Pop ups (RESOLVED)
-
Re: Pop ups
Pops Stop HKLM\SOFTWARE\PicShow\Sys##CfgVersion
Pops Stop HKLM\SOFTWARE\PicShow\Sys##LastReg
Pops Stop HKLM\SOFTWARE\PicShow\Sys##LastTPupT_61
Pops Stop HKLM\SOFTWARE\PicShow\Sys##LastTPupT
Pops Stop HKLM\SOFTWARE\PicShow\Sys##LastActT
Pops Stop HKLM\SOFTWARE\PicShow\Sys##CfgNMT
Pops Stop HKLM\SOFTWARE\PicShow\Sys##LastPupT
Pops Stop HKLM\SOFTWARE\PicShow\Sys##LastKwPT
Pops Stop HKLM\SOFTWARE\PicShow\Sys##LastTPupT_55
Pops Stop HKLM\SOFTWARE\PicShow\Sys##LastTPupT_37
Pops Stop HKLM\SOFTWARE\PicShow\Sys##LastTPupT_36
Pops Stop HKLM\SOFTWARE\PicShow\Sys##LastPunT
Pops Stop HKLM\SOFTWARE\PicShow\Sys##LastTPupT_47
Pops Stop HKLM\SOFTWARE\PicShow\Sys##LastTPupT_48
Pops Stop HKLM\SOFTWARE\PicShow\U
Pops Stop HKLM\SOFTWARE\PicShow\U##
Pops Stop HKLM\SOFTWARE\PicShow\U##LRunT
Pops Stop HKLM\SOFTWARE\PicShow\U\ABI941
Pops Stop HKLM\SOFTWARE\PicShow\U\ABI941##
Pops Stop HKLM\SOFTWARE\PicShow\U\ABI941##Version
Pops Stop HKLM\SOFTWARE\PicShow\U\RMGVDX
Pops Stop HKLM\SOFTWARE\PicShow\U\RMGVDX##
Pops Stop HKLM\SOFTWARE\PicShow\U\RMGVDX##Version
Pops Stop HKLM\SOFTWARE\PicShow\U\RMGVSX
Pops Stop HKLM\SOFTWARE\PicShow\U\RMGVSX##
Pops Stop HKLM\SOFTWARE\PicShow\U\RMGVSX##Version
Pops Stop HKLM\SOFTWARE\PicShow\U\SAH
Pops Stop HKLM\SOFTWARE\PicShow\U\SAH##
Pops Stop HKLM\SOFTWARE\PicShow\U\SAH##Version
Pops Stop HKLM\SYSTEM\Services\SharedAccess\Parameters\Firew allPolicy\StandardProfile\AuthorizedApplications\L ist\pshwr.exe
Pops Stop HKLM\SYSTEM\Services\SharedAccess\Parameters\Firew allPolicy\StandardProfile\AuthorizedApplications\L ist\pshwr.exe##
Transponder.Bolger HKCU\Software\aurora
Transponder.Bolger HKCU\Software\aurora##
Transponder.Bolger HKCU\Software\aurora##AUC3n5trMsgSDisp
Transponder.Bolger HKCU\Software\aurora##AUL3a5stSSChckin
Transponder.Bolger HKCU\Software\aurora##AUL3a5stMotsSDay
Transponder.Bolger HKCU\Software\aurora##AUP3D5om
Transponder.Bolger HKCU\Software\aurora##AUB3D5om
Transponder.Bolger HKCU\Software\aurora##AUs3t5icky1S
Transponder.Bolger HKCU\Software\aurora##AUs3t5icky2S
Transponder.Bolger HKCU\Software\aurora##AUE3v5nt
Transponder.Bolger HKCU\Software\aurora##AUT3h5rshSBath
Transponder.Bolger HKCU\Software\aurora##AUT3h5rshSysSInf
Transponder.Bolger HKCU\Software\aurora##AUT3h5rshSCheckSIn
Transponder.Bolger HKCU\Software\aurora##AUT3h5rshSMots
Transponder.Bolger HKCU\Software\aurora##AUL3n5Title
Transponder.Bolger HKCU\Software\aurora##AU3N5a7tionSCode
Transponder.Bolger HKCU\Software\aurora##AUD3s5tSSEnd
Transponder.Bolger HKCU\Software\aurora##AUC3u5rrentSMode
Transponder.Bolger HKCU\Software\aurora##AUC3n5tFyl
Transponder.Bolger HKCU\Software\aurora##AUM3o5deSSync
Transponder.Bolger HKCU\Software\aurora##AUI3g5noreS
Transponder.Bolger HKCU\Software\aurora##AUs3t5icky3S
Transponder.Bolger HKCU\Software\aurora##AUs3t5icky4S
Transponder.Bolger HKCU\Software\aurora##AUC1o3d5eOfSFinalAd
Transponder.Bolger HKCU\Software\aurora##AUT3i5m7eOfSFinalAd
Transponder.Bolger HKCU\Software\aurora##AUI3d5OfSInst
Transponder.Bolger HKCU\Software\aurora##AUI3n5ProgSCab
Transponder.Bolger HKCU\Software\aurora##AUI3n5ProgSEx
Transponder.Bolger HKCU\Software\aurora##AUI3n5ProgSLstest
Transponder.Bolger HKCU\Software\aurora##AUS3t5atusOfSInst
Transponder.Bolger HKLM\SYSTEM\CurrentControlSet\Services\SvcProc
Transponder.Bolger HKLM\SYSTEM\CurrentControlSet\Services\SvcProc##
Transponder.Bolger HKLM\SYSTEM\CurrentControlSet\Services\SvcProc##Ty pe
Transponder.Bolger HKLM\SYSTEM\CurrentControlSet\Services\SvcProc##St art
Transponder.Bolger HKLM\SYSTEM\CurrentControlSet\Services\SvcProc##Er rorControl
