Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google Redirect to spyware sites, and Fastbrowser Search problem


  • This topic is locked This topic is locked
14 replies to this topic

#1 Scouse29

Scouse29

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 27 February 2010 - 12:53 PM

Hi desperately need help with this, driving me mad thanks in advance smile.gif

DDS (Ver_09-12-01.01) - NTFSx86
Run by philip bennett at 15:31:21.64 on 27/02/2010
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_18
Microsoft Windows XP Home Edition 5.1.2600.3.1252.44.1033.18.1023.662 [GMT 0:00]


============== Running Processes ===============

C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\philip bennett\Local Settings\Temporary Internet Files\Content.IE5\RRI163Y6\dds[1].scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.msn.co.uk/
uSearch Page = hxxp://uk.rd.yahoo.com/customize/ie/defaults/sp/msgr9/*http://uk.search.yahoo.com
uSearchURL,(Default) = hxxp://uk.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://uk.search.yahoo.com
mSearchAssistant = hxxp://search.live.com/sphome.aspx
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: BrowserHelper Class: {8a9d74f9-560b-4fe7-abeb-3b2e638e5cd6} - c:\program files\sgpsa\SearchAssistant.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: EpsonToolBandKicker Class: {e99421fb-68dd-40f0-b4ac-b7027cae2f1a} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
BHO: Fast Browser Search Toolbar Helper: {fcbccb87-9224-4b8d-b117-f56d924beb18} - c:\program files\fast browser search\ie\FBStoolbar.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\program files\yahoo!\companion\installs\cpn0\YTSingleInstance.dll
TB: EPSON Web-To-Page: {ee5d279f-081b-4404-994d-c6b60aaeba6d} - c:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\program files\yahoo!\companion\installs\cpn0\yt.dll
TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
TB: {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No File
uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
uRun: [BrowserChoice] "c:\windows\system32\browserchoice.exe" /run
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
uPolicies-explorer: NoRecentDocsNetHood = 1 (0x1)
mPolicies-system: EnableLUA = 0 (0x0)
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_18-windows-i586.cab
DPF: {D4003189-95B1-4A2F-9A87-F2B03665960D} - hxxp://www.vexcast.com/download/vexcast.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/Optimize3/pcpitstop2.dll
Hosts: 127.0.0.1 www.spywareinfo.com
Hosts: 85.13.206.114 uuu20091124.info

============= SERVICES / DRIVERS ===============

R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-2-24 236368]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-2-24 19160]
S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-11-11 1684736]

=============== Created Last 30 ================

2010-02-26 13:40:50 293376 ------w- c:\windows\system32\browserchoice.exe
2010-02-26 01:52:54 0 dc-h--w- c:\windows\ie8
2010-02-25 18:22:19 0 d-----w- c:\program files\Activision
2010-02-24 15:52:53 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-02-24 15:52:50 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-02-24 15:52:49 0 d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-02-24 15:33:02 0 d-----w- c:\program files\Lavalys
2010-02-24 02:29:03 52 ----a-w- c:\windows\system32\ashttpstats.csv
2010-02-22 17:00:05 376 ----a-w- c:\documents and settings\philip bennett\Application Dataprivacy.xml
2010-02-22 16:58:59 0 d--h--w- C:\VJVod_Cache
2010-02-20 22:39:46 664 ----a-w- c:\windows\system32\d3d9caps.dat
2010-02-06 11:29:07 0 d-----w- c:\docume~1\alluse~1\applic~1\Sports Interactive
2010-02-06 00:56:51 0 d-----w- c:\program files\Sports Interactive
2010-02-06 00:56:04 0 d--h--w- c:\documents and settings\philip bennett\InstallAnywhere
2010-02-06 00:55:00 0 d-----w- c:\docume~1\philip~1\applic~1\Sports Interactive
2010-02-04 18:43:52 0 d-----w- c:\docume~1\philip~1\applic~1\Oberon Games
2010-02-04 18:43:52 0 d-----w- c:\docume~1\alluse~1\applic~1\Oberon Games
2010-01-30 15:39:06 0 d-----w- c:\windows\system32\nagasoft
2010-01-28 22:08:44 0 d-----w- c:\program files\common files\Oberon Media
2010-01-28 19:06:36 0 d-----w- c:\program files\Break For Games

==================== Find3M ====================

2009-12-31 16:50:03 353792 ----a-w- c:\windows\system32\drivers\srv.sys
2009-12-22 05:20:58 81920 ------w- c:\windows\system32\ieencode.dll
2009-12-21 19:14:05 916480 ----a-w- c:\windows\system32\wininet.dll
2009-12-17 17:14:00 411368 ----a-w- c:\windows\system32\deploytk.dll
2009-12-16 18:43:27 343040 ----a-w- c:\windows\system32\mspaint.exe
2009-12-14 07:08:23 33280 ----a-w- c:\windows\system32\csrsrv.dll
2009-12-08 19:27:51 2189184 ----a-w- c:\windows\system32\ntoskrnl.exe
2009-12-08 18:43:50 2066048 ----a-w- c:\windows\system32\ntkrnlpa.exe

============= FINISH: 15:32:47.67 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,761 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:24 AM

Posted 27 February 2010 - 09:30 PM

Hi, Scouse29 smile.gif

Please read carefully and follow these steps..
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop and make sure TDSSKiller.exe (the contents of the zipped file) is on the Desktop itself, not within a folder on the desktop.
  • Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK. (If Vista, click on the Vista Orb and copy and paste the following into the Search field. (make sure you include the quotation marks) Then press Ctrl+Shift+Enter.)


