SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 02/24/2008 at 09:51 AM Application Version : 3.9.1008 Core Rules Database Version : 3408 Trace Rules Database Version: 1400 Scan type : Complete Scan Total Scan Time : 00:16:16 Memory items scanned : 223 Memory threats detected : 1 Registry items scanned : 3006 Registry threats detected : 242 File items scanned : 7888 File threats detected : 90 Adware.Vundo-Variant/PolyMorph-A C:\WINDOWS\SYSTEM32\KHFGDCY.DLL C:\WINDOWS\SYSTEM32\KHFGDCY.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA6C6CB6-676C-4DEA-9BDA-3BC4AB075F7C} HKCR\CLSID\{BA6C6CB6-676C-4DEA-9BDA-3BC4AB075F7C} HKCR\CLSID\{BA6C6CB6-676C-4DEA-9BDA-3BC4AB075F7C}\InprocServer32 HKCR\CLSID\{BA6C6CB6-676C-4DEA-9BDA-3BC4AB075F7C}\InprocServer32#ThreadingModel HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks#{BA6C6CB6-676C-4DEA-9BDA-3BC4AB075F7C} Software\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\khfgdcy C:\WINDOWS\SYSTEM32\FCCYVUS.DLL C:\WINDOWS\SYSTEM32\GEBCAYX.DLL Rogue.VirusHeat [VirusHeat 4.3] C:\PROGRAM FILES\VIRUSHEAT 4.3\VIRUSHEAT 4.3.EXE C:\PROGRAM FILES\VIRUSHEAT 4.3\VIRUSHEAT 4.3.EXE HKLM\Software\Microsoft\Windows\CurrentVersion\App Paths\VirusHeat 4.3.exe 4.3 HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1} HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\dXxRiioGo HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\InProcServer32 HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\InProcServer32#ThreadingModel HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\khpVztxffufg HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\rcilcJwogp HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\SkeUWTDx HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\stxOQ HKCR\CLSID\{E94EB13E-D78F-0857-7734-5E67A49FFFF1}\xzqiOq HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF} HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0 HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\0 HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\0\win32 HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\FLAGS HKCR\TypeLib\{CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF}\1.0\HELPDIR HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2} HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\ProxyStubClsid HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\ProxyStubClsid32 HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\TypeLib HKCR\Interface\{0EC085A8-9818-43B7-B975-EC7555EDA4D2}\TypeLib#Version HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE} HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\ProxyStubClsid HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\ProxyStubClsid32 HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\TypeLib HKCR\Interface\{1A74C41C-0837-4FBE-BA50-621EB70F01CE}\TypeLib#Version HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0} HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\ProxyStubClsid HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\ProxyStubClsid32 HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\TypeLib HKCR\Interface\{25297614-1B76-4C2C-82C6-62738AA0E8F0}\TypeLib#Version HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870} HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\ProxyStubClsid HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\ProxyStubClsid32 HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\TypeLib HKCR\Interface\{37F89457-1208-4670-9245-58C62BD6D870}\TypeLib#Version HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8} HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\ProxyStubClsid HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\ProxyStubClsid32 HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\TypeLib HKCR\Interface\{45477032-ABD0-454D-9CE4-EA34C10322F8}\TypeLib#Version HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246} HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\ProxyStubClsid HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\ProxyStubClsid32 HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\TypeLib HKCR\Interface\{69E34747-0B27-4B30-AE20-1023BF29E246}\TypeLib#Version HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7} HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\ProxyStubClsid HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\ProxyStubClsid32 HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\TypeLib HKCR\Interface\{79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7}\TypeLib#Version HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D} HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\ProxyStubClsid HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\ProxyStubClsid32 HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\TypeLib HKCR\Interface\{7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D}\TypeLib#Version HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4} HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\ProxyStubClsid HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\ProxyStubClsid32 HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\TypeLib HKCR\Interface\{7EBB34CF-1728-4136-A968-48F231DAD1B4}\TypeLib#Version HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E} HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\ProxyStubClsid HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\ProxyStubClsid32 HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\TypeLib HKCR\Interface\{88DAA291-B413-4C46-B378-3BE66F65369E}\TypeLib#Version HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C} HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\ProxyStubClsid HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\ProxyStubClsid32 HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\TypeLib HKCR\Interface\{936A2F4A-53F8-4D2F-92AA-2F9DE889841C}\TypeLib#Version HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6} HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\ProxyStubClsid HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\ProxyStubClsid32 HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\TypeLib HKCR\Interface\{AFCC3FA7-82A9-42D5-A405-78711E97A5D6}\TypeLib#Version HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF} HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\ProxyStubClsid HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\ProxyStubClsid32 HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\TypeLib HKCR\Interface\{CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF}\TypeLib#Version HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F} HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\ProxyStubClsid HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\ProxyStubClsid32 HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\TypeLib HKCR\Interface\{E80114AA-6653-4952-9E97-5F1DC63BEE0F}\TypeLib#Version HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9} HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\ProxyStubClsid HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\ProxyStubClsid32 HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\TypeLib HKCR\Interface\{F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9}\TypeLib#Version HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01} HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\ProxyStubClsid HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\ProxyStubClsid32 HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\TypeLib HKCR\Interface\{FCA3958A-8D38-4D14-8B81-CCD7F68A8A01}\TypeLib#Version HKLM\Software\VirusHeat 4.3 HKLM\Software\VirusHeat 4.3#refid HKLM\Software\VirusHeat 4.3#FirstStart HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusHeat 4.3 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusHeat 4.3#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusHeat 4.3#UninstallString HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusHeat 4.3#DisplayIcon HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusHeat 4.3#DisplayVersion HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusHeat 4.3#NSIS:StartMenuDir HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusHeat 4.3#URLInfoAbout HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VirusHeat 4.3#Publisher C:\Program Files\VirusHeat 4.3\blacklist.txt C:\Program Files\VirusHeat 4.3\Lang\English.ini C:\Program Files\VirusHeat 4.3\Lang C:\Program Files\VirusHeat 4.3\Logs C:\Program Files\VirusHeat 4.3\msvcp71.dll C:\Program Files\VirusHeat 4.3\msvcr71.dll C:\Program Files\VirusHeat 4.3\Quarantine C:\Program Files\VirusHeat 4.3\uninst.exe C:\Program Files\VirusHeat 4.3\vht.dat C:\Program Files\VirusHeat 4.3\VirusHeat 4.3.url C:\Program Files\VirusHeat 4.3 C:\Documents and Settings\Malekal_morte\Start