Transponder.Bolger HKLM\SYSTEM\CurrentControlSet\Services\SvcProc##Im agePath
Transponder.Bolger HKLM\SYSTEM\CurrentControlSet\Services\SvcProc##Di splayName
Transponder.Bolger HKLM\SYSTEM\CurrentControlSet\Services\SvcProc##Ob jectName
Transponder.Bolger HKLM\SYSTEM\CurrentControlSet\Services\SvcProc\Sec urity
Transponder.Bolger HKLM\SYSTEM\CurrentControlSet\Services\SvcProc\Sec urity##
Transponder.Bolger HKLM\SYSTEM\CurrentControlSet\Services\SvcProc\Sec urity##Security
Transponder.Bolger HKLM\SYSTEM\CurrentControlSet\Services\SvcProc\Enu m
Transponder.Bolger HKLM\SYSTEM\CurrentControlSet\Services\SvcProc\Enu m##
Transponder.Bolger HKLM\SYSTEM\CurrentControlSet\Services\SvcProc\Enu m##0
Transponder.Bolger HKLM\SYSTEM\CurrentControlSet\Services\SvcProc\Enu m##Count
Transponder.Bolger HKLM\SYSTEM\CurrentControlSet\Services\SvcProc\Enu m##NextInstance
Transponder.Bolger HKLM\SYSTEM\CurrentControlSet\Control\Print\Monito rs\ZepMon
Transponder.Bolger HKLM\SYSTEM\CurrentControlSet\Control\Print\Monito rs\ZepMon##
Transponder.Bolger HKLM\SYSTEM\CurrentControlSet\Control\Print\Monito rs\ZepMon##Driver
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB}
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB}##
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB}\ProxyStubClsid
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB}\ProxyStubClsid##
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB}\ProxyStubClsid32
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB}\ProxyStubClsid32##
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB}\TypeLib
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB}\TypeLib##
WinFixer 2005 HKCR\Interface\{FC0FE3C3-3359-4CF5-A72D-7F361FA0ECEB}\TypeLib##Version
WinFixer 2005 HKCR\PCheck.PCheck
WinFixer 2005 HKCR\PCheck.PCheck##
WinFixer 2005 HKCR\PCheck.PCheck\CLSID
WinFixer 2005 HKCR\PCheck.PCheck\CLSID##
WinFixer 2005 HKCR\PCheck.PCheck\CurVer
WinFixer 2005 HKCR\PCheck.PCheck\CurVer##
WinFixer 2005 HKCR\PCheck.PCheck.1
WinFixer 2005 HKCR\PCheck.PCheck.1##
WinFixer 2005 HKCR\PCheck.PCheck.1\CLSID
WinFixer 2005 HKCR\PCheck.PCheck.1\CLSID##
-
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}##
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0##
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0\0
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0\0##
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0\0\win32
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0\0\win32##
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0\FLAGS
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0\FLAGS##
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0\HELPDIR
WinFixer 2005 HKCR\TypeLib\{3BFF2EF1-25BA-4342-A1E8-EC1E2CB9F22B}\1.0\HELPDIR##
Pops Stop HKCR\CLSID\{4487598C-2EC7-43A2-870E-6D8D720FDD9F}
Pops Stop HKCR\CLSID\{4487598C-2EC7-43A2-870E-6D8D720FDD9F}\InprocServer32
Pops Stop HKCR\CLSID\{4487598C-2EC7-43A2-870E-6D8D720FDD9F}\ProgID
Pops Stop HKCR\CLSID\{4487598C-2EC7-43A2-870E-6D8D720FDD9F}\Programmable
Pops Stop HKCR\CLSID\{4487598C-2EC7-43A2-870E-6D8D720FDD9F}\TypeLib
Pops Stop HKCR\CLSID\{4487598C-2EC7-43A2-870E-6D8D720FDD9F}\VersionIndependentProgID
Pops Stop HKLM\Software\Classes\CLSID\{4487598C-2EC7-43A2-870E-6D8D720FDD9F}
Pops Stop HKLM\Software\Classes\CLSID\{4487598C-2EC7-43A2-870E-6D8D720FDD9F}\InprocServer32
Pops Stop HKLM\Software\Classes\CLSID\{4487598C-2EC7-43A2-870E-6D8D720FDD9F}\ProgID
Pops Stop HKLM\Software\Classes\CLSID\{4487598C-2EC7-43A2-870E-6D8D720FDD9F}\Programmable
Pops Stop HKLM\Software\Classes\CLSID\{4487598C-2EC7-43A2-870E-6D8D720FDD9F}\TypeLib
