Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

hijackthis log


  • Please log in to reply
5 replies to this topic

#1 float1ng1nspace

float1ng1nspace

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 17 September 2005 - 08:47 PM

Here's my HijackThis log. Any help is greatly appreciated.

Logfile of HijackThis v1.99.1
Scan saved at 8:34:43 PM, on 9/17/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\pctspk.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe
C:\WINDOWS\system32\winlr32.exe
C:\Program Files\AIM\aim.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\America Online 9.0\aoltray.exe
C:\WINDOWS\system32\addsu32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Symantec Shared\NMain.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\fjozh.dll/sp.html#55135
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\fjozh.dll/sp.html#55135
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\fjozh.dll/sp.html#55135
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\fjozh.dll/sp.html#55135
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\fjozh.dll/sp.html#55135
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\fjozh.dll/sp.html#55135
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\fjozh.dll/sp.html#55135
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,First Home Page = C:\Program Files\AOL Toolbar\welcome.html
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {05563232-5F02-763A-E92E-D32E0B4BF53F} - C:\WINDOWS\crjx.dll
O2 - BHO: Class - {06291214-2259-2602-1569-E2D76764D3B6} - C:\WINDOWS\javarg32.dll
O2 - BHO: Class - {08987AF5-9E5C-C5E6-0AE6-FF532B02D3AF} - C:\WINDOWS\system32\addvn32.dll
O2 - BHO: Class - {0A261981-5087-4BD5-BB1C-2E35FF54882F} - C:\WINDOWS\system32\d3do32.dll
O2 - BHO: Class - {0D477064-C0A0-92DC-477A-47E26D658ED6} - C:\WINDOWS\system32\javavq32.dll
O2 - BHO: Class - {0E07F1CC-6044-9AB8-86B3-B33F53CA4787} - C:\WINDOWS\javasp.dll
O2 - BHO: Class - {12FA5173-DA8B-B1C3-C3D1-08A50FF6E095} - C:\WINDOWS\system32\adduh32.dll
O2 - BHO: Class - {19619DBD-B4B4-FDF7-102F-F84B25374D57} - C:\WINDOWS\appmb.dll
O2 - BHO: Class - {199282EC-E1E7-785F-8E93-283E6306E881} - C:\WINDOWS\iebx32.dll
O2 - BHO: Class - {19B907F0-A6CA-BB49-9C14-FD51E9541ECD} - C:\WINDOWS\d3jm32.dll (file missing)
O2 - BHO: Class - {1AF3C52E-680B-95C6-99B3-CA20401DF669} - C:\WINDOWS\system32\appzq.dll
O2 - BHO: Class - {1F78C92C-4C19-8C99-63B8-180F8DEADFA6} - C:\WINDOWS\system32\d3xf.dll
O2 - BHO: Class - {210E4D1E-1772-E5BB-3A77-402CC4AEF532} - C:\WINDOWS\crjc.dll
O2 - BHO: Class - {29292D86-4874-4575-BB37-B5ADBFB2C0AA} - C:\WINDOWS\winvt32.dll
O2 - BHO: Class - {29A6547A-53D1-3FE9-AEF4-47DCE7FBA687} - C:\WINDOWS\system32\iewt32.dll
O2 - BHO: Class - {2B877C0A-9AA5-A75B-5F21-A1984B658EB9} - C:\WINDOWS\system32\sysgu.dll
O2 - BHO: Class - {2C957FC6-4BF9-7E14-76AA-8D1B10A5B6EE} - C:\WINDOWS\d3hw32.dll
O2 - BHO: Class - {2ECC0E95-435F-646C-368F-766F51423169} - C:\WINDOWS\system32\crop32.dll
O2 - BHO: Class - {325A30D6-CBA7-2D68-35E6-F46D58D22544} - C:\WINDOWS\system32\sdkvb32.dll
O2 - BHO: Class - {347AF52A-7597-E937-0808-2A8D1263EAAD} - C:\WINDOWS\nttc32.dll
