilla firefox\plugins\al2np.dll
  %ProgamFiles%\mozilla firefox\plugins\alhlp.exe
  %ProgamFiles%\mozilla firefox\plugins\npalnn.dll
  %ProgamFiles%\mozilla firefox\plugins\NPND2FN.DLL
  %ProgamFiles%\MW
  %ProgamFiles%\MWD

[2008-01-26]
File Version: 1.0.0.1065
  O2 - BHO: Video decompressor - {0B686DCA-F3F7-4829-8EB4-B453EEEA7B05} - C:\WINDOWS\pandsf.dll
  [-HKEY_CLASSES_ROOT\AppID\{0B686DCA-F3F7-4829-8EB4-B453EEEA7B05}]
  [-HKEY_CLASSES_ROOT\CLSID\{0B686DCA-F3F7-4829-8EB4-B453EEEA7B05}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0B686DCA-F3F7-4829-8EB4-B453EEEA7B05}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{0B686DCA-F3F7-4829-8EB4-B453EEEA7B05}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B686DCA-F3F7-4829-8EB4-B453EEEA7B05}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0B686DCA-F3F7-4829-8EB4-B453EEEA7B05}]

  O2 - BHO: Video decompressor - {490BE71A-AAA4-4616-B6C8-4847CA2972D0} - C:\WINDOWS\pandsf.dll
  [-HKEY_CLASSES_ROOT\AppID\{490BE71A-AAA4-4616-B6C8-4847CA2972D0}]
  [-HKEY_CLASSES_ROOT\CLSID\{490BE71A-AAA4-4616-B6C8-4847CA2972D0}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{490BE71A-AAA4-4616-B6C8-4847CA2972D0}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{490BE71A-AAA4-4616-B6C8-4847CA2972D0}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{490BE71A-AAA4-4616-B6C8-4847CA2972D0}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{490BE71A-AAA4-4616-B6C8-4847CA2972D0}]

  O2 - BHO: Video decompressor - {F38636ED-E66E-4A37-822E-0C01F64D6605} - C:\WINDOWS\pandsf.dll
  [-HKEY_CLASSES_ROOT\AppID\{F38636ED-E66E-4A37-822E-0C01F64D6605}]
  [-HKEY_CLASSES_ROOT\CLSID\{F38636ED-E66E-4A37-822E-0C01F64D6605}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F38636ED-E66E-4A37-822E-0C01F64D6605}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F38636ED-E66E-4A37-822E-0C01F64D6605}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F38636ED-E66E-4A37-822E-0C01F64D6605}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F38636ED-E66E-4A37-822E-0C01F64D6605}]

  O2 - BHO: Video decompressor - {FCE457AD-1CFC-4DC7-98DA-047AF95F8B98} - C:\WINDOWS\pandsf.dll
  [-HKEY_CLASSES_ROOT\AppID\{FCE457AD-1CFC-4DC7-98DA-047AF95F8B98}]
  [-HKEY_CLASSES_ROOT\CLSID\{FCE457AD-1CFC-4DC7-98DA-047AF95F8B98}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCE457AD-1CFC-4DC7-98DA-047AF95F8B98}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{FCE457AD-1CFC-4DC7-98DA-047AF95F8B98}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCE457AD-1CFC-4DC7-98DA-047AF95F8B98}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCE457AD-1CFC-4DC7-98DA-047AF95F8B98}]

  O2 - BHO: Video decompressor - {FD807848-4DCB-43F8-8D98-BD32382E5CEB} - C:\WINDOWS\pandsf.dll
  [-HKEY_CLASSES_ROOT\AppID\{FD807848-4DCB-43F8-8D98-BD32382E5CEB}]
  [-HKEY_CLASSES_ROOT\CLSID\{FD807848-4DCB-43F8-8D98-BD32382E5CEB}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD807848-4DCB-43F8-8D98-BD32382E5CEB}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{FD807848-4DCB-43F8-8D98-BD32382E5CEB}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FD807848-4DCB-43F8-8D98-BD32382E5CEB}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD807848-4DCB-43F8-8D98-BD32382E5CEB}]

  O2 - BHO: Player - {84885FC9-44B0-4953-98F9-166E048B7052} - C:\WINDOWS\orgnavi.dll
  %WinDir%\orgnavi.dll
  [-HKEY_CLASSES_ROOT\orgnavi.Video]
  [-HKEY_CLASSES_ROOT\AppID\orgnavi.dll]
  [-HKEY_CLASSES_ROOT\AppID\{84885FC9-44B0-4953-98F9-166E048B7052}]
  [-HKEY_CLASSES_ROOT\CLSID\{84885FC9-44B0-4953-98F9-166E048B7052}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84885FC9-44B0-4953-98F9-166E048B7052}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\orgnavi.Video]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\orgnavi.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{84885FC9-44B0-4953-98F9-166E048B7052}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{84885FC9-44B0-4953-98F9-166E048B7052}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84885FC9-44B0-4953-98F9-166E048B7052}]

  O2 - BHO: Player - {FC2458DB-B263-48C5-A106-0651B05DF38C} - C:\WINDOWS\orgnavi.dll
  [-HKEY_CLASSES_ROOT\AppID\{FC2458DB-B263-48C5-A106-0651B05DF38C}]
  [-HKEY_CLASSES_ROOT\CLSID\{FC2458DB-B263-48C5-A106-0651B05DF38C}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC2458DB-B263-48C5-A106-0651B05DF38C}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{FC2458DB-B263-48C5-A106-0651B05DF38C}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FC2458DB-B263-48C5-A106-0651B05DF38C}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC2458DB-B263-48C5-A106-0651B05DF38C}]

  %ProgramFiles%\AdwareDelete
  %ProgramFiles%\AdwareFilter
  %ProgramFiles%\AdwarePunisher
  %ProgramFiles%\AdwareSheriff
  %ProgramFiles%\AlfaCleaner
  %ProgramFiles%\Anti-Leech
  %ProgramFiles%\AntispyStorm
  %ProgramFiles%\AntiSpywareApp
  %ProgramFiles%\AntiSpywareBot
  %ProgramFiles%\Antispyware Soldier
  %ProgramFiles%\AntiSpywareSuite
  %ProgramFiles%\AntiSpyZone ?.?
  %ProgramFiles%\AntiVermeans
  %ProgramFiles%\AntiVermins
  %ProgramFiles%\AntiVerminser
  %ProgramFiles%\AntiVerminsPro
  %ProgramFiles%\AntiVirGear ?.?

[2007-01-19]
Version 1.0.0.1000
  O2 - BHO: Video decompressor - {5792244C-2237-459B-8E84-FA78184843A8} - C:\WINDOWS\pandsf.dll
  [-HKEY_CLASSES_ROOT\AppID\{5792244C-2237-459B-8E84-FA78184843A8}]
  [-HKEY_CLASSES_ROOT\CLSID\{5792244C-2237-459B-8E84-FA78184843A8}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5792244C-2237-459B-8E84-FA78184843A8}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{5792244C-2237-459B-8E84-FA78184843A8}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5792244C-2237-459B-8E84-FA78184843A8}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5792244C-2237-459B-8E84-FA78184843A8}]

  O2 - BHO: Video decompressor - {A69E182D-F9CA-4B90-80E9-854CBACCD73B} - C:\WINDOWS\pandsf.dll
  [-HKEY_CLASSES_ROOT\AppID\{A69E182D-F9CA-4B90-80E9-854CBACCD73B}]
  [-HKEY_CLASSES_ROOT\CLSID\{A69E182D-F9CA-4B90-80E9-854CBACCD73B}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A69E182D-F9CA-4B90-80E9-854CBACCD73B}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{A69E182D-F9CA-4B90-80E9-854CBACCD73B}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A69E182D-F9CA-4B90-80E9-854CBACCD73B}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A69E182D-F9CA-4B90-80E9-854CBACCD73B}]

  O2 - BHO: Video decompressor - {FB8BB59E-86A8-46CC-9CB9-7307737E7C46} - C:\WINDOWS\pandsf.dll
  %Windir%\pandsf.dll
  [-HKEY_CLASSES_ROOT\pandsf.Video]
  [-HKEY_CLASSES_ROOT\AppID\pandsf.dll]
  [-HKEY_CLASSES_ROOT\AppID\{FB8BB59E-86A8-46CC-9CB9-7307737E7C46}]
  [-HKEY_CLASSES_ROOT\CLSID\{FB8BB59E-86A8-46CC-9CB9-7307737E7C46}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FB8BB59E-86A8-46CC-9CB9-7307737E7C46}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\pandsf.Video]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pandsf.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{FB8BB59E-86A8-46CC-9CB9-7307737E7C46}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FB8BB59E-86A8-46CC-9CB9-7307737E7C46}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FB8BB59E-86A8-46CC-9CB9-7307737E7C46}]

  %SystemDrive%\m.exe
  %SystemDrive%\mousepad?.exe
  %SystemDrive%\mousepad??.exe
  %SystemDrive%\ms1.exe
  %SystemDrive%\MTE3NDI6ODoxNg.exe
  %SystemDrive%\mydriver64.sys
  %SystemDrive%\mytob.exe
  %SystemDrive%\mytool.com
  %SystemDrive%\n.exe
  %SystemDrive%\newname?.exe
  %SystemDrive%\newname??.exe
  %SystemDrive%\ninja.rar
  %SystemDrive%\ncj.exe
  %SystemDrive%\nj.exe
  %SystemDrive%\ntdetecd.exe
  %SystemDrive%\ntnc.exe
  %SystemDrive%\ntpnt.exe
  %SystemDrive%\ntzl.exe
  %SystemDrive%\nwnm.exe
  %SystemDrive%\nwnm_?.exe
  %SystemDrive%\nwnm?_?.exe
  %SystemDrive%\nwnm??_?.exe
  %SystemDrive%\nwnm??_??.exe
  %SystemDrive%\opssd.dat
  %SystemDrive%\pasmew.dll
  %SystemDrive%\pinch.exe
  %SystemDrive%\qscem.vob
  %SystemDrive%\r.exe
  %SystemDrive%\readme.exe
  %SystemDrive%\remadm32.dll
  %SystemDrive%\screen.html
  %SystemDrive%\secure32.html
  %SystemDrive%\spb32.dll
  %SystemDrive%\spy_sys.exe
  %SystemDrive%\SS1001.exe
  %SystemDrive%\stub_113_4_0_4_0.exe
  %SystemDrive%\system1.dat6
  %SystemDrive%\svchost72.exe
  %SystemDrive%\t.exe
  %SystemDrive%\t.inx
  %SystemDrive%\Tagasaurus?.exe
  %SystemDrive%\tool?.exe
  %SystemDrive%\uniq
  %SystemDrive%\ucmoreiex.exe
  %SystemDrive%\ur72.dll
  %SystemDrive%\vindows32.exe
  %SystemDrive%\vobler.exe
  %SystemDrive%\vmlrxfh.exe
  %SystemDrive%\vsl04.exe
  %SystemDrive%\wbc32.exe
  %SystemDrive%\wp.bmp
  %SystemDrive%\wp.exe
  %SystemDrive%\_winlogon32.exe
  %SystemDrive%\winstall.exe
  %SystemDrive%\winsysupd8.exe
  %SystemDrive%\winsysupd??.exe
  %SystemDrive%\winsysban8.exe
  %SystemDrive%\web.exe
  %SystemDrive%\wmzgrab.exe
  %SystemDrive%\wallp2.exe
  %SystemDrive%\xxx.exe
  %SystemDrive%\zloader3.exe
  %SystemDrive%\downloads
  %SystemDrive%\sww_searchtool