Pops Stop HKLM\Software\Classes\CLSID\{4487598C-2EC7-43A2-870E-6D8D720FDD9F}\VersionIndependentProgID
Pops Stop HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Browser Helper Objects\{4487598C-2EC7-43A2-870E-6D8D720FDD9F}
Pops Stop HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{4487598C-2EC7-43A2-870E-6D8D720FDD9F}
Pops Stop HKCU\Software\Microsoft\Windows\CurrentVersion\Ext \Stats\{4487598C-2EC7-43A2-870E-6D8D720FDD9F}\iexplore
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\Implemented Categories
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\InprocServer32
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\ProgID
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\Programmable
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\TypeLib
WinFixer 2005 HKCR\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\VersionIndependentProgID
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\Implemented Categories
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\InprocServer32
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\ProgID
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\Programmable
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\TypeLib
WinFixer 2005 HKLM\Software\Classes\CLSID\{FD1A9E6B-05DA-4CA2-830D-654DA1DDBD9E}\VersionIndependentProgID
WinFixer 2005 C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\E9K1A1W5\index[3].htm
CasinoClient C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\VVVZFQ47\zx-tpa[1].htm
WinFixer 2005 C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\UJGVKTSF\functions.js[1].htm
Common Components for Transponders C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\MHMJUJ4D\parse.js[1].htm
Common Components for Transponders C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\WTG3QANF\metacafe_uk_ron_2005-10-20[1].htm
Common Components for Transponders C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\GXJ25RYL\SDI_Cydoor_UK_RON_720x3 00_2005-08_03[1].htm
Common Components for Transponders C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\E9K1A1W5\en[1].htm
WinFixer 2005 C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\VVVZFQ47\download2[1].htm
CasinoClient C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\UJGVKTSF\zx-popup[2].htm
WinFixer 2005 C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\WTG3QANF\index[2].htm
-
VX2.Look2Me C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\I9SJONUN\popup[1].htm High
Common Components for Transponders C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\E9K1A1W5\en[2].htm High
CWS C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\K7KF23GJ\Clk[1].htm High
WinFixer 2005 C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\K7KF23GJ\checksoft[1].js Elevated
CasinoClient C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\VVVZFQ47\zx-config[2].htm High
VX2.Look2Me C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\E9K1A1W5\CAJ3BPYY.htm High
CasinoClient C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\A1K58PI5\zx-popup[1].htm High
CasinoClient C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\SJEE0DJM\zx-popup[1].htm High
WinFixer 2005 C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\UJGVKTSF\index[1].htm Elevated
VX2.Look2Me C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\ANOZE1M3\CAQY1JK8.htm High
Common Components for Transponders C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\MHMJUJ4D\btn1[1].gif High
WinFixer 2005 C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\GXJ25RYL\styles[1].css Elevated