O2 - BHO: Class - {3712D7D0-9565-F99D-D800-6036A77E45C4} - C:\WINDOWS\crdy32.dll
O2 - BHO: Class - {39ADD310-9B90-5CF2-F764-BCF455179292} - C:\WINDOWS\netvx32.dll
O2 - BHO: Class - {3B762230-E127-AF9B-FA15-BC957B349E2F} - C:\WINDOWS\netvd.dll
O2 - BHO: Class - {3B905E87-A740-AA37-B797-EC359ECDC866} - C:\WINDOWS\atlbq.dll
O2 - BHO: Class - {3BB89E72-0B24-3AB6-AA17-F175B78519DC} - C:\WINDOWS\apiiv.dll
O2 - BHO: Class - {3C733A18-BA69-B034-3516-D68F69A95735} - C:\WINDOWS\atlzd32.dll
O2 - BHO: Class - {3F02C0BA-CB60-BAF9-8EB7-E7F0E13BCDCA} - C:\WINDOWS\mfczo.dll
O2 - BHO: Class - {4097E29E-2A74-3EEA-7090-0E73AF19AC3E} - C:\WINDOWS\apisa32.dll
O2 - BHO: Class - {434B64BC-FC36-EAF2-74CB-0CFC81EE3516} - C:\WINDOWS\system32\netbd.dll
O2 - BHO: Class - {44855E64-D224-B63D-4A8D-1544ABBF6990} - C:\WINDOWS\mskr32.dll
O2 - BHO: Class - {4B655899-8D01-4317-F6FB-450597CE8789} - C:\WINDOWS\system32\sdkep.dll
O2 - BHO: Class - {508CEC2F-E4FA-ECDD-E35D-6317744EFBD7} - C:\WINDOWS\atlho32.dll
O2 - BHO: Class - {50B880E0-130E-F77B-46BB-0062598D56CC} - C:\WINDOWS\system32\mfcdl.dll
O2 - BHO: Class - {57031518-1EF5-9E36-92EF-3E4E0944F8D1} - C:\WINDOWS\ntnt32.dll
O2 - BHO: Class - {59658A25-7B74-EDCF-F455-A75FF0E4C8BE} - C:\WINDOWS\system32\crxt32.dll
O2 - BHO: Class - {5B264A71-ACA3-B02C-C94B-CE36D3C130D4} - C:\WINDOWS\system32\winod32.dll
O2 - BHO: Class - {5E91AF47-A91F-4F5C-7463-E89DA2D22602} - C:\WINDOWS\atlzz32.dll
O2 - BHO: Class - {60367A0D-8790-F166-DEFE-E88F3C410154} - C:\WINDOWS\system32\d3ah32.dll
O2 - BHO: Class - {603960DA-2A41-E212-F1A7-5E1DBE5E69D6} - C:\WINDOWS\apisb32.dll
O2 - BHO: Class - {67A3DA43-B5A2-4C8B-0D91-69629122ADDF} - C:\WINDOWS\system32\ntle32.dll
O2 - BHO: Class - {732A6990-9E44-5A09-2D9B-0AF21E8677FA} - C:\WINDOWS\system32\ieyq.dll
O2 - BHO: Class - {73979FA3-E867-BFB9-AA46-E8A731179278} - C:\WINDOWS\system32\sysww.dll
O2 - BHO: Class - {76B65772-6456-05AC-575B-9D567678D55E} - C:\WINDOWS\mfctm32.dll
O2 - BHO: Class - {78CDF456-5F61-ED9E-53AF-2939AB9F8E94} - C:\WINDOWS\system32\apiwb32.dll
O2 - BHO: Class - {7C77122B-026F-9791-38EB-B10B289B5B82} - C:\WINDOWS\system32\ipzb.dll
O2 - BHO: Class - {7DBD6986-1C5E-5F61-5CDC-F5402DB34848} - C:\WINDOWS\mfcee32.dll
O2 - BHO: Class - {7FFCC75E-5674-7B6F-24F8-13B92DA42ADF} - C:\WINDOWS\msrj.dll
O2 - BHO: Class - {80C01395-9FF4-13F4-EE8C-750CC0B764CF} - C:\WINDOWS\javaxg.dll
O2 - BHO: Class - {8705901D-8680-E8CA-FBE0-7D485E343513} - C:\WINDOWS\javajd32.dll
O2 - BHO: Class - {874D597C-E06D-69E4-175D-315152F9904F} - C:\WINDOWS\system32\addky32.dll
O2 - BHO: Class - {8A402A73-D74F-29E4-67DE-8A44CC69FD23} - C:\WINDOWS\apixt32.dll
O2 - BHO: Class - {8C515B6E-2ACB-2FD2-4CE4-82655F4C0C9F} - C:\WINDOWS\system32\mfcjd32.dll
O2 - BHO: Class - {907FF544-66BA-B27D-E5E3-572C182318D0} - C:\WINDOWS\system32\appvj32.dll
O2 - BHO: Class - {99336825-8A2F-E710-D7AA-913C67C38EDC} - C:\WINDOWS\atlfh.dll
O2 - BHO: Class - {9B86CC76-3686-802D-B036-D25C675E70D8} - C:\WINDOWS\mfcqb.dll
O2 - BHO: Class - {9EDA7417-9325-27A2-7F58-0E142588E86B} - C:\WINDOWS\system32\appja32.dll
O2 - BHO: Class - {A483DB2B-AC74-4D6E-38EA-1510A71538BD} - C:\WINDOWS\apipe.dll
O2 - BHO: Class - {ABD30C3C-C927-56B2-5669-121E648476F4} - C:\WINDOWS\system32\iexl.dll