[2008-01-17]
Version 1.0.0.926
  O2 - BHO: Office toolbar - {14F4D69C-EDB0-434D-BF44-1EECCCD3418E} - C:\Windows\sysosa.dll
  [-HKEY_CLASSES_ROOT\AppID\{14F4D69C-EDB0-434D-BF44-1EECCCD3418E}]
  [-HKEY_CLASSES_ROOT\CLSID\{14F4D69C-EDB0-434D-BF44-1EECCCD3418E}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{14F4D69C-EDB0-434D-BF44-1EECCCD3418E}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{14F4D69C-EDB0-434D-BF44-1EECCCD3418E}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{14F4D69C-EDB0-434D-BF44-1EECCCD3418E}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{14F4D69C-EDB0-434D-BF44-1EECCCD3418E}]

  %SystemDrive%\defender??.exe
  %SystemDrive%\dfndr?.exe
  %SystemDrive%\dfndr?_?.exe
  %SystemDrive%\dfndr?_??.exe
  %SystemDrive%\dfndr??_?.exe
  %SystemDrive%\dfndr??_??.exe
  %SystemDrive%\digipass_ver1.???.exe
  %SystemDrive%\dl.html
  %SystemDrive%\dr140306.exe
  %SystemDrive%\drsmartload.dat
  %SystemDrive%\drsmartload?.dat
  %SystemDrive%\drsmartload?.exe
  %SystemDrive%\dll2.dll
  %SystemDrive%\ecsiin.stub.exe
  %SystemDrive%\efender1.exe
  %SystemDrive%\ej.exe
  %SystemDrive%\exec.exe
  %SystemDrive%\execfile0?.exe
  %SystemDrive%\exit
  %SystemDrive%\exp.vbs
  %SystemDrive%\freeee.exe
  %SystemDrive%\fsg32.exe
  %SystemDrive%\gadf32.exe
  %SystemDrive%\ghume32.dll
  %SystemDrive%\gimmygames?.exe
  %SystemDrive%\gimmysmileys?.exe
  %SystemDrive%\index_dsp.html
  %SystemDrive%\installer.exe
  %SystemDrive%\intcodec - v6.???.exe
  %SystemDrive%\keyboard?.exe
  %SystemDrive%\keyboard??.exe
  %SystemDrive%\keydsp.exe
  %SystemDrive%\kl1.exe
  %SystemDrive%\kybrd.exe
  %SystemDrive%\kybrd_?.exe
  %SystemDrive%\kybrd?_?.exe
  %SystemDrive%\kybrd??_?.exe
  %SystemDrive%\kybrd??_??.exe
  %SystemDrive%\kybrd???_?.exe
  %SystemDrive%\ldsm.exe
  %SystemDrive%\list
  %SystemDrive%\loader.exe
  %SystemDrive%\localhost32.exe
  %SystemDrive%\loggiver.dll
  %SystemDrive%\logic.sam
  %SystemDrive%\logon032.dll

[2008-01-14]
File Version: 1.0.0.875
  O2 - BHO: Office toolbar - {4F9FD315-1C7C-477B-A65D-E66570DF2677} - C:\Windows\sysosa.dll
  [-HKEY_CLASSES_ROOT\AppID\{4F9FD315-1C7C-477B-A65D-E66570DF2677}]
  [-HKEY_CLASSES_ROOT\CLSID\{4F9FD315-1C7C-477B-A65D-E66570DF2677}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4F9FD315-1C7C-477B-A65D-E66570DF2677}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{4F9FD315-1C7C-477B-A65D-E66570DF2677}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4F9FD315-1C7C-477B-A65D-E66570DF2677}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F9FD315-1C7C-477B-A65D-E66570DF2677}]

  O2 - BHO: Office toolbar - {5BD5FE32-1DB9-48E1-BEDF-3CC304D98B46} - C:\Windows\sysosa.dll
  [-HKEY_CLASSES_ROOT\AppID\{5BD5FE32-1DB9-48E1-BEDF-3CC304D98B46}]
  [-HKEY_CLASSES_ROOT\CLSID\{5BD5FE32-1DB9-48E1-BEDF-3CC304D98B46}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5BD5FE32-1DB9-48E1-BEDF-3CC304D98B46}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{5BD5FE32-1DB9-48E1-BEDF-3CC304D98B46}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5BD5FE32-1DB9-48E1-BEDF-3CC304D98B46}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BD5FE32-1DB9-48E1-BEDF-3CC304D98B46}]

  O2 - BHO: Office toolbar - {AB51078F-7E35-49E2-8B26-7BB98321E066} - C:\Windows\sysosa.dll
  [-HKEY_CLASSES_ROOT\AppID\{AB51078F-7E35-49E2-8B26-7BB98321E066}]
  [-HKEY_CLASSES_ROOT\CLSID\{AB51078F-7E35-49E2-8B26-7BB98321E066}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AB51078F-7E35-49E2-8B26-7BB98321E066}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{AB51078F-7E35-49E2-8B26-7BB98321E066}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AB51078F-7E35-49E2-8B26-7BB98321E066}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AB51078F-7E35-49E2-8B26-7BB98321E066}]

  %SystemDrive%\124842.exe
  %SystemDrive%\3.exe
  %SystemDrive%\a.exe
  %SystemDrive%\ac3_0003.exe
  %SystemDrive%\amewq32.exe
  %SystemDrive%\ann.exe
  %SystemDrive%\antidote.pif
  %SystemDrive%\auraupg1.exe
  %SystemDrive%\autoexec.exe
  %SystemDrive%\azdd.exe
  %SystemDrive%\azentretien.dll
  %SystemDrive%\birdihuy.dll
  %SystemDrive%\birdihuy32.dll
  %SystemDrive%\boot.inx
  %SystemDrive%\bootcmd.exe
  %SystemDrive%\bootcom.exe
  %SystemDrive%\bspsupport.exe
  %SystemDrive%\bsw.exe
  %SystemDrive%\clickme.exe
  %SystemDrive%\clrssn.exe
  %SystemDrive%\corruptfile.exe
  %SystemDrive%\country.exe
  %SystemDrive%\cp1041.nls
  %SystemDrive%\defender?.exe

[2008-01-13]
File Version: 1.0.0.832
  O2 - BHO: Rates - {6CA6DDF4-8904-4179-A45D-91438342F83A} - C:\Windows\toprates.dll
  [-HKEY_CLASSES_ROOT\AppID\{6CA6DDF4-8904-4179-A45D-91438342F83A}]
  [-HKEY_CLASSES_ROOT\CLSID\{6CA6DDF4-8904-4179-A45D-91438342F83A}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6CA6DDF4-8904-4179-A45D-91438342F83A}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{6CA6DDF4-8904-4179-A45D-91438342F83A}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6CA6DDF4-8904-4179-A45D-91438342F83A}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6CA6DDF4-8904-4179-A45D-91438342F83A}]

File Version: 1.0.0.826
  O2 - BHO: Office toolbar - {26121617-90C5-41D3-B52D-133D49A36AE7} - C:\Windows\sysosa.dll
  [-HKEY_CLASSES_ROOT\AppID\{26121617-90C5-41D3-B52D-133D49A36AE7}]
  [-HKEY_CLASSES_ROOT\CLSID\{26121617-90C5-41D3-B52D-133D49A36AE7}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{26121617-90C5-41D3-B52D-133D49A36AE7}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{26121617-90C5-41D3-B52D-133D49A36AE7}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26121617-90C5-41D3-B52D-133D49A36AE7}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26121617-90C5-41D3-B52D-133D49A36AE7}]

[2008-01-12]
File Version: 1.0.0.820
  O2 - BHO: Office toolbar - {59607689-0CC6-4187-B7E7-03084228E7EE} - C:\Windows\sysosa.dll
  [-HKEY_CLASSES_ROOT\AppID\{59607689-0CC6-4187-B7E7-03084228E7EE}]
  [-HKEY_CLASSES_ROOT\CLSID\{59607689-0CC6-4187-B7E7-03084228E7EE}]
  [-HKEY_CLASSES_ROOT\CLSID\{F0B18D6F-3541-4AB4-A231-79F15FA29ED1}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59607689-0CC6-4187-B7E7-03084228E7EE}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{59607689-0CC6-4187-B7E7-03084228E7EE}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{59607689-0CC6-4187-B7E7-03084228E7EE}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59607689-0CC6-4187-B7E7-03084228E7EE}]

[2008-01-11]
Version 1 (File Version: 1.0.0.814)
  This is a completely recoded tool.  Now outputs a log file to the Desktop and has a Windows GUI.

Version 0.60
  O2 - BHO: Office toolbar - {472BC14C-6464-4FDF-A12A-A057CDCD9C58} - C:\Windows\sysosa.dll
  O2 - BHO: Office toolbar - {F0B18D6F-3541-4AB4-A231-79F15FA29ED1} - C:\Windows\sysosa.dll
  %Windir%\sysosa.dll
  [-HKEY_CLASSES_ROOT\sysosa.Video]
  [-HKEY_CLASSES_ROOT\AppID\sysosa.dll]
  [-HKEY_CLASSES_ROOT\AppID\{472BC14C-6464-4FDF-A12A-A057CDCD9C58}]
  [-HKEY_CLASSES_ROOT\AppID\{F0B18D6F-3541-4AB4-A231-79F15FA29ED1}]
  [-HKEY_CLASSES_ROOT\CLSID\{472BC14C-6464-4FDF-A12A-A057CDCD9C58}]
  [-HKEY_CLASSES_ROOT\CLSID\{F0B18D6F-3541-4AB4-A231-79F15FA29ED1}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{472BC14C-6464-4FDF-A12A-A057CDCD9C58}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F0B18D6F-3541-4AB4-A231-79F15FA29ED1}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sysosa.Video]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\sysosa.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{472BC14C-6464-4FDF-A12A-A057CDCD9C58}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F0B18D6F-3541-4AB4-A231-79F15FA29ED1}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{472BC14C-6464-4FDF-A12A-A057CDCD9C58}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F0B18D6F-3541-4AB4-A231-79F15FA29ED1}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{472BC14C-6464-4FDF-A12A-A057CDCD9C58}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0B18D6F-3541-4AB4-A231-79F15FA29ED1}]