Menu\Programs\VirusHeat 4.3\Uninstall VirusHeat 4.3.lnk C:\Documents and Settings\Malekal_morte\Start Menu\Programs\VirusHeat 4.3\VirusHeat 4.3 Website.lnk C:\Documents and Settings\Malekal_morte\Start Menu\Programs\VirusHeat 4.3\VirusHeat 4.3.lnk C:\Documents and Settings\Malekal_morte\Start Menu\Programs\VirusHeat 4.3 C:\DOCUMENTS AND SETTINGS\MALEKAL_MORTE\APPLICATION DATA\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\VIRUSHEAT 4.3.LNK C:\DOCUMENTS AND SETTINGS\MALEKAL_MORTE\DESKTOP\VIRUSHEAT 4.3.LNK C:\DOCUMENTS AND SETTINGS\MALEKAL_MORTE\START MENU\VIRUSHEAT 4.3.LNK C:\WINDOWS\Prefetch\VIRUSHEAT 4.3.EXE-0D8A249B.pf Unclassified.Unknown Origin HKLM\Software\Classes\CLSID\{10C52A42-DB8B-4ade-AA4A-CED6A8282B67} HKCR\CLSID\{10C52A42-DB8B-4ADE-AA4A-CED6A8282B67} HKCR\CLSID\{10C52A42-DB8B-4ADE-AA4A-CED6A8282B67} HKCR\CLSID\{10C52A42-DB8B-4ADE-AA4A-CED6A8282B67}\InprocServer32 HKCR\CLSID\{10C52A42-DB8B-4ADE-AA4A-CED6A8282B67}\InprocServer32#ThreadingModel HKCR\CLSID\{10C52A42-DB8B-4ADE-AA4A-CED6A8282B67}\ProgID HKCR\CLSID\{10C52A42-DB8B-4ADE-AA4A-CED6A8282B67}\Programmable HKCR\CLSID\{10C52A42-DB8B-4ADE-AA4A-CED6A8282B67}\TypeLib HKCR\CLSID\{10C52A42-DB8B-4ADE-AA4A-CED6A8282B67}\VersionIndependentProgID C:\PROGRAM FILES\SOTFONE\1203768605.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10C52A42-DB8B-4ade-AA4A-CED6A8282B67} Adware.SXGAdvisor HKLM\Software\Classes\CLSID\{9C0CE02F-81A9-4F38-9BF9-986909DC8E98} HKCR\CLSID\{9C0CE02F-81A9-4F38-9BF9-986909DC8E98} HKCR\CLSID\{9C0CE02F-81A9-4F38-9BF9-986909DC8E98} HKCR\CLSID\{9C0CE02F-81A9-4F38-9BF9-986909DC8E98}\InprocServer32 HKCR\CLSID\{9C0CE02F-81A9-4F38-9BF9-986909DC8E98}\InprocServer32#ThreadingModel HKCR\CLSID\{9C0CE02F-81A9-4F38-9BF9-986909DC8E98}\ProgID HKCR\CLSID\{9C0CE02F-81A9-4F38-9BF9-986909DC8E98}\Programmable HKCR\CLSID\{9C0CE02F-81A9-4F38-9BF9-986909DC8E98}\TypeLib HKCR\CLSID\{9C0CE02F-81A9-4F38-9BF9-986909DC8E98}\VersionIndependentProgID C:\WINDOWS\DGTXRDFQWL.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9C0CE02F-81A9-4F38-9BF9-986909DC8E98} Trojan.Smitfraud Variant HKLM\Software\Classes\CLSID\{ee9f7cf5-cd49-4cd8-8ba6-1514e7a5c22c} HKCR\CLSID\{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C} HKCR\CLSID\{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C}\InProcServer32 HKCR\CLSID\{EE9F7CF5-CD49-4CD8-8BA6-1514E7A5C22C}\InProcServer32#ThreadingModel C:\WINDOWS\SYSTEM32\WBCHHA.DLL HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler#{ee9f7cf5-cd49-4cd8-8ba6-1514e7a5c22c} Adware.E404 Helper/Variant-A HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3D76B96-30B9-4DCC-9B3D-D12E31280D29} HKCR\CLSID\{A3D76B96-30B9-4DCC-9B3D-D12E31280D29} HKCR\CLSID\{A3D76B96-30B9-4DCC-9B3D-D12E31280D29} HKCR\CLSID\{A3D76B96-30B9-4DCC-9B3D-D12E31280D29}\InprocServer32 HKCR\CLSID\{A3D76B96-30B9-4DCC-9B3D-D12E31280D29}\InprocServer32#ThreadingModel HKCR\CLSID\{A3D76B96-30B9-4DCC-9B3D-D12E31280D29}\ProgID HKCR\CLSID\{A3D76B96-30B9-4DCC-9B3D-D12E31280D29}\Programmable HKCR\CLSID\{A3D76B96-30B9-4DCC-9B3D-D12E31280D29}\TypeLib HKCR\CLSID\{A3D76B96-30B9-4DCC-9B3D-D12E31280D29}\VersionIndependentProgID C:\PROGRAM FILES\HELPER\1203768602.DLL Rogue.IEDefender/Component HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CAD36397-AF2B-4F5D-9172-1D3874222A23} HKCR\CLSID\{CAD36397-AF2B-4F5D-9172-1D3874222A23} HKCR\CLSID\{CAD36397-AF2B-4F5D-9172-1D3874222A23} HKCR\CLSID\{CAD36397-AF2B-4F5D-9172-1D3874222A23}#AppID HKCR\CLSID\{CAD36397-AF2B-4F5D-9172-1D3874222A23}#LocalizedString HKCR\CLSID\{CAD36397-AF2B-4F5D-9172-1D3874222A23}\Elevation HKCR\CLSID\{CAD36397-AF2B-4F5D-9172-1D3874222A23}\Elevation#Enabled HKCR\CLSID\{CAD36397-AF2B-4F5D-9172-1D3874222A23}\Implemented Categories HKCR\CLSID\{CAD36397-AF2B-4F5D-9172-1D3874222A23}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4} HKCR\CLSID\{CAD36397-AF2B-4F5D-9172-1D3874222A23}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4} HKCR\CLSID\{CAD36397-AF2B-4F5D-9172-1D3874222A23}\InprocServer32 HKCR\CLSID\{CAD36397-AF2B-4F5D-9172-1D3874222A23}\InprocServer32#ThreadingModel HKCR\CLSID\{CAD36397-AF2B-4F5D-9172-1D3874222A23}\ProgID HKCR\CLSID\{CAD36397-AF2B-4F5D-9172-1D3874222A23}\TypeLib HKCR\CLSID\{CAD36397-AF2B-4F5D-9172-1D3874222A23}\Version C:\WINDOWS\MSVIDC32.DLL Trojan.Unclassified/EGO HKLM\Software\Microsoft\Internet