    "%userprofile%\Desktop\TDSSKiller.exe" -l C:\TDSSKiller.txt -v

  • If it says "Hidden service detected" DO NOT type anything in. Just press Enter on your keyboard to not do anything to the file.
  • It may ask you to reboot the computer to complete the process. Allow it to do so.
  • When it is done, a log file should be created on your C: drive called "TDSSKiller.txt" please copy and paste the contents of that file here.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 Scouse29

Scouse29
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 28 February 2010 - 07:39 AM

Hi and thanks for your rapid response, your help is greatly appreciated clapping.gif

12:28:42:187 2832 TDSS rootkit removing tool 2.2.7.1 Feb 27 2010 13:29:25
12:28:42:187 2832 ================================================================================
12:28:42:187 2832 SystemInfo:

12:28:42:187 2832 OS Version: 5.1.2600 ServicePack: 3.0
12:28:42:187 2832 Product type: Workstation
12:28:42:187 2832 ComputerName: BENNOS
12:28:42:187 2832 UserName: philip bennett
12:28:42:187 2832 Windows directory: C:\WINDOWS
12:28:42:187 2832 Processor architecture: Intel x86
12:28:42:187 2832 Number of processors: 1
12:28:42:187 2832 Page size: 0x1000
12:28:42:203 2832 Boot type: Normal boot
12:28:42:203 2832 ================================================================================
12:28:42:203 2832 UnloadDriverW: NtUnloadDriver error 2
12:28:42:203 2832 ForceUnloadDriverW: UnloadDriverW(klmd21) error 2
12:28:42:312 2832 Initialize success
12:28:42:312 2832
12:28:42:312 2832 Scanning Services ...
12:28:42:312 2832 wfopen_ex: Trying to open file C:\WINDOWS\system32\config\system
12:28:42:312 2832 wfopen_ex: MyNtCreateFileW error 32 (C0000043)
12:28:42:312 2832 wfopen_ex: Trying to KLMD file open
12:28:42:312 2832 wfopen_ex: File opened ok (Flags 2)
12:28:42:312 2832 wfopen_ex: Trying to open file C:\WINDOWS\system32\config\software
12:28:42:312 2832 wfopen_ex: MyNtCreateFileW error 32 (C0000043)
12:28:42:312 2832 wfopen_ex: Trying to KLMD file open
12:28:42:312 2832 wfopen_ex: File opened ok (Flags 2)
12:28:42:703 2832 GetAdvancedServicesInfo: Raw services enum returned 312 services
12:28:42:703 2832 fclose_ex: Trying to close file C:\WINDOWS\system32\config\system
12:28:42:703 2832 fclose_ex: Trying to close file C:\WINDOWS\system32\config\software
12:28:42:703 2832
12:28:42:703 2832 Scanning Kernel memory ...
12:28:42:703 2832 Devices to scan: 4
12:28:42:703 2832
12:28:42:703 2832 Driver Name: Disk
12:28:42:703 2832 IRP_MJ_CREATE : F75B5BB0
12:28:42:703 2832 IRP_MJ_CREATE_NAMED_PIPE : 804FA88E
12:28:42:703 2832 IRP_MJ_CLOSE : F75B5BB0
12:28:42:703 2832 IRP_MJ_READ : F75AFD1F
12:28:42:703 2832 IRP_MJ_WRITE : F75AFD1F
12:28:42:703 2832 IRP_MJ_QUERY_INFORMATION : 804FA88E
12:28:42:703 2832 IRP_MJ_SET_INFORMATION : 804FA88E
12:28:42:703 2832 IRP_MJ_QUERY_EA : 804FA88E
12:28:42:703 2832 IRP_MJ_SET_EA : 804FA88E
12:28:42:703 2832 IRP_MJ_FLUSH_BUFFERS : F75B02E2
12:28:42:703 2832 IRP_MJ_QUERY_VOLUME_INFORMATION : 804FA88E
12:28:42:703 2832 IRP_MJ_SET_VOLUME_INFORMATION : 804FA88E
12:28:42:703 2832 IRP_MJ_DIRECTORY_CONTROL : 804FA88E
12:28:42:718 2832 IRP_MJ_FILE_SYSTEM_CONTROL : 804FA88E
12:28:42:718 2832 IRP_MJ_DEVICE_CONTROL : F75B03BB
12:28:42:718 2832 IRP_MJ_INTERNAL_DEVICE_CONTROL : F75B3F28
12:28:42:718 2832 IRP_MJ_SHUTDOWN : F75B02E2
12:28:42:718 2832 IRP_MJ_LOCK_CONTROL : 804FA88E