  O2 - BHO: Rates - {04B0AACB-ADE6-45C7-9989-7836E8DC8C3D} - C:\WINDOWS\toprates.dll
  [-HKEY_CLASSES_ROOT\AppID\{04B0AACB-ADE6-45C7-9989-7836E8DC8C3D}]
  [-HKEY_CLASSES_ROOT\CLSID\{04B0AACB-ADE6-45C7-9989-7836E8DC8C3D}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{04B0AACB-ADE6-45C7-9989-7836E8DC8C3D}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{04B0AACB-ADE6-45C7-9989-7836E8DC8C3D}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{04B0AACB-ADE6-45C7-9989-7836E8DC8C3D}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{04B0AACB-ADE6-45C7-9989-7836E8DC8C3D}]

[2008-01-10]
Version 0.59
  O2 - BHO: Rates - {113F2B42-FD88-45F6-9DEB-2D3463A8FC71} - C:\WINDOWS\toprates.dll
  [-HKEY_CLASSES_ROOT\AppID\{113F2B42-FD88-45F6-9DEB-2D3463A8FC71}]
  [-HKEY_CLASSES_ROOT\CLSID\{113F2B42-FD88-45F6-9DEB-2D3463A8FC71}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{113F2B42-FD88-45F6-9DEB-2D3463A8FC71}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{113F2B42-FD88-45F6-9DEB-2D3463A8FC71}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{113F2B42-FD88-45F6-9DEB-2D3463A8FC71}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{113F2B42-FD88-45F6-9DEB-2D3463A8FC71}]
  
[2008-01-09]
Version 0.58
  O2 - BHO: Rates - {0B5BDA71-9E2A-467C-90EC-E0947A9BB1ED} - C:\WINDOWS\toprates.dll
  [-HKEY_CLASSES_ROOT\AppID\{0B5BDA71-9E2A-467C-90EC-E0947A9BB1ED}]
  [-HKEY_CLASSES_ROOT\CLSID\{0B5BDA71-9E2A-467C-90EC-E0947A9BB1ED}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0B5BDA71-9E2A-467C-90EC-E0947A9BB1ED}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{0B5BDA71-9E2A-467C-90EC-E0947A9BB1ED}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0B5BDA71-9E2A-467C-90EC-E0947A9BB1ED}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0B5BDA71-9E2A-467C-90EC-E0947A9BB1ED}]
  
[2008-01-07]
Version 0.57
  O2 - BHO: rates - {038F228B-EED3-4A87-A565-F88FC99EBA91} - C:\WINDOWS\toprates.dll
  O2 - BHO: Rates - {0EB6AF05-AB7F-47C2-8ABC-9B985FE27A69} - C:\WINDOWS\toprates.dll
  O2 - BHO: Rates - {395E5A32-A265-451E-BCA2-679BC11361B1} - C:\WINDOWS\toprates.dll
  O2 - BHO: Rates - {47EFD4AD-CB46-4549-B24B-CEE415394C56} - C:\WINDOWS\toprates.dll
  O2 - BHO: Rates - {4E45C414-5019-4966-9013-6950C35E6C06} - C:\WINDOWS\toprates.dll
  O2 - BHO: Rates - {553084D1-0E86-4358-AA1C-BB19B42AF28F} - C:\WINDOWS\toprates.dll
  O2 - BHO: Rates - {5C28ED27-37BE-40EA-9AEB-FCC19F72682F} - C:\WINDOWS\toprates.dll
  O2 - BHO: Rates - {64CB443E-9F44-4A05-929F-CCC315F21E21} - C:\WINDOWS\toprates.dll
  O2 - BHO: Rates - {834B0DD4-3A68-4F58-B265-D9FDB3D8F88B} - C:\WINDOWS\toprates.dll
  O2 - BHO: Rates - {F325C9B7-4876-4665-895B-674D657645C2} - C:\WINDOWS\toprates.dll

  %Windir%\toprates.dll

  [-HKEY_CLASSES_ROOT\toprates.Video]
  [-HKEY_CLASSES_ROOT\AppID\toprates.dll]
  [-HKEY_CLASSES_ROOT\AppID\{038F228B-EED3-4A87-A565-F88FC99EBA91}]
  [-HKEY_CLASSES_ROOT\AppID\{0EB6AF05-AB7F-47C2-8ABC-9B985FE27A69}]
  [-HKEY_CLASSES_ROOT\AppID\{395E5A32-A265-451E-BCA2-679BC11361B1}]
  [-HKEY_CLASSES_ROOT\AppID\{47EFD4AD-CB46-4549-B24B-CEE415394C56}]
  [-HKEY_CLASSES_ROOT\AppID\{4E45C414-5019-4966-9013-6950C35E6C06}]
  [-HKEY_CLASSES_ROOT\AppID\{553084D1-0E86-4358-AA1C-BB19B42AF28F}]
  [-HKEY_CLASSES_ROOT\AppID\{5C28ED27-37BE-40EA-9AEB-FCC19F72682F}]
  [-HKEY_CLASSES_ROOT\AppID\{64CB443E-9F44-4A05-929F-CCC315F21E21}]
  [-HKEY_CLASSES_ROOT\AppID\{834B0DD4-3A68-4F58-B265-D9FDB3D8F88B}]
  [-HKEY_CLASSES_ROOT\AppID\{F325C9B7-4876-4665-895B-674D657645C2}]
  [-HKEY_CLASSES_ROOT\CLSID\{038F228B-EED3-4A87-A565-F88FC99EBA91}]
  [-HKEY_CLASSES_ROOT\CLSID\{0EB6AF05-AB7F-47C2-8ABC-9B985FE27A69}]
  [-HKEY_CLASSES_ROOT\CLSID\{395E5A32-A265-451E-BCA2-679BC11361B1}]
  [-HKEY_CLASSES_ROOT\CLSID\{47EFD4AD-CB46-4549-B24B-CEE415394C56}]
  [-HKEY_CLASSES_ROOT\CLSID\{4E45C414-5019-4966-9013-6950C35E6C06}]
  [-HKEY_CLASSES_ROOT\CLSID\{553084D1-0E86-4358-AA1C-BB19B42AF28F}]
  [-HKEY_CLASSES_ROOT\CLSID\{5C28ED27-37BE-40EA-9AEB-FCC19F72682F}]
  [-HKEY_CLASSES_ROOT\CLSID\{64CB443E-9F44-4A05-929F-CCC315F21E21}]
  [-HKEY_CLASSES_ROOT\CLSID\{834B0DD4-3A68-4F58-B265-D9FDB3D8F88B}]
  [-HKEY_CLASSES_ROOT\CLSID\{F325C9B7-4876-4665-895B-674D657645C2}]
  [-HKEY_CLASSES_ROOT\Interface\{48D78BE5-CFB9-4B66-9AC4-96D4CF21DE06}]
  [-HKEY_CLASSES_ROOT\TypeLib\{74D46BBA-5638-473A-83B6-97E7804A7411}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{038F228B-EED3-4A87-A565-F88FC99EBA91}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0EB6AF05-AB7F-47C2-8ABC-9B985FE27A69}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{395E5A32-A265-451E-BCA2-679BC11361B1}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{47EFD4AD-CB46-4549-B24B-CEE415394C56}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E45C414-5019-4966-9013-6950C35E6C06}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{553084D1-0E86-4358-AA1C-BB19B42AF28F}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C28ED27-37BE-40EA-9AEB-FCC19F72682F}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64CB443E-9F44-4A05-929F-CCC315F21E21}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{834B0DD4-3A68-4F58-B265-D9FDB3D8F88B}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F325C9B7-4876-4665-895B-674D657645C2}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\toprates.Video]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\toprates.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{038F228B-EED3-4A87-A565-F88FC99EBA91}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{0EB6AF05-AB7F-47C2-8ABC-9B985FE27A69}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{395E5A32-A265-451E-BCA2-679BC11361B1}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{47EFD4AD-CB46-4549-B24B-CEE415394C56}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{4E45C414-5019-4966-9013-6950C35E6C06}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{553084D1-0E86-4358-AA1C-BB19B42AF28F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{5C28ED27-37BE-40EA-9AEB-FCC19F72682F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{64CB443E-9F44-4A05-929F-CCC315F21E21}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{834B0DD4-3A68-4F58-B265-D9FDB3D8F88B}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F325C9B7-4876-4665-895B-674D657645C2}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{038F228B-EED3-4A87-A565-F88FC99EBA91}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0EB6AF05-AB7F-47C2-8ABC-9B985FE27A69}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{395E5A32-A265-451E-BCA2-679BC11361B1}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{47EFD4AD-CB46-4549-B24B-CEE415394C56}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4E45C414-5019-4966-9013-6950C35E6C06}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{553084D1-0E86-4358-AA1C-BB19B42AF28F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C28ED27-37BE-40EA-9AEB-FCC19F72682F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{64CB443E-9F44-4A05-929F-CCC315F21E21}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{834B0DD4-3A68-4F58-B265-D9FDB3D8F88B}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F325C9B7-4876-4665-895B-674D657645C2}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{48D78BE5-CFB9-4B66-9AC4-96D4CF21DE06}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{74D46BBA-5638-473A-83B6-97E7804A7411}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{038F228B-EED3-4A87-A565-F88FC99EBA91}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0EB6AF05-AB7F-47C2-8ABC-9B985FE27A69}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395E5A32-A265-451E-BCA2-679BC11361B1}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{47EFD4AD-CB46-4549-B24B-CEE415394C56}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4E45C414-5019-4966-9013-6950C35E6C06}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{553084D1-0E86-4358-AA1C-BB19B42AF28F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C28ED27-37BE-40EA-9AEB-FCC19F72682F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64CB443E-9F44-4A05-929F-CCC315F21E21}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{834B0DD4-3A68-4F58-B265-D9FDB3D8F88B}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F325C9B7-4876-4665-895B-674D657645C2}]

[2007-12-30]
Version 0.56
  O2 - BHO: player addon - {9DEC81A1-919F-41F0-A983-7F202E3EBBB3} - C:\Windows\oggview32.dll
  [-HKEY_CLASSES_ROOT\AppID\{9DEC81A1-919F-41F0-A983-7F202E3EBBB3}]
  [-HKEY_CLASSES_ROOT\CLSID\{9DEC81A1-919F-41F0-A983-7F202E3EBBB3}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{9DEC81A1-919F-41F0-A983-7F202E3EBBB3}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9DEC81A1-919F-41F0-A983-7F202E3EBBB3}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9DEC81A1-919F-41F0-A983-7F202E3EBBB3}]

  O2 - BHO: player addon - {E90BBB19-1B2E-42C0-8BFF-AFC6984247DD} - C:\Windows\oggview32.dll
  [-HKEY_CLASSES_ROOT\AppID\{E90BBB19-1B2E-42C0-8BFF-AFC6984247DD}]
  [-HKEY_CLASSES_ROOT\CLSID\{E90BBB19-1B2E-42C0-8BFF-AFC6984247DD}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{E90BBB19-1B2E-42C0-8BFF-AFC6984247DD}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E90BBB19-1B2E-42C0-8BFF-AFC6984247DD}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E90BBB19-1B2E-42C0-8BFF-AFC6984247DD}]