Explorer\Toolbar#{602D6156-C5E2-40D6-B1A2-9EE432DF156A} HKCR\CLSID\{602D6156-C5E2-40D6-B1A2-9EE432DF156A} HKCR\CLSID\{602D6156-C5E2-40D6-B1A2-9EE432DF156A} HKCR\CLSID\{602D6156-C5E2-40D6-B1A2-9EE432DF156A}\InprocServer32 HKCR\CLSID\{602D6156-C5E2-40D6-B1A2-9EE432DF156A}\InprocServer32#ThreadingModel HKCR\CLSID\{602D6156-C5E2-40D6-B1A2-9EE432DF156A}\ProgID HKCR\CLSID\{602D6156-C5E2-40D6-B1A2-9EE432DF156A}\Programmable HKCR\CLSID\{602D6156-C5E2-40D6-B1A2-9EE432DF156A}\TypeLib HKCR\CLSID\{602D6156-C5E2-40D6-B1A2-9EE432DF156A}\VersionIndependentProgID HKCR\ekvgsnw.1 HKCR\ekvgsnw HKCR\TypeLib\{22D73AD4-2677-4395-8F14-9787120C8DDC} HKCR\TypeLib\{22D73AD4-2677-4395-8F14-9787120C8DDC}\1.0 HKCR\TypeLib\{22D73AD4-2677-4395-8F14-9787120C8DDC}\1.0\0 HKCR\TypeLib\{22D73AD4-2677-4395-8F14-9787120C8DDC}\1.0\0\win32 HKCR\TypeLib\{22D73AD4-2677-4395-8F14-9787120C8DDC}\1.0\FLAGS HKCR\TypeLib\{22D73AD4-2677-4395-8F14-9787120C8DDC}\1.0\HELPDIR C:\WINDOWS\EKVGSNW.DLL Adware.Tracking Cookie C:\Documents and Settings\Malekal_morte\Cookies\malekal_morte@doubleclick[1].txt C:\Documents and Settings\Malekal_morte\Cookies\malekal_morte@atdmt[1].txt C:\Documents and Settings\Malekal_morte\Cookies\malekal_morte@zheltaya_hernya[2].txt C:\Documents and Settings\Malekal_morte\Cookies\malekal_morte@banner.cotedazurpalace[2].txt C:\Documents and Settings\Malekal_morte\Cookies\malekal_morte@xiti[1].txt C:\Documents and Settings\Malekal_morte\Cookies\malekal_morte@smartadserver[1].txt C:\Documents and Settings\Malekal_morte\Cookies\malekal_morte@protect.trustedantivirus[1].txt C:\Documents and Settings\Malekal_morte\Cookies\malekal_morte@bluestreak[2].txt C:\Documents and Settings\Malekal_morte\Cookies\malekal_morte@www.web-mediaplayer[1].txt Browser Hijacker.Internet Explorer Settings Hijack HKU\S-1-5-21-1214440339-1454471165-682003330-1003\Software\Microsoft\Internet Explorer\Main#Start Page [ http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2 ] Trojan.DNSChanger-Codec HKCR\CLSID\E404.e404mgr HKCR\CLSID\E404.e404mgr#UserId HKCR\SearchPorn HKCR\SearchPorn\CLSID HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchPorn HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchPorn#UninstallString HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchPorn#InstallLocation HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchPorn#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchPorn#DisplayIcon C:\Program Files\SearchPorn\Uninstall.exe C:\Program Files\SearchPorn C:\Documents and Settings\Malekal_morte\Start Menu\Programs\SearchPorn\Uninstall.lnk C:\Documents and Settings\Malekal_morte\Start Menu\Programs\SearchPorn Malware.SpyLocked HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Safety Alert#UninstallString Trojan.Net-MSV/VPS HKCR\MSVPS.MSVPSApp HKCR\MSVPS.MSVPSApp\CLSID HKCR\MSVPS.MSVPSApp\CurVer Desktop Hijacker.AboutYourPrivacy C:\Documents and Settings\Malekal_morte\Desktop\Error Cleaner.url C:\Documents and Settings\Malekal_morte\Desktop\Privacy Protector.url C:\Documents and Settings\Malekal_morte\Desktop\Spyware&Malware Protection.url C:\Documents and Settings\Malekal_morte\Favorites\Error Cleaner.url C:\Documents and Settings\Malekal_morte\Favorites\Privacy Protector.url C:\Documents and Settings\Malekal_morte\Favorites\Spyware&Malware Protection.url Trojan.Media-Codec/V4 HKCR\multimediaControls.chl HKCR\multimediaControls.chl\CLSID HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#ProductionEnvironment HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayName HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#Publisher HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#UninstallString HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayIcon HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MultiMedia Software#DisplayVersion Adware.E404 Helper/Hij HKCR\E404.e404mgr HKCR\E404.e404mgr\CLSID HKCR\E404.e404mgr\CurVer HKCR\E404.e404mgr.1 HKCR\E404.e404mgr.1\CLSID HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB} HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0 HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\0 HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\0\win32 HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\FLAGS HKCR\TypeLib\{E63648F7-3933-440E-B4F6-A8584DD7B7EB}\1.0\HELPDIR HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836} HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\ProxyStubClsid HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\ProxyStubClsid32 HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\TypeLib HKCR\Interface\{F7D09218-46D7-4D3D-9B7F-315204CD0836}\TypeLib#Version Trojan.Net-MU/Gen HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebVideo HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebVideo#uninstallString HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WebVideo#DisplayName Adware.E404 Helper C:\Program Files\SOTFONE Adware.E404 Helper/Tracker HKCR\Tracker.TrackerObj HKCR\Tracker.TrackerObj\CLSID HKCR\Tracker.TrackerObj\CurVer HKCR\Tracker.TrackerObj.1 HKCR\Tracker.TrackerObj.1\CLSID HKCR\CLSID\Tracker.TrackerObj HKCR\CLSID\Tracker.TrackerObj#UserId HKCR\TypeLib\{499B8A53-5949-4625-A8BF-A4D934AFC9DA} HKCR\TypeLib\{499B8A53-5949-4625-A8BF-A4D934AFC9DA}\1.0 HKCR\TypeLib\{499B8A53-5949-4625-A8BF-A4D934AFC9DA}\1.0\0 HKCR\TypeLib\{499B8A53-5949-4625-A8BF-A4D934AFC9DA}\1.0\0\win32 HKCR\TypeLib\{499B8A53-5949-4625-A8BF-A4D934AFC9DA}\1.0\FLAGS HKCR\TypeLib\{499B8A53-5949-4625-A8BF-A4D934AFC9DA}\1.0\HELPDIR HKCR\Interface\{E85F6AA5-7A0C-49A5-9E5E-936FED62347D} HKCR\Interface\{E85F6AA5-7A0C-49A5-9E5E-936FED62347D}\ProxyStubClsid HKCR\Interface\{E85F6AA5-7A0C-49A5-9E5E-936FED62347D}\ProxyStubClsid32 HKCR\Interface\{E85F6AA5-7A0C-49A5-9E5E-936FED62347D}\TypeLib HKCR\Interface\{E85F6AA5-7A0C-49A5-9E5E-936FED62347D}\TypeLib#Version Trojan.Unclassifed/LAF-Variant C:\DOCUMENTS AND SETTINGS\MALEKAL_MORTE\LOCAL SETTINGS\TEMP\LAF4.EXE Trojan.Downloader-Gen/Upd-NoEM C:\PROGRAM FILES\UPDATE3.EXE Trojan.Unclassified/K-Series C:\WINDOWS\SYSTEM32\KDNTS.EXE Trace.Known Threat Sources C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\S1IFKHAN\cut3[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\QRABCVWF\dbver[1].dat C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\62BZO4Z5\main_top2[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\62BZO4Z5\cut1_4[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\QRABCVWF\setup[1].exe C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\S1IFKHAN\03[1].swf C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\QRABCVWF\con1[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\S1IFKHAN\cut2[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\62BZO4Z5\cut2_2[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\CL2B4H67\cut1[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\QRABCVWF\shadow_bottom[1].png C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\QRABCVWF\bord_bttm[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\CL2B4H67\home_s[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\S1IFKHAN\down_n[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\62BZO4Z5\con2[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\62BZO4Z5\main_top[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\S1IFKHAN\load_bttn[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\62BZO4Z5\shadow_con_right[1].png C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\62BZO4Z5\spacer[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\62BZO4Z5\load_bg[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\QRABCVWF\load_pointer[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\CL2B4H67\cut2_4[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\62BZO4Z5\bord_lr2[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\CL2B4H67\load_txt[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\S1IFKHAN\load_img1[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\QRABCVWF\con4[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\S1IFKHAN\con3[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\S1IFKHAN\cut3_4[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\CL2B4H67\load_txt2[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\S1IFKHAN\cut4_4[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\QRABCVWF\cut4[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\QRABCVWF\cut3_2[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\CL2B4H67\load_txt3[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\QRABCVWF\buy_n[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\CL2B4H67\load_flash_bg[1].gif C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\CL2B4H67\shadow_con_left[1].png C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\CL2B4H67\main[1].htm C:\Documents and Settings\Malekal_morte\Local Settings\Temporary Internet Files\Content.IE5\62BZO4Z5\cut1_2[1].gif