12:28:42:718 2832 IRP_MJ_CLEANUP : 804FA88E
12:28:42:718 2832 IRP_MJ_CREATE_MAILSLOT : 804FA88E
12:28:42:718 2832 IRP_MJ_QUERY_SECURITY : 804FA88E
12:28:42:718 2832 IRP_MJ_SET_SECURITY : 804FA88E
12:28:42:718 2832 IRP_MJ_POWER : F75B1C82
12:28:42:718 2832 IRP_MJ_SYSTEM_CONTROL : F75B699E
12:28:42:718 2832 IRP_MJ_DEVICE_CHANGE : 804FA88E
12:28:42:718 2832 IRP_MJ_QUERY_QUOTA : 804FA88E
12:28:42:718 2832 IRP_MJ_SET_QUOTA : 804FA88E
12:28:42:718 2832 TDL3_StartIoLastChanceHookDetect: Unable to dump StartIo handler code
12:28:42:718 2832 sion
12:28:42:718 2832 C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: Clean
12:28:42:718 2832
12:28:42:718 2832 Driver Name: Disk
12:28:42:718 2832 IRP_MJ_CREATE : F75B5BB0
12:28:42:718 2832 IRP_MJ_CREATE_NAMED_PIPE : 804FA88E
12:28:42:718 2832 IRP_MJ_CLOSE : F75B5BB0
12:28:42:718 2832 IRP_MJ_READ : F75AFD1F
12:28:42:718 2832 IRP_MJ_WRITE : F75AFD1F
12:28:42:718 2832 IRP_MJ_QUERY_INFORMATION : 804FA88E
12:28:42:718 2832 IRP_MJ_SET_INFORMATION : 804FA88E
12:28:42:718 2832 IRP_MJ_QUERY_EA : 804FA88E
12:28:42:718 2832 IRP_MJ_SET_EA : 804FA88E
12:28:42:718 2832 IRP_MJ_FLUSH_BUFFERS : F75B02E2
12:28:42:718 2832 IRP_MJ_QUERY_VOLUME_INFORMATION : 804FA88E
12:28:42:718 2832 IRP_MJ_SET_VOLUME_INFORMATION : 804FA88E
12:28:42:718 2832 IRP_MJ_DIRECTORY_CONTROL : 804FA88E
12:28:42:718 2832 IRP_MJ_FILE_SYSTEM_CONTROL : 804FA88E
12:28:42:718 2832 IRP_MJ_DEVICE_CONTROL : F75B03BB
12:28:42:718 2832 IRP_MJ_INTERNAL_DEVICE_CONTROL : F75B3F28
12:28:42:718 2832 IRP_MJ_SHUTDOWN : F75B02E2
12:28:42:718 2832 IRP_MJ_LOCK_CONTROL : 804FA88E
12:28:42:718 2832 IRP_MJ_CLEANUP : 804FA88E
12:28:42:718 2832 IRP_MJ_CREATE_MAILSLOT : 804FA88E
12:28:42:718 2832 IRP_MJ_QUERY_SECURITY : 804FA88E
12:28:42:718 2832 IRP_MJ_SET_SECURITY : 804FA88E
12:28:42:718 2832 IRP_MJ_POWER : F75B1C82
12:28:42:718 2832 IRP_MJ_SYSTEM_CONTROL : F75B699E
12:28:42:718 2832 IRP_MJ_DEVICE_CHANGE : 804FA88E
12:28:42:718 2832 IRP_MJ_QUERY_QUOTA : 804FA88E
12:28:42:718 2832 IRP_MJ_SET_QUOTA : 804FA88E
12:28:42:718 2832 TDL3_StartIoLastChanceHookDetect: Unable to dump StartIo handler code
12:28:42:718 2832 sion
12:28:42:734 2832 C:\WINDOWS\system32\DRIVERS\disk.sys - Verdict: Clean
12:28:42:734 2832
12:28:42:734 2832 Driver Name: atapi
12:28:42:734 2832 IRP_MJ_CREATE : F74E1B3A
12:28:42:734 2832 IRP_MJ_CREATE_NAMED_PIPE : F74E1B3A
12:28:42:734 2832 IRP_MJ_CLOSE : F74E1B3A
12:28:42:734 2832 IRP_MJ_READ : F74E1B3A
12:28:42:734 2832 IRP_MJ_WRITE : F74E1B3A
12:28:42:734 2832 IRP_MJ_QUERY_INFORMATION : F74E1B3A
12:28:42:734 2832 IRP_MJ_SET_INFORMATION : F74E1B3A
12:28:42:734 2832 IRP_MJ_QUERY_EA : F74E1B3A
12:28:42:734 2832 IRP_MJ_SET_EA : F74E1B3A
12:28:42:734 2832 IRP_MJ_FLUSH_BUFFERS : F74E1B3A
12:28:42:734 2832 IRP_MJ_QUERY_VOLUME_INFORMATION : F74E1B3A
12:28:42:734 2832 IRP_MJ_SET_VOLUME_INFORMATION : F74E1B3A
12:28:42:734 2832 IRP_MJ_DIRECTORY_CONTROL : F74E1B3A
12:28:42:734 2832 IRP_MJ_FILE_SYSTEM_CONTROL : F74E1B3A
12:28:42:734 2832 IRP_MJ_DEVICE_CONTROL : F74E1B3A
12:28:42:734 2832 IRP_MJ_INTERNAL_DEVICE_CONTROL : F74E1B3A
12:28:42:734 2832 IRP_MJ_SHUTDOWN : F74E1B3A
12:28:42:734 2832 IRP_MJ_LOCK_CONTROL : F74E1B3A
12:28:42:734 2832 IRP_MJ_CLEANUP : F74E1B3A
12:28:42:734 2832 IRP_MJ_CREATE_MAILSLOT : F74E1B3A
12:28:42:734 2832 IRP_MJ_QUERY_SECURITY : F74E1B3A
12:28:42:734 2832 IRP_MJ_SET_SECURITY : F74E1B3A
12:28:42:734 2832 IRP_MJ_POWER : F74E1B3A