[2007-12-29]
Version 0.55
  O2 - BHO: player addon - {1E40AD15-4280-428A-9A26-AB96F9DA2ACE} - C:\Windows\oggview32.dll
  [-HKEY_CLASSES_ROOT\AppID\{1E40AD15-4280-428A-9A26-AB96F9DA2ACE}]
  [-HKEY_CLASSES_ROOT\CLSID\{1E40AD15-4280-428A-9A26-AB96F9DA2ACE}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{1E40AD15-4280-428A-9A26-AB96F9DA2ACE}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1E40AD15-4280-428A-9A26-AB96F9DA2ACE}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E40AD15-4280-428A-9A26-AB96F9DA2ACE}]

  O2 - BHO: player addon - {819EFD78-6FD4-42EF-9030-F6DAB24BB9F0} - C:\Windows\oggview32.dll
  [-HKEY_CLASSES_ROOT\AppID\{819EFD78-6FD4-42EF-9030-F6DAB24BB9F0}]
  [-HKEY_CLASSES_ROOT\CLSID\{819EFD78-6FD4-42EF-9030-F6DAB24BB9F0}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{819EFD78-6FD4-42EF-9030-F6DAB24BB9F0}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{819EFD78-6FD4-42EF-9030-F6DAB24BB9F0}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{819EFD78-6FD4-42EF-9030-F6DAB24BB9F0}]

[2007-12-27]
Version 0.54
  O2 - BHO: player addon - {4EBAA7B0-740D-4CFA-9455-5C233BB354E1} - C:\Windows\oggview32.dll
  [-HKEY_CLASSES_ROOT\oggview32.Video]
  [-HKEY_CLASSES_ROOT\AppID\oggview32.dll]
  [-HKEY_CLASSES_ROOT\AppID\{4EBAA7B0-740D-4CFA-9455-5C233BB354E1}]
  [-HKEY_CLASSES_ROOT\CLSID\{4EBAA7B0-740D-4CFA-9455-5C233BB354E1}]
  [-HKEY_CLASSES_ROOT\Interface\{2EB613B4-E877-437D-9356-ED824801E872}]
  [-HKEY_CLASSES_ROOT\TypeLib\{62566A4D-AE41-44D2-B1B1-BC210BD35DCB}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\oggview32.Video]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\oggview32.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{4EBAA7B0-740D-4CFA-9455-5C233BB354E1}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4EBAA7B0-740D-4CFA-9455-5C233BB354E1}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2EB613B4-E877-437D-9356-ED824801E872}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{62566A4D-AE41-44D2-B1B1-BC210BD35DCB}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4EBAA7B0-740D-4CFA-9455-5C233BB354E1}]
  Unregisters and Deletes %WinDir%\oggview32.dll

[2007-12-26]
Version 0.53
  Removes Files-Secure an IE Defender clone

  O2 - BHO: POS plugin - {7753B2C4-8E27-4CEC-87EB-2739480D8A11} - C:\WINDOWS\poswin.dll
  [-HKEY_CLASSES_ROOT\AppID\{7753B2C4-8E27-4CEC-87EB-2739480D8A11}]
  [-HKEY_CLASSES_ROOT\CLSID\{7753B2C4-8E27-4CEC-87EB-2739480D8A11}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7753B2C4-8E27-4CEC-87EB-2739480D8A11}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7753B2C4-8E27-4CEC-87EB-2739480D8A11}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7753B2C4-8E27-4CEC-87EB-2739480D8A11}]

  O2 - BHO: POS plugin - {F60777DA-D6A6-40F6-B665-6F361C1017B6} - C:\WINDOWS\poswin.dll
  [-HKEY_CLASSES_ROOT\AppID\{F60777DA-D6A6-40F6-B665-6F361C1017B6}]
  [-HKEY_CLASSES_ROOT\CLSID\{F60777DA-D6A6-40F6-B665-6F361C1017B6}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F60777DA-D6A6-40F6-B665-6F361C1017B6}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F60777DA-D6A6-40F6-B665-6F361C1017B6}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F60777DA-D6A6-40F6-B665-6F361C1017B6}]


[2007-12-23]
Version 0.52
  O2 - BHO: pwn plugin - {4AAC4708-FE47-4B80-92EF-47406444DDD2} - C:\WINDOWS\pwnbho.dll
  [-HKEY_CLASSES_ROOT\AppID\{4AAC4708-FE47-4B80-92EF-47406444DDD2}]
  [-HKEY_CLASSES_ROOT\CLSID\{4AAC4708-FE47-4B80-92EF-47406444DDD2}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{4AAC4708-FE47-4B80-92EF-47406444DDD2}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4AAC4708-FE47-4B80-92EF-47406444DDD2}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4AAC4708-FE47-4B80-92EF-47406444DDD2}]

  O2 - BHO: POS plugin - {369A87BB-07DF-4AB6-B23D-B5BF81338572} - C:\WINDOWS\poswin.dll
  [-HKEY_CLASSES_ROOT\poswin.Video]
  [-HKEY_CLASSES_ROOT\AppID\poswin.dll]
  [-HKEY_CLASSES_ROOT\AppID\{369A87BB-07DF-4AB6-B23D-B5BF81338572}]
  [-HKEY_CLASSES_ROOT\CLSID\{369A87BB-07DF-4AB6-B23D-B5BF81338572}]
  [-HKEY_CLASSES_ROOT\Interface\{2B8437AD-4E51-4DBA-BD02-B80B4C048C83}]
  [-HKEY_CLASSES_ROOT\TypeLib\{FB35DA3F-3EBD-4F8A-8B5F-521ABA109398}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\poswin.Video]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\poswin.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{369A87BB-07DF-4AB6-B23D-B5BF81338572}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{369A87BB-07DF-4AB6-B23D-B5BF81338572}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2B8437AD-4E51-4DBA-BD02-B80B4C048C83}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FB35DA3F-3EBD-4F8A-8B5F-521ABA109398}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{369A87BB-07DF-4AB6-B23D-B5BF81338572}]
  Unregisters and Deletes %WinDir%\poswin.dll

Version 0.51
  O2 - BHO: pwn plugin - {7E24E909-FB8A-4837-9DF7-05E7587CB26C} - C:\WINDOWS\pwnbho.dll
  [-HKEY_CLASSES_ROOT\pwnbho.Video]
  [-HKEY_CLASSES_ROOT\AppID\pwnbho.dll]
  [-HKEY_CLASSES_ROOT\AppID\{7E24E909-FB8A-4837-9DF7-05E7587CB26C}]
  [-HKEY_CLASSES_ROOT\CLSID\{7E24E909-FB8A-4837-9DF7-05E7587CB26C}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\pwnbho.Video]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pwnbho.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7E24E909-FB8A-4837-9DF7-05E7587CB26C}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E24E909-FB8A-4837-9DF7-05E7587CB26C}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E24E909-FB8A-4837-9DF7-05E7587CB26C}]
  Unregisers and Deletes %WinDir%\pwnbho.dll

[2007-12-22]
Version 0.50
  O2 - BHO: OGG Viewer - {FBFE32FE-4ED6-4099-A087-8C238B714831} - C:\Windows\oggview.dll
  [-HKEY_CLASSES_ROOT\AppID\{FBFE32FE-4ED6-4099-A087-8C238B714831}]
  [-HKEY_CLASSES_ROOT\CLSID\{FBFE32FE-4ED6-4099-A087-8C238B714831}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{FBFE32FE-4ED6-4099-A087-8C238B714831}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FBFE32FE-4ED6-4099-A087-8C238B714831}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FBFE32FE-4ED6-4099-A087-8C238B714831}]

[2007-12-21]
Version 0.49
  O2 - BHO: OGG Viewer - {90F39E5A-1C6C-4597-8B59-9AED38E88387} - C:\Windows\oggview.dll
  [-HKEY_CLASSES_ROOT\AppID\{90F39E5A-1C6C-4597-8B59-9AED38E88387}]
  [-HKEY_CLASSES_ROOT\CLSID\{90F39E5A-1C6C-4597-8B59-9AED38E88387}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{90F39E5A-1C6C-4597-8B59-9AED38E88387}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{90F39E5A-1C6C-4597-8B59-9AED38E88387}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{90F39E5A-1C6C-4597-8B59-9AED38E88387}]

  O2 - BHO: OGG Viewer - {7AB85EC7-22E7-4B5D-89DA-A9EBD1AF3520} - C:\WINDOWS\oggview.dll
  [-HKEY_CLASSES_ROOT\AppID\{7AB85EC7-22E7-4B5D-89DA-A9EBD1AF3520}]
  [-HKEY_CLASSES_ROOT\CLSID\{7AB85EC7-22E7-4B5D-89DA-A9EBD1AF3520}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7AB85EC7-22E7-4B5D-89DA-A9EBD1AF3520}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7AB85EC7-22E7-4B5D-89DA-A9EBD1AF3520}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7AB85EC7-22E7-4B5D-89DA-A9EBD1AF3520}]

[2007-12-20]
Version 0.48
  Added Support for Non-English Language Systems
  
  O2 - BHO: PDS Viewer - {37CEA8AE-2C1F-4F88-8362-0BFFBA53D2FD} - C:\WINDOWS\pdswin.dll
  [-HKEY_CLASSES_ROOT\AppID\{37CEA8AE-2C1F-4F88-8362-0BFFBA53D2FD}]
  [-HKEY_CLASSES_ROOT\CLSID\{37CEA8AE-2C1F-4F88-8362-0BFFBA53D2FD}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{37CEA8AE-2C1F-4F88-8362-0BFFBA53D2FD}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{37CEA8AE-2C1F-4F88-8362-0BFFBA53D2FD}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37CEA8AE-2C1F-4F88-8362-0BFFBA53D2FD}]

  O2 - BHO: OGG Viewer - {82FE0677-75EC-49BF-83E9-A815F68F6212} - C:\WINDOWS\oggview.dll
  [-HKEY_CLASSES_ROOT\oggview.Video]
  [-HKEY_CLASSES_ROOT\AppID\oggview.dll]
  [-HKEY_CLASSES_ROOT\AppID\{82FE0677-75EC-49BF-83E9-A815F68F6212}]
  [-HKEY_CLASSES_ROOT\CLSID\{82FE0677-75EC-49BF-83E9-A815F68F6212}]
  [-HKEY_CLASSES_ROOT\Interface\{2B8437AD-4E51-4DBA-BD02-B80B4C048C83}]
  [-HKEY_CLASSES_ROOT\TypeLib\{FB35DA3F-3EBD-4F8A-8B5F-521ABA109398}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\oggview.Video]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\oggview.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{82FE0677-75EC-49BF-83E9-A815F68F6212}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{82FE0677-75EC-49BF-83E9-A815F68F6212}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{2B8437AD-4E51-4DBA-BD02-B80B4C048C83}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FB35DA3F-3EBD-4F8A-8B5F-521ABA109398}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82FE0677-75EC-49BF-83E9-A815F68F6212}]
  Unregisters and Deletes %WinDir%\oggview.dll