WinFixer 2005 C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\VVVZFQ47\index[3].htm Elevated
WinFixer 2005 C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\K7KF23GJ\functions.js[1].htm Elevated
CasinoClient C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\6D25Y5GB\zx-popup[1].htm High
Common Components for Transponders C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\K7KF23GJ\btn2[1].gif High
Common Components for Transponders C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\SJEE0DJM\zanox_jamster_uk_kw_ron _008popupringtones_2005-09-19[1].htm High
Common Components for Transponders C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\SJEE0DJM\btn1_o[1].gif High
Common Components for Transponders C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\VVVZFQ47\logo[2].gif High
CasinoClient C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\UJGVKTSF\zx-popup[1].htm High
CasinoClient C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\6D25Y5GB\CAT4G7DX.htm High
CasinoClient C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\A1K58PI5\CA54EXXN.htm High
Common Components for Transponders C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\SJEE0DJM\more[1].gif High
Common Components for Transponders C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\A1K58PI5\en[2].htm High
Common Components for Transponders C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\I9SJONUN\jamster2-2005-07-12[1].htm High
WinFixer 2005 C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\WTG3QANF\functions.js[1].htm Elevated
Known Bad Sites C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\I9SJONUN\ukemergency[1].gif High
Known Bad Sites C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\I9SJONUN\PRServe[1].htm High
Known Bad Sites C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\E9K1A1W5\pointroll_final[1].swf High
Common Components for Transponders C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\ANOZE1M3\Copy_SDI_Cydoor_UK_RON_ 720x300_2005-08_03[1].htm High
Known Bad Sites C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\MHMJUJ4D\1351[1].swf High
CasinoClient C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\GXJ25RYL\zx-popup[1].htm High
Known Bad Sites C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\A1K58PI5\PRServe[1].htm High
Known Bad Sites C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\E9K1A1W5\trans[1].gif High
Known Bad Sites C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\UJGVKTSF\pc[1].htm High
Known Bad Sites C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\ANOZE1M3\v4flash[1].js High
Common Components for Transponders C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\6D25Y5GB\SDI_Cydoor_UK_RON_720x3 00_2005-08_03[2].htm High
CasinoClient C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\E9K1A1W5\zx-popup[1].htm High
VX2.Look2Me C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\A1K58PI5\cpxTracker[1].gif High
Common Components for Transponders C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\E9K1A1W5\more_o[2].gif High
Common Components for Transponders C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\SJEE0DJM\btn2_o[1].gif High
VX2.Look2Me C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\K7KF23GJ\cpxTracker[1].gif High
Known Bad Sites C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\SJEE0DJM\media82055[1].gif High
Common Components for Transponders C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\A1K58PI5\Copy_SDI_Cydoor_UK_RON_ 720x300_2005-08_03[1].htm High