12:28:42:734 2832 IRP_MJ_SYSTEM_CONTROL : F74E1B3A
12:28:42:734 2832 IRP_MJ_DEVICE_CHANGE : F74E1B3A
12:28:42:734 2832 IRP_MJ_QUERY_QUOTA : F74E1B3A
12:28:42:734 2832 IRP_MJ_SET_QUOTA : F74E1B3A
12:28:42:750 2832 TDL3_IrpHookDetect: TDL3 Stub signature found, trying to get hook true addr
12:28:42:750 2832 TDL3_IrpHookDetect: New IrpHandler addr: 86FD38C8
12:28:42:750 2832 ihd: 10, FFDF0308, 510, 134, 3, 120, 0
12:28:42:750 2832 Driver "atapi" Irp handler infected by TDSS rootkit ... 12:28:42:750 2832 cured
12:28:42:750 2832 siohd: 0
12:28:42:750 2832 C:\WINDOWS\system32\DRIVERS\atapi.sys - Verdict: Infected
12:28:42:750 2832 File C:\WINDOWS\system32\DRIVERS\atapi.sys infected by TDSS rootkit ... 12:28:42:750 2832 Processing driver file: C:\WINDOWS\system32\DRIVERS\atapi.sys
12:28:42:750 2832 ProcessDirEnumEx: FindFirstFile(C:\WINDOWS\system32\DriverStore\FileRepository\*) error 3
12:28:43:125 2832 vfvi6
12:28:43:312 2832 !dsvbh1
12:28:44:515 2832 dsvbh2
12:28:44:515 2832 fdfb2
12:28:44:515 2832 Backup copy found, using it..
12:28:44:578 2832 will be cured on next reboot
12:28:44:578 2832
12:28:44:578 2832 Driver Name: atapi
12:28:44:578 2832 IRP_MJ_CREATE : F74E1B3A
12:28:44:578 2832 IRP_MJ_CREATE_NAMED_PIPE : F74E1B3A
12:28:44:578 2832 IRP_MJ_CLOSE : F74E1B3A
12:28:44:578 2832 IRP_MJ_READ : F74E1B3A
12:28:44:578 2832 IRP_MJ_WRITE : F74E1B3A
12:28:44:578 2832 IRP_MJ_QUERY_INFORMATION : F74E1B3A
12:28:44:578 2832 IRP_MJ_SET_INFORMATION : F74E1B3A
12:28:44:578 2832 IRP_MJ_QUERY_EA : F74E1B3A
12:28:44:578 2832 IRP_MJ_SET_EA : F74E1B3A
12:28:44:578 2832 IRP_MJ_FLUSH_BUFFERS : F74E1B3A
12:28:44:578 2832 IRP_MJ_QUERY_VOLUME_INFORMATION : F74E1B3A
12:28:44:578 2832 IRP_MJ_SET_VOLUME_INFORMATION : F74E1B3A
12:28:44:578 2832 IRP_MJ_DIRECTORY_CONTROL : F74E1B3A
12:28:44:578 2832 IRP_MJ_FILE_SYSTEM_CONTROL : F74E1B3A
12:28:44:578 2832 IRP_MJ_DEVICE_CONTROL : F74E1B3A
12:28:44:578 2832 IRP_MJ_INTERNAL_DEVICE_CONTROL : F74E1B3A
12:28:44:578 2832 IRP_MJ_SHUTDOWN : F74E1B3A
12:28:44:578 2832 IRP_MJ_LOCK_CONTROL : F74E1B3A
12:28:44:578 2832 IRP_MJ_CLEANUP : F74E1B3A
12:28:44:578 2832 IRP_MJ_CREATE_MAILSLOT : F74E1B3A
12:28:44:578 2832 IRP_MJ_QUERY_SECURITY : F74E1B3A
12:28:44:578 2832 IRP_MJ_SET_SECURITY : F74E1B3A
12:28:44:578 2832 IRP_MJ_POWER : F74E1B3A
12:28:44:578 2832 IRP_MJ_SYSTEM_CONTROL : F74E1B3A
12:28:44:578 2832 IRP_MJ_DEVICE_CHANGE : F74E1B3A
12:28:44:578 2832 IRP_MJ_QUERY_QUOTA : F74E1B3A
12:28:44:578 2832 IRP_MJ_SET_QUOTA : F74E1B3A
12:28:44:578 2832 TDL3_IrpHookDetect: TDL3 Stub signature found, trying to get hook true addr
12:28:44:578 2832 TDL3_IrpHookDetect: New IrpHandler addr: 86FD38C8
12:28:44:578 2832 ihd1
12:28:44:578 2832 siohd: 0
12:28:44:578 2832 C:\WINDOWS\system32\drivers\tsk3.tmp - Verdict: Clean
12:28:44:578 2832 Reboot required for cure complete..
12:28:44:593 2832 Cure on reboot scheduled successfully
12:28:44:593 2832
12:28:44:593 2832 Completed
12:28:44:593 2832
12:28:44:593 2832 Results:
12:28:44:593 2832 Memory objects infected / cured / cured on reboot: 1 / 1 / 0
12:28:44:593 2832 Registry objects infected / cured / cured on reboot: 0 / 0 / 0
12:28:44:593 2832 File objects infected / cured / cured on reboot: 1 / 0 / 1
12:28:44:593 2832
12:28:44:593 2832 UnloadDriverW: NtUnloadDriver error 1
12:28:44:593 2832 KLMD_Unload: UnloadDriverW(klmd21) error 1
12:28:44:593 2832 KLMD(ARK) unloaded successfully