[2007-12-18]
Version 0.47
  O2 - BHO: IE Config Tools - {E780E148-0BAC-4654-81A4-8A649F4D4A90} - C:\WINDOWS\mscfg32.dll
  [-HKEY_CLASSES_ROOT\mscfg32.Video]
  [-HKEY_CLASSES_ROOT\AppID\mscfg32.dll]
  [-HKEY_CLASSES_ROOT\AppID\{E780E148-0BAC-4654-81A4-8A649F4D4A90}]
  [-HKEY_CLASSES_ROOT\CLSID\{E780E148-0BAC-4654-81A4-8A649F4D4A90}]
  [-HKEY_CLASSES_ROOT\Interface\{FEC3BE4F-E5AB-4B3F-9813-5326FA073155}]
  [-HKEY_CLASSES_ROOT\TypeLib\{E4A441DE-E415-4C43-A466-4993093FF411}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\mscfg32.Video]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\mscfg32.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{E780E148-0BAC-4654-81A4-8A649F4D4A90}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E780E148-0BAC-4654-81A4-8A649F4D4A90}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{FEC3BE4F-E5AB-4B3F-9813-5326FA073155}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{E4A441DE-E415-4C43-A466-4993093FF411}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E780E148-0BAC-4654-81A4-8A649F4D4A90}]
  Unregisters and Deletes %WinDir%\mscfg32.dll

  O2 - BHO: PDS Viewer - {E2278F85-4584-4BEE-928C-600B38C385C1} - C:\Windows\pdswin.dll
  [-HKEY_CLASSES_ROOT\pdswin.Video]
  [-HKEY_CLASSES_ROOT\AppID\pdswin.dll]
  [-HKEY_CLASSES_ROOT\AppID\{E2278F85-4584-4BEE-928C-600B38C385C1}]
  [-HKEY_CLASSES_ROOT\CLSID\{E2278F85-4584-4BEE-928C-600B38C385C1}]
  [-HKEY_CLASSES_ROOT\TypeLib\{9077685D-CD6D-4CE3-8AE0-3CC0DD81D1C9}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\pdswin.Video]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pdswin.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{E2278F85-4584-4BEE-928C-600B38C385C1}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E2278F85-4584-4BEE-928C-600B38C385C1}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{9077685D-CD6D-4CE3-8AE0-3CC0DD81D1C9}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E2278F85-4584-4BEE-928C-600B38C385C1}]
  Unregisters and Deletes %WinDir%\pdswin.dll

[2007-12-17]
Verion 0.46
  O2 - BHO: Web Search - {6A719349-BDF5-4268-9019-4ACA0C2562D2} - C:\WINDOWS\websrc32.dll
  [-HKEY_CLASSES_ROOT\websrc32.Video]
  [-HKEY_CLASSES_ROOT\AppID\websrc32.dll]
  [-HKEY_CLASSES_ROOT\AppID\{6A719349-BDF5-4268-9019-4ACA0C2562D2}]
  [-HKEY_CLASSES_ROOT\CLSID\{6A719349-BDF5-4268-9019-4ACA0C2562D2}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\websrc32.Video]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\websrc32.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{6A719349-BDF5-4268-9019-4ACA0C2562D2}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6A719349-BDF5-4268-9019-4ACA0C2562D2}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6A719349-BDF5-4268-9019-4ACA0C2562D2}]
  Unregisters and Deletes %WinDir%\websrc32.dll

  O2 - BHO: Web Search - {B3E45A9B-7756-46A2-AB14-90175CD374F9} - C:\WINDOWS\websrc32.dll
  [-HKEY_CLASSES_ROOT\AppID\{B3E45A9B-7756-46A2-AB14-90175CD374F9}]
  [-HKEY_CLASSES_ROOT\CLSID\{B3E45A9B-7756-46A2-AB14-90175CD374F9}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B3E45A9B-7756-46A2-AB14-90175CD374F9}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B3E45A9B-7756-46A2-AB14-90175CD374F9}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B3E45A9B-7756-46A2-AB14-90175CD374F9}]

  O2 - BHO: Web Search - {D54F0577-8770-4A63-B926-6A640ED57F06} - C:\WINDOWS\websrc32.dll
  [-HKEY_CLASSES_ROOT\AppID\{D54F0577-8770-4A63-B926-6A640ED57F06}]
  [-HKEY_CLASSES_ROOT\CLSID\{D54F0577-8770-4A63-B926-6A640ED57F06}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D54F0577-8770-4A63-B926-6A640ED57F06}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D54F0577-8770-4A63-B926-6A640ED57F06}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D54F0577-8770-4A63-B926-6A640ED57F06}]

  Copies sleep.exe to the System32 folder if needed

Version 0.45
  Removed redundant features

[2007-12-16]
Version 0.44
  O2 - BHO: FireFox Viewer - {8883BBC2-E716-4C98-B12C-BB40B4A415ED} - C:\WINDOWS\corpol.dll
  [-HKEY_CLASSES_ROOT\corpol.Video]
  [-HKEY_CLASSES_ROOT\AppID\corpol.dll]
  [-HKEY_CLASSES_ROOT\AppID\{8883BBC2-E716-4C98-B12C-BB40B4A415ED}]
  [-HKEY_CLASSES_ROOT\CLSID\{8883BBC2-E716-4C98-B12C-BB40B4A415ED}]
  [-HKEY_CLASSES_ROOT\Interface\{E330678D-C3B1-4AC1-AD7B-2F9CAC58F889}]
  [-HKEY_CLASSES_ROOT\TypeLib\{A54D885F-EA30-42C3-867B-4AD6C6600659}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\corpol.Video]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\corpol.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{8883BBC2-E716-4C98-B12C-BB40B4A415ED}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8883BBC2-E716-4C98-B12C-BB40B4A415ED}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{E330678D-C3B1-4AC1-AD7B-2F9CAC58F889}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{A54D885F-EA30-42C3-867B-4AD6C6600659}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8883BBC2-E716-4C98-B12C-BB40B4A415ED}]
  Unregisters and Deletes %WinDir%\corpol.dll

Version 0.43
  O2 - BHO: IE plugin - {D17CFF74-A19C-4C36-821A-E074E4F889CA} - C:\WINDOWS\pmspl.dll
  [-HKEY_CLASSES_ROOT\AppID\{D17CFF74-A19C-4C36-821A-E074E4F889CA}]
  [-HKEY_CLASSES_ROOT\AppID\{D17CFF74-A19C-4C36-821A-E074E4F889CA}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D17CFF74-A19C-4C36-821A-E074E4F889CA}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D17CFF74-A19C-4C36-821A-E074E4F889CA}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D17CFF74-A19C-4C36-821A-E074E4F889CA}]

Version 0.42
  O2 - BHO: IE plugin - {FF5137B5-C506-4D9B-8682-E0BE4675B899} - C:\WINDOWS\pmspl.dll
  [-HKEY_CLASSES_ROOT\AppID\{FF5137B5-C506-4D9B-8682-E0BE4675B899}]
  [-HKEY_CLASSES_ROOT\CLSID\{FF5137B5-C506-4D9B-8682-E0BE4675B899}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{FF5137B5-C506-4D9B-8682-E0BE4675B899}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FF5137B5-C506-4D9B-8682-E0BE4675B899}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FF5137B5-C506-4D9B-8682-E0BE4675B899}]

Version 0.41
  O2 - BHO: IE plugin - {E856E05E-1B91-4339-9EFC-9A3308CB5491} - C:\WINDOWS\pmspl.dll
  [-HKEY_CLASSES_ROOT\AppID\{E856E05E-1B91-4339-9EFC-9A3308CB5491}]
  [-HKEY_CLASSES_ROOT\CLSID\{E856E05E-1B91-4339-9EFC-9A3308CB5491}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{E856E05E-1B91-4339-9EFC-9A3308CB5491}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E856E05E-1B91-4339-9EFC-9A3308CB5491}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E856E05E-1B91-4339-9EFC-9A3308CB5491}]
  
[2007-12-15]
Version 0.40
  O2 - BHO: IE plugin - {17A1DBB5-DAD8-4E78-BF7E-9BE4B965408B} - C:\WINDOWS\pmspl.dll
  [-HKEY_CLASSES_ROOT\AppID\{17A1DBB5-DAD8-4E78-BF7E-9BE4B965408B}]
  [-HKEY_CLASSES_ROOT\CLSID\{17A1DBB5-DAD8-4E78-BF7E-9BE4B965408B}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{17A1DBB5-DAD8-4E78-BF7E-9BE4B965408B}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{17A1DBB5-DAD8-4E78-BF7E-9BE4B965408B}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17A1DBB5-DAD8-4E78-BF7E-9BE4B965408B}]

Version 0.39
  O2 - BHO: Video - {0F596190-DEC2-4D19-AB43-50B54243923F} - C:\WINDOWS\windivx.dll
  [-HKEY_CLASSES_ROOT\AppID\{0F596190-DEC2-4D19-AB43-50B54243923F}]
  [-HKEY_CLASSES_ROOT\CLSID\{0F596190-DEC2-4D19-AB43-50B54243923F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{0F596190-DEC2-4D19-AB43-50B54243923F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F596190-DEC2-4D19-AB43-50B54243923F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0F596190-DEC2-4D19-AB43-50B54243923F}]

  O2 - BHO: IE plugin - {6F6D1C90-7BEE-4A15-8DAB-9C37A643FD3A} - C:\WINDOWS\pmspl.dll
  [-HKEY_CLASSES_ROOT\pmspl.Video]
  [-HKEY_CLASSES_ROOT\AppID\pmspl.dll]
  [-HKEY_CLASSES_ROOT\AppID\{6F6D1C90-7BEE-4A15-8DAB-9C37A643FD3A}]
  [-HKEY_CLASSES_ROOT\CLSID\{6F6D1C90-7BEE-4A15-8DAB-9C37A643FD3A}]
  [-HKEY_CLASSES_ROOT\Interface\{38583F22-1B12-4893-9D7A-BD3FA2A114C7}]
  [-HKEY_CLASSES_ROOT\TypeLib\{D685B6DB-1ED0-4345-8A86-674A4F0198EE}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\pmspl.Video]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\pmspl.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{6F6D1C90-7BEE-4A15-8DAB-9C37A643FD3A}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6F6D1C90-7BEE-4A15-8DAB-9C37A643FD3A}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{38583F22-1B12-4893-9D7A-BD3FA2A114C7}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{D685B6DB-1ED0-4345-8A86-674A4F0198EE}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6F6D1C90-7BEE-4A15-8DAB-9C37A643FD3A}]
  Unregisters and Deletes %WinDir%\pmspl.dll

[2007-12-14]
Version 0.38
  O2 - BHO: Video - {15EB9F40-D775-4463-B75B-8687B3C66BB7} - C:\WINDOWS\msvideo.dll
  [-HKEY_CLASSES_ROOT\AppID\{15EB9F40-D775-4463-B75B-8687B3C66BB7}]
  [-HKEY_CLASSES_ROOT\CLSID\{15EB9F40-D775-4463-B75B-8687B3C66BB7}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{80590BC5-F4BA-4AD1-B216-C19EE86E2A77}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80590BC5-F4BA-4AD1-B216-C19EE86E2A77}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15EB9F40-D775-4463-B75B-8687B3C66BB7}]