Common Components for Transponders C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\WTG3QANF\zanox_jamster_uk_kw_ron _008popupringtones_2005-09-19[1].htm High
VX2.Look2Me C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\GXJ25RYL\cpxTracker[1].gif High
WinFixer 2005 C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\UJGVKTSF\download2[1].htm Elevated
Common Components for Transponders C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@cliks[1].txt High
Advertising C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@doubleclick[1].txt Low
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@atdmt[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@stats1.reliablestats[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@server3.web-stat[2].txt Medium
ABetterInternet C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@abetterinternet[1].txt Elevated
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@serving-sys[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@alt[1].txt Medium
Common Components for Transponders C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@offeroptimizer[1].txt High
Common Components for Claria C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@belnk[1].txt Elevated
WinFixer 2005 C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@www.winfixer[2].txt Elevated
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@indextools[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@www.dgm2[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@atwola[1].txt Medium
Advertising C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@adviva[2].txt Low
Transponder.BTGrab C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@btg.btgrab[1].txt Elevated
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@stat.dealtime[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@apmebf[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@122.2o7[2].txt Medium
Advertising C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@advertising[1].txt Low
Advertising C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@mediaplex[1].txt Low
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@bizrate[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@qksrv[2].txt Medium
Transponder.BTGrab C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@a[2].txt Elevated
WinFixer 2005 C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@winfixer[1].txt Elevated
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@etype.adbureau[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@paypopup[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@ads.cc214142[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@112.2o7[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@searchadnetwork[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@tradedoubler[1].txt Medium
Known Bad Sites C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@www.superlogy[1].txt High
Advertising C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@goldenpalace[2].txt Low
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@xiti[1].txt Medium
Bestoffers C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@bestoffersnetworks[1].txt Elevated
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@xmts[2].txt Medium
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@coxhsi.112.2o7[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@campaigns.f2.com[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@tour.splash.sexsearch[1].txt Medium
Advertising C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@burstnet[1].txt Low