#4 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,761 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:24 AM

Posted 28 February 2010 - 10:16 AM

How is the computer doing now? You recently went throughout a malware removal process. Can you remove Fastbrowser search(My Tattoo) throughout the Control Panel?

Edited by JSntgRvr, 28 February 2010 - 10:22 AM.
Typo

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#5 Scouse29

Scouse29
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 28 February 2010 - 02:05 PM

Yes redirect from google seems fine now but cannot remove Fastbrowser search from control panel etc.... thanks again thumbup.gif

#6 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,761 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:24 AM

Posted 28 February 2010 - 02:53 PM

Download OTS.exe by OldTimer to your Desktop.
  1. Close any open browsers.
  2. Double-click on OTS.exe to start the program.
  3. Leave all settings as they appear as default, except for the following:
    • Under File Age, select 30.
    • Under Drivers, select "All".
    • Under Registry, select "All".
    • Under Additional Scans, click on the "Extras" button.
  4. Now click the Run Scan button on the toolbar.
  5. The program will be scanning huge amounts of data so depending on your system it could take a long time to complete. Let it run unhindered until it finishes.
  6. When the scan is complete Notepad will open with the report file loaded in it.
  7. Save that notepad file
Use the Reply button and attach the notepad file here (Do not copy and paste in a reply, rather attach it to it).

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#7 Scouse29

Scouse29
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 28 February 2010 - 04:19 PM

Thank you, I'm having a problem with my homepage MSN also, when I click on a news item I get redirected to bing search and given links to the particular story which is not normal for MSN could this be linked to spyware or fastbrowser search? thumbup2.gif

Attached Files

  • Attached File  OTS.Txt   175.62KB   2 downloads


#8 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,761 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:24 AM

Posted 28 February 2010 - 05:57 PM

Seems that the folders have been removed. The only entry I see is the entry in the Control Panel.

I am resetting your hosts as it contains a bad entry, as well as the Trusted Zone entries.

Start OTS. Copy/Paste the information in the Quotebox below into the pane where it says "Paste fix here" and then click the Run Fix button.