[2007-12-13]
Version 0.37
  O2 - BHO: Video - {80590BC5-F4BA-4AD1-B216-C19EE86E2A77} - C:\WINDOWS\msvideo.dll
  [-HKEY_CLASSES_ROOT\msvideo.Video]
  [-HKEY_CLASSES_ROOT\AppID\msvideo.dll]
  [-HKEY_CLASSES_ROOT\AppID\{80590BC5-F4BA-4AD1-B216-C19EE86E2A77}]
  [-HKEY_CLASSES_ROOT\CLSID\{80590BC5-F4BA-4AD1-B216-C19EE86E2A77}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\msvideo.Video]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\msvideo.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{80590BC5-F4BA-4AD1-B216-C19EE86E2A77}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{80590BC5-F4BA-4AD1-B216-C19EE86E2A77}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{80590BC5-F4BA-4AD1-B216-C19EE86E2A77}]
  Unregisters and Deletes %WinDir%\msvideo.dll

[2007-12-12]
Version 0.36
  O2 - BHO: Video - {38329D14-1302-4CA7-BEE4-C954516C43B3} - C:\WINDOWS\windivx.dll
  [-HKEY_CLASSES_ROOT\AppID\{38329D14-1302-4CA7-BEE4-C954516C43B3}]
  [-HKEY_CLASSES_ROOT\CLSID\{38329D14-1302-4CA7-BEE4-C954516C43B3}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{38329D14-1302-4CA7-BEE4-C954516C43B3}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{38329D14-1302-4CA7-BEE4-C954516C43B3}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{38329D14-1302-4CA7-BEE4-C954516C43B3}]

  O2 - BHO: Video DivX 3.12 - {26B1DC31-2051-49DD-AEA6-368E702E5B63} - C:\WINDOWS\system32\sysdivx.dll
  [-HKEY_CLASSES_ROOT\AppID\{26B1DC31-2051-49DD-AEA6-368E702E5B63}]
  [-HKEY_CLASSES_ROOT\CLSID\{26B1DC31-2051-49DD-AEA6-368E702E5B63}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{26B1DC31-2051-49DD-AEA6-368E702E5B63}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{26B1DC31-2051-49DD-AEA6-368E702E5B63}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B1DC31-2051-49DD-AEA6-368E702E5B63}]

  O2 - BHO: Video DivX 3.12 - {29C79434-BA0A-4A48-A451-70F19B4A4925} - C:\WINDOWS\system32\sysdivx.dll
  [-HKEY_CLASSES_ROOT\AppID\{29C79434-BA0A-4A48-A451-70F19B4A4925}]
  [-HKEY_CLASSES_ROOT\CLSID\{29C79434-BA0A-4A48-A451-70F19B4A4925}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{29C79434-BA0A-4A48-A451-70F19B4A4925}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{29C79434-BA0A-4A48-A451-70F19B4A4925}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{29C79434-BA0A-4A48-A451-70F19B4A4925}]

  O2 - BHO: Video DivX 3.12 - {B6F7666D-887D-45D9-BD0F-9D4CC771A63D} - C:\Windows\System32\sysdivx.dll
  [-HKEY_CLASSES_ROOT\AppID\{B6F7666D-887D-45D9-BD0F-9D4CC771A63D}]
  [-HKEY_CLASSES_ROOT\CLSID\{B6F7666D-887D-45D9-BD0F-9D4CC771A63D}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{B6F7666D-887D-45D9-BD0F-9D4CC771A63D}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B6F7666D-887D-45D9-BD0F-9D4CC771A63D}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B6F7666D-887D-45D9-BD0F-9D4CC771A63D}]

  O2 - BHO: Video On-line - {065B1210-E57F-41AD-90C5-F70D63388640} - C:\WINDOWS\system32\PowerVideo.dll
  [-HKEY_CLASSES_ROOT\AppID\{065B1210-E57F-41AD-90C5-F70D63388640}]
  [-HKEY_CLASSES_ROOT\CLSID\{065B1210-E57F-41AD-90C5-F70D63388640}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{065B1210-E57F-41AD-90C5-F70D63388640}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{065B1210-E57F-41AD-90C5-F70D63388640}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{065B1210-E57F-41AD-90C5-F70D63388640}]

  O2 - BHO: Video On-line - {7E4C5F57-FF13-4006-A5F6-BE97D9CD6261} - C:\WINDOWS\system32\PowerVideo.dll
  [-HKEY_CLASSES_ROOT\AppID\{7E4C5F57-FF13-4006-A5F6-BE97D9CD6261}]
  [-HKEY_CLASSES_ROOT\CLSID\{7E4C5F57-FF13-4006-A5F6-BE97D9CD6261}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7E4C5F57-FF13-4006-A5F6-BE97D9CD6261}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7E4C5F57-FF13-4006-A5F6-BE97D9CD6261}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E4C5F57-FF13-4006-A5F6-BE97D9CD6261}]

  O2 - BHO: Video On-line - {A9A82440-64E7-4177-86AE-B58DEE731AF3} - C:\Windows\System32\PowerVideo.dll
  [-HKEY_CLASSES_ROOT\AppID\{A9A82440-64E7-4177-86AE-B58DEE731AF3}]
  [-HKEY_CLASSES_ROOT\CLSID\{A9A82440-64E7-4177-86AE-B58DEE731AF3}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{A9A82440-64E7-4177-86AE-B58DEE731AF3}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A9A82440-64E7-4177-86AE-B58DEE731AF3}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A9A82440-64E7-4177-86AE-B58DEE731AF3}]

Version 0.35
  O2 - BHO: Video - {4AB15165-917A-4AE4-AE42-7FF13F61805B} - C:\WINDOWS\windivx.dll
  [-HKEY_CLASSES_ROOT\AppID\{4AB15165-917A-4AE4-AE42-7FF13F61805B}]
  [-HKEY_CLASSES_ROOT\CLSID\{4AB15165-917A-4AE4-AE42-7FF13F61805B}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{4AB15165-917A-4AE4-AE42-7FF13F61805B}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{4AB15165-917A-4AE4-AE42-7FF13F61805B}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4AB15165-917A-4AE4-AE42-7FF13F61805B}]

  O2 - BHO: Video - {F5E81149-92B2-47D2-A12B-1B966AB46EA7} - C:\WINDOWS\windivx.dll
  [-HKEY_CLASSES_ROOT\AppID\{F5E81149-92B2-47D2-A12B-1B966AB46EA7}]
  [-HKEY_CLASSES_ROOT\CLSID\{F5E81149-92B2-47D2-A12B-1B966AB46EA7}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F5E81149-92B2-47D2-A12B-1B966AB46EA7}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F5E81149-92B2-47D2-A12B-1B966AB46EA7}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5E81149-92B2-47D2-A12B-1B966AB46EA7}]

[2007-12-11]
Version 0.34
  O2 - BHO: Video - {BC462E4B-C520-4CA9-B1EC-A7DD36FD6D0A} - C:\WINDOWS\windivx.dll
  [-HKEY_CLASSES_ROOT\AppID\{BC462E4B-C520-4CA9-B1EC-A7DD36FD6D0A}]
  [-HKEY_CLASSES_ROOT\CLSID\{BC462E4B-C520-4CA9-B1EC-A7DD36FD6D0A}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{BC462E4B-C520-4CA9-B1EC-A7DD36FD6D0A}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BC462E4B-C520-4CA9-B1EC-A7DD36FD6D0A}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BC462E4B-C520-4CA9-B1EC-A7DD36FD6D0A}]

[2007-12-10]
Version 0.33
  O2 - BHO: Video - {632F6863-1E54-49FC-A72F-BDEE592EAD52} - C:\WINDOWS\windivx.dll
  [-HKEY_CLASSES_ROOT\AppID\{632F6863-1E54-49FC-A72F-BDEE592EAD52}]
  [-HKEY_CLASSES_ROOT\CLSID\{632F6863-1E54-49FC-A72F-BDEE592EAD52}]
  [-HKEY_CLASSES_ROOT\Interface\{37FB07D0-16B8-4975-A848-1DB62FEE0048}]
  [-HKEY_CLASSES_ROOT\TypeLib\{76BFB9CF-A8AB-4826-B2AB-02E04A202C73}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{632F6863-1E54-49FC-A72F-BDEE592EAD52}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{632F6863-1E54-49FC-A72F-BDEE592EAD52}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{37FB07D0-16B8-4975-A848-1DB62FEE0048}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{76BFB9CF-A8AB-4826-B2AB-02E04A202C73}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{632F6863-1E54-49FC-A72F-BDEE592EAD52}]

[2007-12-09]
Version 0.32
  O2 - BHO: Video - {D0995F82-90C7-4C78-9B4C-C1700FB8B120} - C:\WINDOWS\windivx.dll
  [-HKEY_CLASSES_ROOT\windivx.Video]
  [-HKEY_CLASSES_ROOT\AppID\windivx.dll]
  [-HKEY_CLASSES_ROOT\AppID\{D0995F82-90C7-4C78-9B4C-C1700FB8B120}]
  [-HKEY_CLASSES_ROOT\CLSID\{D0995F82-90C7-4C78-9B4C-C1700FB8B120}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\windivx.Video]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\windivx.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D0995F82-90C7-4C78-9B4C-C1700FB8B120}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D0995F82-90C7-4C78-9B4C-C1700FB8B120}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0995F82-90C7-4C78-9B4C-C1700FB8B120}]
  Unregisters and Deletes windivx.dll

[2007-12-08]
Version 0.31
  O2 - BHO: Video - {02788C74-8A3E-455D-9820-59784297DF96} - C:\WINDOWS\stream32a.dll
  [-HKEY_CLASSES_ROOT\AppID\{02788C74-8A3E-455D-9820-59784297DF96}]
  [-HKEY_CLASSES_ROOT\CLSID\{02788C74-8A3E-455D-9820-59784297DF96}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{02788C74-8A3E-455D-9820-59784297DF96}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02788C74-8A3E-455D-9820-59784297DF96}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02788C74-8A3E-455D-9820-59784297DF96}]
  
  O2 - BHO: System DivX4 - {0459F04A-F7CC-4F98-B66E-E19690702AE4} - C:\WINDOWS\system32\sysvideo32.dll
  [-HKEY_CLASSES_ROOT\APPID\{0459F04A-F7CC-4F98-B66E-E19690702AE4}]
  [-HKEY_CLASSES_ROOT\CLSID\{0459F04A-F7CC-4F98-B66E-E19690702AE4}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\APPID\{0459F04A-F7CC-4F98-B66E-E19690702AE4}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0459F04A-F7CC-4F98-B66E-E19690702AE4}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0459F04A-F7CC-4F98-B66E-E19690702AE4}]

[2007-12-07]
Version 0.30
  Now being distributed as a Self-extracting archive.