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@www.aaa-logo[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@www.searchadnetwork[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@dcsgop9oa6twkfk07jjqxv4eh_4w6r[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@ehealthcaresolutions.122.2o7[1].txt Medium
Tracking Cookie(s) C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@yadro[2].txt Medium
Advertising C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@com[2].txt Low
Common Components for Transponders C:\DOCUME~1\KEVINM~1\LOCALS~1\Temp\dummy.htm High
CasinoClient C:\Program Files\CMAPP High
CasinoClient C:\Program Files\CMAPP\Client High
CasinoClient C:\Program Files\CMAPP\Client\hf.txt High
CasinoClient C:\Program Files\CMAPP\Client\rf.txt High
CasinoClient C:\Program Files\CMAPP\Client\sf.txt High
CasinoClient C:\Program Files\CMAPP\Client\Uninstall.exe High
CasinoClient C:\Program Files\CMAPP\cmappstub.exe High
WinFixer 2005 C:\Program Files\Common Files\WinSoftware\FCrXML.dll Elevated
WinFixer 2005 C:\Program Files\Common Files\WinSoftware\PrCheck.dll Elevated
CasinoClient C:\Program Files\winCMAPP High
CasinoClient C:\Program Files\winCMAPP\Uninstall.exe High
CasinoClient C:\Program Files\winCMAPP\wincmapp.exe High
WinFixer 2005 C:\Program Files\WinFixer2005 Elevated
Pops Stop C:\WINDOWS\ISSM0064.DAT High
Transponder.Bolger C:\WINDOWS\Nail.exe High
Transponder.Bolger C:\WINDOWS\svcproc.exe High
WinFixer 2005 C:\WINDOWS\system32\drivers\dfd.sys Elevated
Transponder.Bolger C:\WINDOWS\system32\DrPMon.dll High
Pops Stop C:\WINDOWS\system32\netlanm.dll High
Pops Stop C:\WINDOWS\system32\norisuni.exe High
Pops Stop C:\WINDOWS\system32\pshwr.exe High
SahAgent C:\WINDOWS\system32\SahImages Elevated
SahAgent C:\WINDOWS\system32\SahImages\91.gif Elevated
SahAgent C:\WINDOWS\system32\SahImages\gr_1reg.gif Elevated
**********************888SahAgent C:\WINDOWS\system32\SahImages\gr_2shop.gif Elevated
SahAgent C:\WINDOWS\system32\SahImages\gr_3cash.gif Elevated
SahAgent C:\WINDOWS\system32\SahImages\gr_reg_header.gif Elevated
SahAgent C:\WINDOWS\system32\SahImages\gr_sahslogo_popup.gi f Elevated
SahAgent C:\WINDOWS\system32\SahImages\gr_sahs_logo.gif Elevated
SahAgent C:\WINDOWS\system32\SahImages\shopnow_pop.gif Elevated
SahAgent C:\WINDOWS\system32\SahImages\submit_pop.gif Elevated
Transponder.Bolger C:\Documents and Settings\kevin mutlow\Local Settings\Temp\DWT\aurareco.exe High
WinFixer 2005 C:\Documents and Settings\kevin mutlow\Local Settings\Temp\NI.UWFX5_0001_LP1014\setup.exe Elevated
WinFixer 2005 C:\Documents and Settings\kevin mutlow\Local Settings\Temp\WinFixer2005Setup.exe Elevated
Pops Stop C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\QFle0826200509522269437.asw High
Transponder.Bolger C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\QFle0915200508384196343.asw High
Transponder.Bolger C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\QFle09152005110913209375.asw High
Transponder.Bolger C:\WINDOWS\cgocse.exe High
WinFixer 2005 C:\WINDOWS\Downloaded Program Files\UWFX5_0001_LP1014NetInstaller.exe Elevated
ILookup.Begin2Search C:\WINDOWS\SYSTEM32\creditcard32123123123asdsa123. ico High
SahAgent C:\WINDOWS\SYSTEM32\fd0ml0pi.ini Elevated
ILookup.Begin2Search C:\WINDOWS\SYSTEM32\greenmovie2313asaadsasfad11234 1231adsfa1.ico High
Pops Stop C:\WINDOWS\SYSTEM32\InstallerV5.exe High
SahAgent C:\WINDOWS\SYSTEM32\l2gg4t1s.ini Elevated
Pops Stop C:\WINDOWS\SYSTEM32\pkshatwb.dll High
Transponder.Bolger C:\WINDOWS\SYSTEM32\xrewfhz.exe High
Other Sections:
Copyright ? 2003 PC Tools Research Pty Ltd. All rights reserved. Legal Notice
-
Latest....