QUOTE
[Kill All Processes]
[Unregister Dlls]
[Registry - All]
< HOSTS File > ([2010/02/26 13:05:26 | 000,371,851 | R--- | M] - 12864 lines) -> C:\WINDOWS\system32\drivers\etc\hosts
YN -> Reset Hosts ->
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
YN -> {5C255C8A-E604-49b4-9D64-90988571CECB} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YY -> {8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6} [HKLM] -> C:\Program Files\SGPSA\SearchAssistant.dll [BrowserHelper Class]
YY -> {FCBCCB87-9224-4B8D-B117-F56D924BEB18} [HKLM] -> C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll [Fast Browser Search Toolbar Helper]
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
YN -> WebBrowser\\"{1BB22D38-A411-4B13-A746-C2A4F4EC7344}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YN -> WebBrowser\\"{D4027C7F-154A-4066-A1AD-4243D8127440}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
< Trusted Sites Domains [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
YN -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6628 domain(s) found.
< Trusted Sites Ranges [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\
YN -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found.
< Trusted Sites Domains [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
YN -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ -> [Key] 6627 domain(s) found.
< Trusted Sites Ranges [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\
YN -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ -> [Key] 36 range(s) found.
[Registry - Additional Scans - Safe List]
< Uninstall List [HKEY_LOCAL_MACHINE\] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\
YN -> TBSB07183.TBSB07183Toolbar -> Fast Browser Search (My Face LOL)
[Empty Temp Folders]
[Start Explorer]
[Reboot]




The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. CLick the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here along with a new OTScanit scan log.

I will review the information when it comes back in.
  • Copy the entire contents of the Quote Box below to Notepad.
  • Name the file as Query.bat
  • Change the Save as Type to All Files
  • and Save it on the desktop
  • Once saved, double click on the Query.bat file and post the resulting report.
QUOTE
@ECHO OFF
cd /d %~dp0
Dir /A:D "%ProgramFiles%" >Log.txt
Dir /A "C:\Users\Public" >>Log.txt
Reg query HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall >>log.txt
Start log.txt
Del %0


Also let me know of any problems you encountered performing the steps above or any continuing problems you are still having with the computer.

Edited by JSntgRvr, 28 February 2010 - 07:28 PM.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#9 Scouse29

Scouse29
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 28 February 2010 - 07:17 PM

Hi thanks again, that didn't work the program froze, forcing me to reboot the pc.....any suggestions? smile.gif

#10 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,761 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:24 AM

Posted 28 February 2010 - 07:29 PM

I edited the Query.bat above. Create the file and run it. Post its report.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#11 Scouse29

Scouse29
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 01 March 2010 - 06:27 AM

Hello again the fix ran fine hope what I post is correct thanks again

All Processes Killed
[Registry - All]
HOSTS file reset successfully!
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8A9D74F9-560B-4FE7-ABEB-3B2E638E5CD6}\ deleted successfully.
File C:\Program Files\SGPSA\SearchAssistant.dll not found.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}\ deleted successfully.
File C:\Program Files\Fast Browser Search\IE\FBStoolbar.dll not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{1BB22D38-A411-4B13-A746-C2A4F4EC7344} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}\ not found.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ created successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ created successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\ created successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ deleted successfully.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges\ created successfully.
[Registry - Additional Scans - Safe List]
[Empty Temp Folders]


User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 509830 bytes

User: philip bennett
->Temp folder emptied: 902522 bytes
->Temporary Internet Files folder emptied: 154971761 bytes
->Java cache emptied: 51166913 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 2402044 bytes
%systemroot%\System32 .tmp files removed: 2577 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 200.00 mb

< End of fix log >
OTS by OldTimer - Version 3.1.22.3 fix logfile created on 03012010_111409

Files\Folders moved on Reboot...

Registry entries deleted on Reboot...