O2 - BHO: Class - {AE8EA88A-4B04-3734-C5D2-97CDB2A75C22} - C:\WINDOWS\system32\sysyh32.dll
O2 - BHO: Class - {AF78CC8D-6C38-4877-8A5D-18C72E19E404} - C:\WINDOWS\system32\atlcf32.dll
O2 - BHO: Class - {B564A708-4E47-CDCA-F6E8-BD3C3C34F916} - C:\WINDOWS\system32\iegf.dll
O2 - BHO: Class - {B9130181-D07E-0CEE-B1ED-E13DEC0210CF} - C:\WINDOWS\system32\netgm.dll
O2 - BHO: Class - {BB0401E6-61A6-0344-A30F-3DFA178D6F76} - C:\WINDOWS\netwd.dll
O2 - BHO: Class - {BB1C7E31-AB2A-B10E-AD1C-F84A89B87AC1} - C:\WINDOWS\crrj.dll
O2 - BHO: Class - {C0E97C0D-2D4A-BFEF-29D3-ED9E3AF48637} - C:\WINDOWS\system32\msdq32.dll
O2 - BHO: Class - {C3967791-2E22-44BF-0AAB-3986EB6567DE} - C:\WINDOWS\atlin.dll
O2 - BHO: Class - {C3B52B2A-75CE-35EA-B7CE-0FE89E685E1F} - C:\WINDOWS\system32\iptv32.dll
O2 - BHO: Class - {C682057F-E371-B29A-848C-7D9B32E2DD9C} - C:\WINDOWS\system32\appje.dll
O2 - BHO: Class - {C7E5D9CF-F188-7139-C6B3-852F9DA6D3F5} - C:\WINDOWS\system32\mstz.dll
O2 - BHO: Class - {C8F7745A-EDC7-09F6-2A66-3DBD317341D5} - C:\WINDOWS\adduu.dll
O2 - BHO: Class - {CC403086-622D-83F3-2BD1-79D3F203A547} - C:\WINDOWS\system32\atlan32.dll
O2 - BHO: Class - {D004FE09-66C5-9C21-F0D9-0CE8F74EB564} - C:\WINDOWS\system32\apiju.dll
O2 - BHO: Class - {D542ACA4-9789-7E56-C3DF-1421C64535C0} - C:\WINDOWS\winbn.dll
O2 - BHO: Class - {D9B4EDA5-91D0-9FD3-9C3E-056224B01178} - C:\WINDOWS\system32\winzq32.dll
O2 - BHO: Class - {DECFFA99-148A-41DC-E235-46258815DBF8} - C:\WINDOWS\sysye32.dll
O2 - BHO: Class - {E5FE8B28-20B7-0E2B-7FD1-042B1A24EF17} - C:\WINDOWS\system32\ipkj.dll
O2 - BHO: Class - {E8D49CA9-C5FD-6BCF-DD51-31A53DF80403} - C:\WINDOWS\ipzp32.dll
O2 - BHO: Class - {F01318E6-1713-A769-3905-BD4AA522B6F5} - C:\WINDOWS\addod.dll
O2 - BHO: Class - {F7C42564-EA95-5F04-2382-4C97CB847F28} - C:\WINDOWS\sdkfr32.dll
O2 - BHO: Class - {FA1487A3-BE0B-8C8F-EE8B-A7306DC4EB4E} - C:\WINDOWS\msuw.dll
O2 - BHO: Class - {FCB51F0E-2C0D-0B31-D324-1F2349F7433A} - C:\WINDOWS\addre32.dll
O2 - BHO: Class - {FE91C2E0-AC39-4A6A-04FE-D8C6B10B23F3} - C:\WINDOWS\crcw32.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll (file missing)
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WebInstall2] C:\Program Files\ClipGenie\WebInstall.exe /R
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\Run: [winlr32.exe] C:\WINDOWS\system32\winlr32.exe
O4 - HKLM\..\RunOnce: [addsu32.exe] C:\WINDOWS\system32\addsu32.exe
O4 - HKLM\..\RunOnce: [crcm.exe] C:\WINDOWS\system32\crcm.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Tpaa] C:\Documents and Settings\Brian\Application Data\stcp.exe
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - HKCU\..\Run: [Jvrph] C:\WINDOWS\System32\fecnotql.exe
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (HKCU)
O16 - DPF: Yahoo! NBA StatTracker - http://aud3.sports.sc5.yahoo.com/java/y/nbast8268_x.cab
O16 - DPF: {36C66BBD-E667-4DAD-9682-58050E7C9FDC} (CDKey Class) - http://www.cdkeybonus.com/cdkey/ITCDKey.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab
O23 - Service: Workstation NetLogon Service ( 11F#`I) - Unknown owner - C:\WINDOWS\system32\addsu32.exe" /s (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe



Thanks

BC AdBot (Login to Remove)

 


#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,718 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:01 AM

Posted 20 September 2005 - 10:05 PM

Please follow the instructions provided, you may want to print out these instructions and use them as a reference.

First:
Please download ewido security suite it is a trial version of the program.
  • Install ewido security suite
  • When installing, under "Additional Options" uncheck "Install background guard" and "Install scan via context menu".
  • Launch ewido, there should be an icon on your desktop double-click it.
  • The program will now go to the main screen
You will need to update ewido to the latest definition files.
  • On the left hand side of the main screen click update
  • Then click on Start Update
The update will start and a progress bar will show the updates being installed.
If you are having problems with the updater, you can use this link to manually update ewido.
http://www.ewido.net/en/download/updates/

Once the updates are installed close the Ewido program.

Reboot your computer into Safe Mode

Once in safe mode, start Ewido and do the following:
  • Click on scanner
  • Click on Complete System Scan and the scan will begin.
  • While the scan is in progress you will be prompted to clean files, click OK
  • When it asks if you want to clean the first file, put a check in the lower left corner of the box that says "Perform action on all infections" then choose clean and click OK.
  • Once the scan has completed, there will be a button located on the bottom of the screen named Save report
  • Click Save report.
  • Save the report.txt file to your desktop.
Now close ewido security suite.

Reboot back to normal mode, open report.txt and post it as a reply to this post along with a new hijackthis log.

#3 float1ng1nspace

float1ng1nspace
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 22 September 2005 - 03:55 PM

Here is the ewido report, followed by the new hijackthis log.