Ran ewido again, but this time chose not to action any of the bits found, then saved report from ewido, here is the report
Report-Checksum: 490234ED
+ Scan result:
[1588] C:\WINDOWS\system32\DrPMon.dll -> Adware.BetterInternet : Ignored
[152] VM_01390000 -> Adware.BetterInternet : Ignored
[2696] C:\WINDOWS\system32\xrewfhz.exe -> Trojan.Agent.cp : Ignored
C:\asdf.exe -> TrojanDownloader.Small.bhf : Ignored
C:\Documents and Settings\kevin mutlow\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\ti me.class-50c9903d-30f5c619.class -> TrojanDownloader.Small.bhf : Ignored
C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@adopt.euroclick[1].txt -> Spyware.Cookie.Euroclick : Ignored
C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@as-eu.falkag[2].txt -> Spyware.Cookie.Falkag : Ignored
C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Ignored
C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\SJEE0DJM\mm[1].js -> Spyware.Chitika : Ignored
C:\Program Files\CMAPP\cmappstub.exe -> TrojanDownloader.Agent.tf : Ignored
C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\QFle09082005110812473921.asw -> Trojan.Stervis.d : Ignored
C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\QFle0915200508384196343.asw -> Trojan.Stervis.g : Ignored
C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\QFle09152005110913209375.asw -> Trojan.Stervis.g : Ignored
C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\QFle0922200510149526375.asw -> Trojan.Stervis.h : Ignored
C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\QFle1005200508362924734.asw -> Spyware.AdSquash : Ignored
C:\Program Files\Internet Explorer\BTOW Shared Files\btwebcontrol.dll -> Dialer.Generic : Ignored
C:\Program Files\Tiscali\Tiscali Internet\dlls\InstallDialer.exe/Dialer.exe -> Heuristic.Win32.Dialer : Ignored
C:\Program Files\Tiscali\Tiscali Internet\dlls\InstallDialer.exe/Dialer.exe -> Heuristic.Win32.Dialer : Ignored
C:\Program Files\winCMAPP\wincmapp.exe -> Spyware.CASClient : Ignored
C:\WINDOWS\cgocse.exe -> Adware.BetterInternet : Ignored
C:\WINDOWS\Downloaded Program Files\UWFX5_0001_LP1014NetInstaller.exe -> Not-A-Virus.Downloader.Agent.d : Ignored
C:\WINDOWS\SYSTEM32\netlanm.dll -> Spyware.SafeSurfing : Ignored
C:\WINDOWS\SYSTEM32\pkshatwb.dll -> Spyware.SafeSurfing : Ignored
C:\WINDOWS\SYSTEM32\pshwr.exe -> Spyware.SafeSurfing : Ignored
C:\WINDOWS\SYSTEM32\req.dll -> TrojanDownloader.ConHook.c : Ignored
C:\WINDOWS\SYSTEM32\xrewfhz.exe -> Trojan.Agent.ay : Ignored
C:\WINDOWS\tdwjdcnquu.exe -> Adware.BetterInternet : Ignored
::Report End
-
Ok, done something different this time, when I was running EWIDO before, as it was scanning the red lights were coming up... I was choosing to action the infected files whilst it was still scanning, obviously it did not like that.
What I done this time was run the scan... took approx 10 minutes THEN I chose to fix or get rid of... and it worked.
About 26 infected files, 24 on red lights all dealt with, couple on amber lights recomended I did not just get shot of them, so followed instructions...
Here is the log now...
+ Created on: 15:59:15, 03/11/2005
+ Report-Checksum: 704F4131
+ Scan result:
C:\Program Files\Tiscali\Tiscali Internet\dlls\InstallDialer.exe/Dialer.exe -> Heuristic.Win32.Dialer : Ignored
C:\Program Files\Tiscali\Tiscali Internet\dlls\InstallDialer.exe/Dialer.exe -> Heuristic.Win32.Dialer : Ignored
[1588] C:\WINDOWS\system32\DrPMon.dll -> Adware.BetterInternet : Cleaned with backup
[152] VM_01390000 -> Adware.BetterInternet : Error during cleaning
[2696] C:\WINDOWS\system32\xrewfhz.exe -> Trojan.Agent.cp : Cleaned with backup
C:\asdf.exe -> TrojanDownloader.Small.bhf : Cleaned with backup
C:\Documents and Settings\kevin mutlow\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\ti me.class-50c9903d-30f5c619.class -> TrojanDownloader.Small.bhf : Cleaned with backup