  O2 - BHO: Video - {6430CCA7-032A-4EB0-BCFF-838998E73EF5} - C:\WINDOWS\stream32a.dll
  [-HKEY_CLASSES_ROOT\AppID\{6430CCA7-032A-4EB0-BCFF-838998E73EF5}]
  [-HKEY_CLASSES_ROOT\CLSID\{6430CCA7-032A-4EB0-BCFF-838998E73EF5}]
  [-HKEY_CLASSES_ROOT\Interface\{18D23D68-9E03-4FF0-8035-C6184C8784EF}]
  [-HKEY_CLASSES_ROOT\TypeLib\{60B18D81-366A-4156-83B9-CF310ED9A8B7}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{6430CCA7-032A-4EB0-BCFF-838998E73EF5}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6430CCA7-032A-4EB0-BCFF-838998E73EF5}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{18D23D68-9E03-4FF0-8035-C6184C8784EF}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{60B18D81-366A-4156-83B9-CF310ED9A8B7}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6430CCA7-032A-4EB0-BCFF-838998E73EF5}]

Version 0.29
  Removed Vista OS check
  No longer Disables/Enables UAC for Vista.  This part is buggy.  Will put back at a latter date.
  Now kills all copies of Internet Explorer that are running
  
  O2 - BHO: System DivX4 - {2FA3B736-1AC7-454D-8E94-8BA8158BF064} - C:\WINDOWS\system32\sysvideo32.dll
  [-HKEY_CLASSES_ROOT\AppID\sysvideo32.dll]
  [-HKEY_CLASSES_ROOT\AppID\{2FA3B736-1AC7-454D-8E94-8BA8158BF064}]
  [-HKEY_CLASSES_ROOT\CLSID\{2FA3B736-1AC7-454D-8E94-8BA8158BF064}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\sysvideo32.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{2FA3B736-1AC7-454D-8E94-8BA8158BF064}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2FA3B736-1AC7-454D-8E94-8BA8158BF064}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2FA3B736-1AC7-454D-8E94-8BA8158BF064}]
  Unregisters and Deletes sysvideo32.dll

  O2 - BHO: System DivX4 - {71314E7C-1713-49FA-90F2-54D275023981} - C:\WINDOWS\system32\sysvideo32.dll
  [-HKEY_CLASSES_ROOT\AppID\{71314E7C-1713-49FA-90F2-54D275023981}]
  [-HKEY_CLASSES_ROOT\CLSID\{71314E7C-1713-49FA-90F2-54D275023981}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{71314E7C-1713-49FA-90F2-54D275023981}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{71314E7C-1713-49FA-90F2-54D275023981}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{71314E7C-1713-49FA-90F2-54D275023981}]

  O2 - BHO: Video - {15FEB658-AACC-412E-BC13-D54CFD74A8F6} - C:\WINDOWS\stream32a.dll
  [-HKEY_CLASSES_ROOT\stream32a.Video]
  [-HKEY_CLASSES_ROOT\AppID\stream32a.dll]
  [-HKEY_CLASSES_ROOT\AppID\{15FEB658-AACC-412E-BC13-D54CFD74A8F6}]
  [-HKEY_CLASSES_ROOT\CLSID\{15FEB658-AACC-412E-BC13-D54CFD74A8F6}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\stream32a.Video]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\stream32a.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{15FEB658-AACC-412E-BC13-D54CFD74A8F6}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{15FEB658-AACC-412E-BC13-D54CFD74A8F6}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{15FEB658-AACC-412E-BC13-D54CFD74A8F6}]
  Unregisters and Deletes stream32a.Video

[2007-12-05]
Version 0.28
  O2 - BHO: Video DivX 3.12 - {DA927154-CC3A-41A7-9246-CE35FE2E6477} - C:\WINDOWS\system32\sysdivx.dll
  [-HKEY_CLASSES_ROOT\AppID\{DA927154-CC3A-41A7-9246-CE35FE2E6477}]
  [-HKEY_CLASSES_ROOT\CLSID\{DA927154-CC3A-41A7-9246-CE35FE2E6477}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{DA927154-CC3A-41A7-9246-CE35FE2E6477}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{DA927154-CC3A-41A7-9246-CE35FE2E6477}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DA927154-CC3A-41A7-9246-CE35FE2E6477}]
  
[2007-12-04]
Version 0.27
  O2 - BHO: Video DivX 3.12 - {A6D91DAC-AF0D-4DC0-99A8-D7DD836FA34D} - C:\WINDOWS\system32\sysdivx.dll
  [-HKEY_CLASSES_ROOT\AppID\{A6D91DAC-AF0D-4DC0-99A8-D7DD836FA34D}]
  [-HKEY_CLASSES_ROOT\CLSID\{A6D91DAC-AF0D-4DC0-99A8-D7DD836FA34D}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{A6D91DAC-AF0D-4DC0-99A8-D7DD836FA34D}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{A6D91DAC-AF0D-4DC0-99A8-D7DD836FA34D}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6D91DAC-AF0D-4DC0-99A8-D7DD836FA34D}]
  
Version 0.26
  [-HKEY_CURRENT_USER\Software\AntiSpy-Pro]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiSpy Pro]
  Deletes %ProgramFiles%\AntiSpyPro
  Deletes %userprofile%\Desktop\AntiSpy Pro 2.4.lnk
  Deletes %userprofile%\Start Menu\Programs\AntiSpy Pro 2.4.lnk
  Deletes %ProgramFiles%\AntiSpyPro\antispypro.db1
  Deletes %ProgramFiles%\AntiSpyPro\antispypro.db2
  Deletes %ProgramFiles%\AntiSpyPro\antispypro.db3
  Deletes %ProgramFiles%\AntiSpyPro\antispypro.db4
  Deletes %ProgramFiles%\AntiSpyPro\antispypro.db5
  Deletes %ProgramFiles%\AntiSpyPro\AntiSpyPro.exe
  Deletes %ProgramFiles%\AntiSpyPro\Uninstall.exe
  Deletes %WinDir%\Prefetch\ANTISPYPRO.EXE-*.pf
  Deletes %WinDir%\Prefetch\ANTISPYPRO-SETUP.EXE*.pf

Version 0.25
  O2 - BHO: Video DivX 3.12 - {17D562A6-DA3D-4F87-B659-86CD06473AB5} - C:\WINDOWS\system32\sysdivx.dll
  [-HKEY_CLASSES_ROOT\AppID\{17D562A6-DA3D-4F87-B659-86CD06473AB5}]
  [-HKEY_CLASSES_ROOT\CLSID\{17D562A6-DA3D-4F87-B659-86CD06473AB5}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{317D562A6-DA3D-4F87-B659-86CD06473AB5}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{17D562A6-DA3D-4F87-B659-86CD06473AB5}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{17D562A6-DA3D-4F87-B659-86CD06473AB5}]

[2007-12-03]
Version 0.24
  Eliminated SET path variable.
  Changed PROCESS -k iedefender.exe > garbage.txt to "%userprofile%\Desktop\FixIEDef\PROCESS" -k iedefender.exe >> "%userprofile%\Desktop\FixIEDef\garbage.txt"
  Kills Explorer.exe during the fix
  O2 - BHO: Video DivX 3.12 - {36490B2D-77CC-4CC2-B6A6-8A16EC550DAB} - C:\WINDOWS\system32\sysdivx.dll
  [-HKEY_CLASSES_ROOT\AppID\{36490B2D-77CC-4CC2-B6A6-8A16EC550DAB}]
  [-HKEY_CLASSES_ROOT\CLSID\{36490B2D-77CC-4CC2-B6A6-8A16EC550DAB}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{36490B2D-77CC-4CC2-B6A6-8A16EC550DAB}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{36490B2D-77CC-4CC2-B6A6-8A16EC550DAB}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{36490B2D-77CC-4CC2-B6A6-8A16EC550DAB}]
  
[2007-12-01]
Version 0.23
  No longer redirects output to NUL.  Now redirects out put to garbage.txt in the FixIEDef folder.

Version 0.22
  Set PATH variable to correct issues with running executables from current directory

Version 0.21
  If OS is Vista script disables UAC at start and reeanbles UAC before exiting

Version 0.20
  O2 - BHO: Video DivX 3.12 - {09D72564-27E2-4F12-8AB6-03F83E4567DE} - C:\WINDOWS\system32\sysdivx.dll
  [-HKEY_CLASSES_ROOT\AppID\{09D72564-27E2-4F12-8AB6-03F83E4567DE}]
  [-HKEY_CLASSES_ROOT\CLSID\{09D72564-27E2-4F12-8AB6-03F83E4567DE}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{09D72564-27E2-4F12-8AB6-03F83E4567DE}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{09D72564-27E2-4F12-8AB6-03F83E4567DE}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{09D72564-27E2-4F12-8AB6-03F83E4567DE}]

Version 0.19
  First attempts to unregister dll with regsvr32 /u /s some.dll then attempts regsvr32 /u /s {DLLPATH}/some.dll
  Changes to the way FixIEDef handles deletion of DLLs.  First renames the dll, then changes file attributes, and then deletes the dll.
  O2 - BHO: Video DivX 3.12 - {7A23A1E8-B2AB-4C50-AD12-9E19B747E17C} - C:\WINDOWS\system32\sysdivx.dll
  [-HKEY_CLASSES_ROOT\AppID\{7A23A1E8-B2AB-4C50-AD12-9E19B747E17C}]
  [-HKEY_CLASSES_ROOT\CLSID\{7A23A1E8-B2AB-4C50-AD12-9E19B747E17C}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{7A23A1E8-B2AB-4C50-AD12-9E19B747E17C}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7A23A1E8-B2AB-4C50-AD12-9E19B747E17C}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7A23A1E8-B2AB-4C50-AD12-9E19B747E17C}]

[2007-11-28]
Version 0.18
  O2 - BHO: Video On-line - {BD907325-42B2-4077-BA63-F636B627C998} - C:\Windows\System32\PowerVideo.dll
  [-HKEY_CLASSES_ROOT\AppID\{BD907325-42B2-4077-BA63-F636B627C998}]
  [-HKEY_CLASSES_ROOT\CLSID\{BD907325-42B2-4077-BA63-F636B627C998}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{BD907325-42B2-4077-BA63-F636B627C998}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{BD907325-42B2-4077-BA63-F636B627C998}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BD907325-42B2-4077-BA63-F636B627C998}]

Version 0.17
  O2 - BHO: Video DivX 3.12 - {F02B8C83-C817-4EA2-A499-29257DA0373A} - C:\WINDOWS\system32\sysdivx.dll
  [-HKEY_CLASSES_ROOT\sysdivx.Video]
  [-HKEY_CLASSES_ROOT\AppID\sysdivx.dll]
  [-HKEY_CLASSES_ROOT\AppID\{F02B8C83-C817-4EA2-A499-29257DA0373A}]
  [-HKEY_CLASSES_ROOT\CLSID\{F02B8C83-C817-4EA2-A499-29257DA0373A}]
  [-HKEY_CLASSES_ROOT\Interface\{609F107D-88EE-4D19-B56F-6C21A3E9DC1F}]
  [-HKEY_CLASSES_ROOT\TypeLib\{F94E2B67-3D7A-4F94-AF35-5BBEDAAD3AC4}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\sysdivx.Video]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\sysdivx.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{F02B8C83-C817-4EA2-A499-29257DA0373A}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F02B8C83-C817-4EA2-A499-29257DA0373A}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{609F107D-88EE-4D19-B56F-6C21A3E9DC1F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{F94E2B67-3D7A-4F94-AF35-5BBEDAAD3AC4}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F02B8C83-C817-4EA2-A499-29257DA0373A}]
  Unregisters sysdivx.dll
  Deletes %WinDir%\sysdivx.dll
  Deletes %WinDir%\sysdivx.dll.bak