Volume in drive C has no label.
Volume Serial Number is D4E3-E19F

Directory of C:\Program Files

26/02/2010 11:53 <DIR> .
26/02/2010 11:53 <DIR> ..
17/11/2009 18:29 <DIR> (APPS) - Google Earth Pro 4.2 (Already Patched)
25/02/2010 18:22 <DIR> Activision
25/01/2010 17:59 <DIR> Adobe
11/11/2009 14:06 <DIR> AGEIA Technologies
13/11/2009 18:52 <DIR> Apple Software Update
24/02/2010 15:56 <DIR> BitComet
24/11/2009 17:44 <DIR> BitDefender
22/02/2010 17:39 <DIR> Break For Games
28/01/2010 22:08 <DIR> Common Files
11/11/2009 13:44 <DIR> ComPlus Applications
17/12/2009 21:23 <DIR> DivX
25/02/2010 08:19 <DIR> Electronic Arts
12/11/2009 11:14 <DIR> epson
10/01/2010 20:51 <DIR> ESET
11/01/2010 14:18 <DIR> Google
17/11/2009 18:29 <DIR> Google Earth Pro 4.2
25/02/2010 08:19 <DIR> InstallShield Installation Information
26/02/2010 02:03 <DIR> Internet Explorer
28/01/2010 07:32 <DIR> Java
24/02/2010 15:33 <DIR> Lavalys
24/02/2010 15:52 <DIR> Malwarebytes' Anti-Malware
12/11/2009 08:25 <DIR> Messenger
11/01/2010 18:17 <DIR> Microsoft
11/11/2009 13:48 <DIR> microsoft frontpage
17/11/2009 09:32 <DIR> Microsoft Office
11/01/2010 18:18 <DIR> Microsoft SQL Server Compact Edition
18/11/2009 18:41 <DIR> Microsoft WSE
11/11/2009 13:45 <DIR> Movie Maker
27/12/2009 14:25 <DIR> MpcStar
19/11/2009 07:30 <DIR> MSBuild
17/11/2009 09:32 <DIR> MSECache
11/11/2009 13:42 <DIR> MSN
28/01/2010 11:50 <DIR> MSN Games
11/11/2009 13:43 <DIR> MSN Gaming Zone
13/12/2009 09:48 <DIR> MSXML 4.0
13/12/2009 00:06 <DIR> Nero
11/11/2009 13:46 <DIR> NetMeeting
11/11/2009 14:00 <DIR> NVIDIA
11/11/2009 13:43 <DIR> Online Services
12/11/2009 08:22 <DIR> Outlook Express
28/11/2009 13:56 <DIR> PowerISO
13/11/2009 18:53 <DIR> QuickTime
11/11/2009 13:59 <DIR> Realtek
19/11/2009 07:30 <DIR> Reference Assemblies
25/02/2010 08:18 <DIR> Rockstar Games
06/02/2010 00:56 <DIR> Sports Interactive
12/12/2009 00:56 <DIR> Spotify
11/01/2010 14:36 <DIR> Spybot - Search & Destroy
18/11/2009 15:53 <DIR> UltraISO
11/11/2009 13:55 <DIR> Uninstall Information
18/11/2009 14:34 <DIR> VSO
11/11/2009 13:59 <DIR> Windows Live
11/01/2010 18:17 <DIR> Windows Live SkyDrive
12/12/2009 23:58 <DIR> Windows Media Player
11/11/2009 13:43 <DIR> Windows NT
11/11/2009 13:46 <DIR> WindowsUpdate
28/11/2009 14:24 <DIR> WinRAR
18/11/2009 23:22 <DIR> WinZip
11/11/2009 13:48 <DIR> xerox
18/11/2009 15:44 <DIR> Xvid
12/11/2009 11:36 <DIR> Yahoo!
0 File(s) 0 bytes
63 Dir(s) 23,020,621,824 bytes free

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AddressBook

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe AIR

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BitComet

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Branding

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Call of Duty Modern Warfare 2_is1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Connection Manager

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\CX4300_5500_DX4400 manual

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DirectAnimation

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DirectDrawEx

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DivX Plus DirectShow Filters

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DXM_Runtime

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\EA Download Manager

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\EPSON Printer and Utilities

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\EPSON Scanner

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\EVEREST Ultimate Edition_is1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Fontcore

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICW

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IDNMitigationAPIs

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE40

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE4Data

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IE5BAKEX

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ie7

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ie8

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IEData

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield Uninstall Information

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{20C45B32-5AB6-46A4-94EF-58950CAF05E5}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB892130

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB898461

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB923561

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB941569

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB946648

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB950762

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB950974

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951066

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951376-v2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951748

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB951978

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB952004

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB952069_WM9

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB952287

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB952954

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB954155_WM9

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB954459

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB954550-v5

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB954708

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB955069

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB955759

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956572

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956744

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956802

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956803

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB956844

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB957097

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB958644

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB958687

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB958869

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB959426

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB960225

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB960803

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB960859

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB961118

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB961371-v2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB961501

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB961503

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB967715

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB968389

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB968816_WM9

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB969059

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB969947

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB970238

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB970430

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB970653-v3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971468

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971486

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971557

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971633

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971657

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971737

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971961

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB971961-IE8

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB972270

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973354

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973507

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973525

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973540_WM9

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973687

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973815

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973869

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB973904

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB974112

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB974318

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB974392

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB974571

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975025

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975467

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975560

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB975713

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB976002-v5

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB976098-v2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB976325-IE8

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB976662-IE8

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB977165

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB977914

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978037

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978207

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978207-IE8

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978251

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978262

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978506-IE8

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB978706

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KB979306

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Microsoft .NET Framework 3.5 SP1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MobileOptionPack

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MpcStar

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MPlayer2

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Nero - Burning Rom!UninstallKey

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Nero PhotoShow Express 5

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NeroBackItUp!UninstallKey

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NeroMediaHome!UninstallKey

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NeroRecode!UninstallKey

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NeroShowTime!UninstallKey

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NeroVision!UninstallKey

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NetMeeting

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NLSDownlevelMapping

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\NVIDIA Drivers

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\OutlookExpress

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCHealth

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PowerISO

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SchedulingAgent

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Spotify

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WGA

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WIC

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Format Runtime

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite_Wave3

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Xvid_is1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Messenger