C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@adopt.euroclick[1].txt -> Spyware.Cookie.Euroclick : Cleaned with backup
C:\Documents and Settings\kevin mutlow\Cookies\kevin mutlow@as-eu.falkag[2].txt -> Spyware.Cookie.Falkag : Cleaned with backup
C:\Documents and Settings\kevin mutlow\Local Settings\Temporary Internet Files\Content.IE5\SJEE0DJM\mm[1].js -> Spyware.Chitika : Cleaned with backup
C:\Program Files\CMAPP\cmappstub.exe -> TrojanDownloader.Agent.tf : Cleaned with backup
C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\QFle09082005110812473921.asw -> Trojan.Stervis.d : Cleaned with backup
C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\QFle0915200508384196343.asw -> Trojan.Stervis.g : Cleaned with backup
C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\QFle09152005110913209375.asw -> Trojan.Stervis.g : Cleaned with backup
C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\QFle0922200510149526375.asw -> Trojan.Stervis.h : Cleaned with backup
C:\Program Files\Common Files\AOL\AOL Spyware Protection\Backup\QFle1005200508362924734.asw -> Spyware.AdSquash : Cleaned with backup
C:\Program Files\Internet Explorer\BTOW Shared Files\btwebcontrol.dll -> Dialer.Generic : Cleaned with backup
C:\Program Files\winCMAPP\wincmapp.exe -> Spyware.CASClient : Cleaned with backup
C:\WINDOWS\cgocse.exe -> Adware.BetterInternet : Cleaned with backup
C:\WINDOWS\Downloaded Program Files\UWFX5_0001_LP1014NetInstaller.exe -> Not-A-Virus.Downloader.Agent.d : Cleaned with backup
C:\WINDOWS\SYSTEM32\netlanm.dll -> Spyware.SafeSurfing : Cleaned with backup
C:\WINDOWS\SYSTEM32\pkshatwb.dll -> Spyware.SafeSurfing : Cleaned with backup
C:\WINDOWS\SYSTEM32\pshwr.exe -> Spyware.SafeSurfing : Cleaned with backup
C:\WINDOWS\SYSTEM32\req.dll -> TrojanDownloader.ConHook.c : Cleaned with backup
C:\WINDOWS\SYSTEM32\xrewfhz.exe -> Trojan.Agent.ay : Cleaned with backup
C:\WINDOWS\tdwjdcnquu.exe -> Adware.BetterInternet : Cleaned with backup
::Report End
-
Please run CCleaner from safe mode useing the windows tab please only. Run it twice.
I need to see a HJT log please.
-
Hi, thank you... what is a HJT log?And what is that CCleaner scan, have I already downloaded that one... getting a collection now!
How do I get safe mode and what is the windows tab??
-
HJT log is Hijackthis log
CCleaner- windows tab is on the upper left of the tool it is up front by default meaning always ready to go.
Just click run cleaner and let it finish
safe mode is this:
Reboot your computer as it is restarting start tapping the F8 key, keep tapping it until a black and white screen comes up.
There will be a menu there use your arrow keys to select safe mode and press enter now you are in safe mode now run CCleaner click run cleaner is all you have to do.
When done reboot your computer and do a hijackthis scan and post it back here like you did before. Thanks
Also did you install that VX2 tool it must be installed after you get adaware SE there is a link to it in the fix I posted.
-
I can not remember how I HJ a log... what did I use, done so much since then I am lost.
In safe mode, can I get on line... do I need to get on line?
Can I cut and paste in safemode?
Thanks
-
You have got it in a temporary folder, just run ccleaner like I asked please and that will be gone.
Then
Please Create a folder and name it HJT such as C:\HJT. Go to "my computer" icon or click start and look for the words MY COMPUTER double click it then double click your C drive put your cursor in an empty area (not on a folder) and right click then select new then select folder, name folder HJT
Then
Download the new version of hijackthis here: into the folder you created on your C drive
http://www.thatcomputerguy.us/downloads-cat4.html
or here:
http://majorgeeks.com/download3155.html
Run hijackthis , click do a scan and save a log file
Notepad will open up and results of scan will be there, copy and paste that into your next reply. Thanks.
online is not needed in safe mode