[2007-11-25]
Version 0.16
  O2 - BHO: Video On-line - {323301C5-CB6B-490C-B59F-E7FAD4D69C93} - C:\WINDOWS\system32\PowerVideo.dll
  [-HKEY_CLASSES_ROOT\AppID\{323301C5-CB6B-490C-B59F-E7FAD4D69C93}]
  [-HKEY_CLASSES_ROOT\CLSID\{323301C5-CB6B-490C-B59F-E7FAD4D69C93}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{323301C5-CB6B-490C-B59F-E7FAD4D69C93}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{323301C5-CB6B-490C-B59F-E7FAD4D69C93}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{323301C5-CB6B-490C-B59F-E7FAD4D69C93}]

[2007-11-24]
Version 0.15
  O2 - BHO: Video On-line - {032706C0-EB72-4DF0-ABF6-B89958D2A6CC} - C:\WINDOWS\system32\PowerVideo.dll
  [-HKEY_CLASSES_ROOT\AppID\{032706C0-EB72-4DF0-ABF6-B89958D2A6CC}]
  [-HKEY_CLASSES_ROOT\CLSID\{032706C0-EB72-4DF0-ABF6-B89958D2A6CC}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{032706C0-EB72-4DF0-ABF6-B89958D2A6CC}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{032706C0-EB72-4DF0-ABF6-B89958D2A6CC}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{032706C0-EB72-4DF0-ABF6-B89958D2A6CC}]
  
  O2 - BHO: Video On-line - {66D69CC1-5373-4730-AB8E-24D2AB7FF95F} - C:\WINDOWS\system32\PowerVideo.dll
  [-HKEY_CLASSES_ROOT\AppID\{66D69CC1-5373-4730-AB8E-24D2AB7FF95F}]
  [-HKEY_CLASSES_ROOT\CLSID\{66D69CC1-5373-4730-AB8E-24D2AB7FF95F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{66D69CC1-5373-4730-AB8E-24D2AB7FF95F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{66D69CC1-5373-4730-AB8E-24D2AB7FF95F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{66D69CC1-5373-4730-AB8E-24D2AB7FF95F}]

[2007-11-17]
Version 0.14
  %WinDir%\system32\PowerVideo.dll
  %WinDir%\system32\PowerVideo.dll.bak
  [-HKEY_CLASSES_ROOT\PowerVideo.Video]
  [-HKEY_CLASSES_ROOT\AppID\PowerVideo.dll]
  [-HKEY_CLASSES_ROOT\AppID\{741403DD-46A4-4D58-8FA7-427335C3BBF6}]
  [-HKEY_CLASSES_ROOT\CLSID\{741403DD-46A4-4D58-8FA7-427335C3BBF6}]
  [-HKEY_CLASSES_ROOT\Interface\{F627A939-3F63-42E2-B77B-F733CB2439C9}]
  [-HKEY_CLASSES_ROOT\TypeLib\{FADC335E-6A47-47EF-97B8-704C72D1E725}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Clock2]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PowerVideo.Video]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\PowerVideo.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{741403DD-46A4-4D58-8FA7-427335C3BBF6}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{741403DD-46A4-4D58-8FA7-427335C3BBF6}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{F627A939-3F63-42E2-B77B-F733CB2439C9}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{FADC335E-6A47-47EF-97B8-704C72D1E725}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{741403DD-46A4-4D58-8FA7-427335C3BBF6}]

[2007-11-15]
Version 0.13
  [-HKEY_CURRENT_USER\Software\Microsoft\ClockAdv]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\DateTime]

[2007-11-14]
Version 0.12
  [-HKEY_CLASSES_ROOT\AppID\{5DE176A4-B5FF-4D50-B084-E047526B8E97}]
  [-HKEY_CLASSES_ROOT\CLSID\{5DE176A4-B5FF-4D50-B084-E047526B8E97}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{5DE176A4-B5FF-4D50-B084-E047526B8E97}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5DE176A4-B5FF-4D50-B084-E047526B8E97}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5DE176A4-B5FF-4D50-B084-E047526B8E97}]

[2007-11-11]
Version 0.11
  Ungregisters and Deletes alisj.dll

[2007-11-08]
Version 0.10
  O2 - BHO: Mp3 Video - {9A1EF21C-B0D4-4EB0-894F-CBAE2F4D0A82} - C:\WINDOWS\system32\mp3avi.dll
  [-HKEY_CLASSES_ROOT\AppID\{9A1EF21C-B0D4-4EB0-894F-CBAE2F4D0A82}]
  [-HKEY_CLASSES_ROOT\CLSID\{9A1EF21C-B0D4-4EB0-894F-CBAE2F4D0A82}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{9A1EF21C-B0D4-4EB0-894F-CBAE2F4D0A82}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9A1EF21C-B0D4-4EB0-894F-CBAE2F4D0A82}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9A1EF21C-B0D4-4EB0-894F-CBAE2F4D0A82}]

Version 0.9
  O2 - BHO: Mp3 Video - {6FFE49B7-F475-4EAB-8E80-E5D74C4E8D5F} - C:\WINDOWS\system32\VideoMP3.dll
  [-HKEY_CLASSES_ROOT\AppID\{6FFE49B7-F475-4EAB-8E80-E5D74C4E8D5F}]
  [-HKEY_CLASSES_ROOT\CLSID\{6FFE49B7-F475-4EAB-8E80-E5D74C4E8D5F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{6FFE49B7-F475-4EAB-8E80-E5D74C4E8D5F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{6FFE49B7-F475-4EAB-8E80-E5D74C4E8D5F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6FFE49B7-F475-4EAB-8E80-E5D74C4E8D5F}]

Version 0.8
  O2 - BHO: Mp3 Video - {2B659BB5-3E85-4BC6-BAFC-98FEDFF3AE99} - C:\WINDOWS\system32\VideoMP3.dll
  %WinDir%\system32\VideoMP3.dll
  %WinDir%\system32\VideoMP3.dll.bak
  [-HKEY_CLASSES_ROOT\VideoMP3.MP3]
  [-HKEY_CLASSES_ROOT\AppID\VideoMP3.dll]
  [-HKEY_CLASSES_ROOT\AppID\{2B659BB5-3E85-4BC6-BAFC-98FEDFF3AE99}]
  [-HKEY_CLASSES_ROOT\CLSID\{2B659BB5-3E85-4BC6-BAFC-98FEDFF3AE99}]
  [-HKEY_CLASSES_ROOT\Interface\{64130BE8-2B67-4A65-9CA5-1CC6948C1471}]
  [-HKEY_CLASSES_ROOT\TypeLib\{4E54D728-1FA3-4125-B468-C8B43C123E65}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoMP3.MP3]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\VideoMP3.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{2B659BB5-3E85-4BC6-BAFC-98FEDFF3AE99}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2B659BB5-3E85-4BC6-BAFC-98FEDFF3AE99}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{64130BE8-2B67-4A65-9CA5-1CC6948C1471}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{4E54D728-1FA3-4125-B468-C8B43C123E65}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2B659BB5-3E85-4BC6-BAFC-98FEDFF3AE99}]

[2007-11-06]
Version 0.7
  Using process.exe from BeyondLogic to kill running process.
  Using IF EXIST conditional logic to eliminate error messages

[2007-11-05]
Version 0.6
  Back to using PsKill.  EndProcess was not properly killing a running process.
  
Version 0.5
  Now uses endprocess instead of PsKill
  Unregisters and deletes C:\WINDOWS\system32\mp3avi.dll
  [-HKEY_CLASSES_ROOT\mp3avi.MP3]
  [-HKEY_CLASSES_ROOT\AppID\mp3avi.dll]
  [-HKEY_CLASSES_ROOT\AppID\{D4FD35A3-101C-4FAA-A9CA-E8C9461C3CEF}]
  [-HKEY_CLASSES_ROOT\CLSID\{D4FD35A3-101C-4FAA-A9CA-E8C9461C3CEF}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4FD35A3-101C-4FAA-A9CA-E8C9461C3CEF}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\mp3avi.MP3]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\mp3avi.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{D4FD35A3-101C-4FAA-A9CA-E8C9461C3CEF}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4FD35A3-101C-4FAA-A9CA-E8C9461C3CEF}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4FD35A3-101C-4FAA-A9CA-E8C9461C3CEF}]

[2007-11-04]
Version 0.4
  Unregisters and deletes C:\WINDOWS\system32\aDivX.dll
  [-HKEY_CLASSES_ROOT\aDivX.AlphaDivX]
  [-HKEY_CLASSES_ROOT\AppID\aDivX.dll]
  [-HKEY_CLASSES_ROOT\AppID\{3B236BEE-8200-421D-919D-CA17D5739D8F}]
  [-HKEY_CLASSES_ROOT\CLSID\{3B236BEE-8200-421D-919D-CA17D5739D8F}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3B236BEE-8200-421D-919D-CA17D5739D8F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{3B236BEE-8200-421D-919D-CA17D5739D8F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\aDivX.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3B236BEE-8200-421D-919D-CA17D5739D8F}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\aDivX.AlphaDivX]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3B236BEE-8200-421D-919D-CA17D5739D8F}]

[2007-11-04]
Version 0.3
  Removes IE Defender v2.3
  Unregisters and deletes C:\WINDOWS\system32\a3gpcodec.dll
  [-HKEY_CLASSES_ROOT\a3gpcodec.a3GP]
  [-HKEY_CLASSES_ROOT\AppID\a3gpcodec.dll]
  [-HKEY_CLASSES_ROOT\AppID\{5D67E2E7-0C2B-4491-87C4-37F2AC6033D2}]
  [-HKEY_CLASSES_ROOT\CLSID\{5D67E2E7-0C2B-4491-87C4-37F2AC6033D2}]
  [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5D67E2E7-0C2B-4491-87C4-37F2AC6033D2}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{5D67E2E7-0C2B-4491-87C4-37F2AC6033D2}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\a3gpcodec.dll]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5D67E2E7-0C2B-4491-87C4-37F2AC6033D2}]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\a3gpcodec.a3GP]
  [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5D67E2E7-0C2B-4491-87C4-37F2AC6033D2}]

[2007-11-03]
Version 0.2
  No longer removes the following
  AppID\{0EEDB911-C5FA-486F-8334-57288578C627}
  CLSID\{0EEDB911-C5FA-486F-8334-57288578C627}
  BHO\{0EEDB911-C5FA-486F-8334-57288578C627}

  These are legit entries for XunLei, a Chinese P2P application.