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 8:53:22 PM, 9/21/2005
+ Report-Checksum: ABACEE4B

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{00564D9E-6D4B-1BA6-3369-3CA152EDA8CE} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{00AF6BF7-1C8A-2F68-11A6-3DD4FD5A3DED} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{011710E1-B483-710E-97E0-2570CF3083B8} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{01198741-DBE0-E6F4-9DBE-877B61FB1D1D} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{031788DE-6282-F9CD-262A-AA22CDA2B068} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{033935E4-A208-AB9E-DD2A-6A9B7E426D04} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{03BFEDA6-8678-C773-5452-E7082FCA1BD7} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{04256906-BECE-83AC-2058-27ABA38B11A3} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{04CB6006-AB79-1366-4EF1-BFF815B874EE} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{04D2569C-ED83-79FB-0E43-F43DFA258774} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{04EDA6A5-3C09-E146-8F75-5684DDB4E2A7} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{05971453-FE87-CB75-BB1F-338A196198B0} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{05C2ECE7-AB9F-8750-F571-7DD76F135929} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{05CFF62B-F8EF-A6A3-C2D8-0649EE07F197} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{06559367-A395-44B2-D6A0-0631D6323797} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{0661C16F-8ED8-1431-8A0B-2C95C6994589} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{069086B3-68BB-CAE9-C009-2AE851B01BAB} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{0713F0EF-F47D-A3DA-A0F3-C2ED763086A3} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{07A70617-8D17-A480-A5CF-0FCA3C65180D} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{07D80144-9372-FEAC-AEDD-21AE8732F067} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{07F0CAA0-8206-9DCC-5402-D4CC24EC1764} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{07FF232E-41D0-38A2-6073-6847AD3E6453} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{08A3BAAE-CEB8-766F-9585-A831A8E94068} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{09248DC7-285D-A208-7675-8D1BAC7208C9} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{09312E20-8C50-C241-742B-35F21EDA9875} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{0AD1A770-F33D-516E-A6BD-A3AEB8568EAC} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{0ADEF183-C204-6BFB-2DA8-5C12061DE911} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{0B2910B5-8AE6-8676-E13B-4CEC5E6A75F1} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{0B4F9B2C-F81D-7C42-AE33-07F0FCB846EC} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{0B538AE6-8676-E13B-4CEC-E6A75F19F1EF} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{0B6BE68E-B55A-5883-3DBC-30D73208D3E7} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{0B936818-A83D-004A-625A-757B4D758CC6} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{0C016F66-0147-FD26-5123-5C470E6791DD} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{0E37D9E0-99E3-DA14-3197-60132338963E} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{0ECEBD98-802F-9B4D-7308-C983A18EDBEC} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1082088A-E784-5093-F9A0-07E5588FA67C} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{109FCEAD-8C5C-5B76-3BB3-A646D2B52C93} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{10D837D7-D6EA-8BCE-37FB-E58A2E09397B} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{12094FCA-1EE9-6EE5-5B4B-4B1EDA5F575C} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{12130DCB-3DF4-96EC-27B9-61E0D766F680} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1228458E-6B19-48F4-5449-A00AEE93F0FC} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{12FA3D1E-6BB1-A968-D251-242CE33A798A} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1486290A-90C1-388F-ADC8-6BFAA6B057E8} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{155F178D-1B07-52BD-BF72-827F24ED9DCE} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{15E6172A-5F7D-3085-1E94-14DA8D1A4479} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1674BCBE-46DE-7BAB-FBFA-CA15D9FEB632} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{16C710FD-4C93-9C02-15FC-681DF7937350} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1714A690-3BE3-3C63-D05D-B9E2E19A88A3} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{18BDB348-E8B0-D5A4-55F2-74FD4CB49A69} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{18DF9808-F6C9-984B-EDE3-0B7624EC452A} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{18EAFE7B-570B-346C-ADEF-9CDDA8A1986F} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1B2B1933-92B1-481C-EB27-35E36BF72B5B} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1B9CEE94-E0D7-13CF-2DA8-CA3C766EAAD0} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1BD83F34-5674-FA0D-E5B2-7D7655F0D46F} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1C1F1B09-C5DE-0C47-B128-B83F5668EB83} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1D232F9D-941D-5CD9-732F-8F6EC1977CF2} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1D3E7FA6-E393-C514-F461-E0B59435D825} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1DE20533