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Search Defender

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Software Update

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{0C34B801-6AEC-4667-B053-03A67E2D0415}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{13F3917B56CD4C25848BDC69916971BB}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{18D10072035C4515918F7E37EAFAACFC}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{205C6BDD-7B73-42DE-8505-9A093F35A238}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{20C45B32-5AB6-46A4-94EF-58950CAF05E5}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216017FF}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216018FB}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2A88F1BF-7041-4E42-84B1-6B4ACB83AC64}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2EB81825-E9EE-44F4-8F51-1240C3898DC6}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3FC7CBBC4C1E11DCA1A752EA55D89593}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{45338B07-A236-4270-9A77-EBB4115517B5}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{582876EC-A178-44D4-9823-C10D6C62EAFF}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5EE7D259-D137-4438-9A5F-42F432EC0421}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{62369F2F77534556AEF4C58152E3BDE5}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6412CECE-8172-4BE5-935B-6CECACD2CA87}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6421F085-1FAA-DE13-D02A-CFB412C522A4}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{67EDD823-135A-4D59-87BD-950616D6E857}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7299052b-02a4-4627-81f2-1818da5d550d}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7585478E9D9B42108671C12F8714CEFE}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{770657D0-A123-3C07-8E44-1C83EC895118}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7B63B2922B174135AFC0E1377DD81EC2}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7F14F68C-17FA-4F88-B3FD-7F449C1EBF32}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8ADFC4160D694100B5B8A22DE9DCABD9}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8AEA4BE2-2B52-41C0-BB7D-9F2D17AF1033}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8DAC1AE4-33D1-4A78-8A42-00E09EDECC3E}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{95120000-00AF-0409-0000-0000000FF1CE}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{95120000-00B9-0409-0000-0000000FF1CE}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{9A25302D-30C0-39D9-BD6F-21E6EC160475}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A2BCA9F1-566C-4805-97D1-7FDC93386723}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}.KB958483

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A85FD55B-891B-4314-97A5-EA96C0BD80B5}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A96E97134CA649888820BCDE5E300BBD}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AAC389499AEF40428987B3D30CFC76C9}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1033-7B44-A93000000001}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AEF9DC35ADDF4825B049ACBFD1C6EB37}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B13A7C41581B411290FBC0395694E2A9}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B66E665A-DF96-4C38-9422-C7F74BC1B4E5}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B7050CBDB2504B34BC2A9CA0A692CC29}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B83FC356-B7C0-441F-8A4D-D71E088E7974}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{BB8B979E-E336-47E7-96BC-1031C1B94561}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB200003

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB431780

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB946922

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB947748

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB949272

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB952137

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB952677

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB953300

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB953990

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB954832

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB956860

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957541

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957542

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB957543

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB958129

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB958481

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB960043

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}.KB974417

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4FFCD8D-3A06-E243-2747-2CE771A8B7D4}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB350003

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB960043

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D6C75F0B-3BC1-4FC9-B8C5-3F7E8ED059CA}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E2DFE069-083E-4631-9B6C-43C48E991DE5}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ED00D08A-3C5F-488D-93A0-A04F21F23956}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F333A33D-125C-32A2-8DCE-5C5D14231E27}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F333A33D-125C-32A2-8DCE-5C5D14231E27}.vc_x86runtime_30729_01

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F6BD194C-4190-4D73-B1B1-C48C99921BFE}

Edited by Scouse29, 01 March 2010 - 06:40 AM.


#12 Scouse29

Scouse29
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 01 March 2010 - 06:33 AM

One other thing too, since having this spyware problem my Windows live messenger contacts have gone missing and I do not receive emails from various websites I am a member of and also regular contacts who usually send email on a regular basis, this has happened for at least two months now
Thanks again

#13 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,761 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:24 AM

Posted 01 March 2010 - 10:41 AM

QUOTE(Scouse29 @ Mar 1 2010, 07:33 AM) View Post
One other thing too, since having this spyware problem my Windows live messenger contacts have gone missing and I do not receive emails from various websites I am a member of and also regular contacts who usually send email on a regular basis, this has happened for at least two months now
Thanks again

I wont be able to help you on the above. Best choice is to contact and reset your settings in those forums. If you are able to receive notifications from this forum, you should also be able to receive notification from those sites. In regard to the Messenger, opening a topic in the Software forum will be best.

Seems that the fix was edited. Is the Fast Browser entry in the Control Panel -> Add/Remove programs still present?

How is the computer doing?

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#14 Scouse29

Scouse29
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:01:24 PM

Posted 01 March 2010 - 10:49 AM

Yes the computer is fine now and fastbrowser search has gone thanks very much, the thing with emails from here is that it is my account but my dads pc, so it is his messenger that has the problem not mine, but thanks I will post a topic related to that as you say, thanks again for your help you have been brilliant!! clapping.gif

#15 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,761 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:09:24 AM

Posted 05 March 2010 - 11:29 PM

Since this issue appears to be resolved ... this Topic has been closed. Glad we could help.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users