-9118-BF9A-A6C6-F8E881A5FD4B} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1EA0CE66-D6D5-2CEB-D734-97906011F9A8} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1F46E851-7EAF-1A9B-E6B4-CCA46BD7BB86} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1F5650BA-2C95-0E8C-5C3F-D482646BF979} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1F6A3B74-3D40-4D48-4D55-E3A0A8029CC2} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1FE935FF-DB66-AC76-99D8-18EC1F0F013C} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{208BD4D8-3DA2-3736-A8E6-F3AF3479FA31} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{211D33BE-B506-603A-E0C1-E50E4D62779F} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{21F8F0E0-D881-0FBC-CD1D-D1F30C3905B4} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{22E7067A-283F-CF1C-4373-210A97C38BDB} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{24E10FF7-10AA-6198-95AE-258D49D9ABCA} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{25742C0F-DC0D-F5DC-55DE-C66285AA22AB} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{25ABB624-07B4-7709-119D-4C9FB375AB79} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2621D1BF-0A92-2D9C-E595-02A9C3F76F46} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{26F5CDB0-3ADD-70F3-F30F-8DD2B92D52FF} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{286ECE71-3F17-089B-F6BD-0E16D255AE8A} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{29B25401-5964-022D-3AC2-C7207FEFF994} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{29CDA41A-A8EB-6A68-BBF5-2877418D55C7} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2A6A2EFF-2FC6-683C-5911-BB1AC07E5964} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2A80D71D-33B8-3E91-8293-2130B34265A4} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2A97DB56-E2B4-967C-AF9F-07FDF74289C2} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2A9B7B46-3BB6-BB3C-9E0A-6C988B9DE22E} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2AC8EC43-EAE7-F7BD-2B63-7DE1FF58C69F} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2B5A2313-AE67-454E-9A8B-F74070E57F1B} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} -> Spyware.MiniBug : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2BFAB072-A3F3-0A97-6990-3673392B7DFC} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2CAB7717-202B-8A26-BFD7-FA41EC47A745} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2CB60D9D-BA37-058C-7EA3-A52155F01235} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2D7C78D3-F49A-8BD3-9A98-41F319D802B2} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2D99FD34-F395-DFB0-0852-36D4976F6E3D} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2D9BB7B5-D27A-5907-A874-72E04FC719E8} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{2FB10B1F-E342-08A1-CBAA-D4A2CD2ABAC6} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3061EF1C-F3C8-2DAB-24E0-C96288EB621D} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{30C5202D-2CDD-8C6D-6CD3-86CBAC73988B} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{30E36B0A-CA1D-18E7-7FD2-9BA91D4D1710} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{32FB9A97-C47A-795A-3B47-9A97C1448DFC} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{338E88E9-D821-1C15-A00D-907AB980E988} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3507B32F-B4F9-0B6B-5168-A74196010FA0} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{35CDCE87-6BD6-878A-D4C9-24118A153D34} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{36846EB6-C1B1-A145-B3CE-F5740FA22FF8} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3684B1D1-C737-AA3A-00B8-83FE7FF3C058} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{36A41F9E-B433-C078-89AE-486D2624C972} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3757D8EC-FD1D-A2F5-366B-C8C2FEE89B04} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{38A09FC8-FCAF-3D1E-A6D6-FB0A0E2E2D98} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{38C14AA2-0708-7DAD-F01C-6C0208A38BE2} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{38D4E2FB-BB30-60CB-0D77-12064B5A0EE4} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{38EA95B6-06DF-844E-6763-813A152D6F74} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3A1550DD-FD7B-8D6E-989A-49A66DF1433F} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3BA763E9-3208-0CD2-31BD-37026D1B8537} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3C2E0AC2-347B-07FF-761D-31083C460F98} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3D1F3C37-49CA-66D3-9877-04375ADE521D} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{3E8AEA49-2882-96D1-D4B0-D1EA3E4EEFD2} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4095AAF5-BAD2-A97D-D64C-566A52E35C2E} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4253994F-6825-77D6-AEE7-F03BCB81423C} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{430B869B-EB6E-CBD3-5E4D-6D279372AA20} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{43372D0D-6EAD-977A-99EE-8DFB043153ED} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{43F226F3-3EDD-1F6E-B1F9-426F80DAB07E} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{44A4F449-ADED-A513-8AE7-5A3DDF205F49} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{44CE9131-E13C-D36A-083A-FAFF61E866CA} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{452C15DF-936D-C8CB-B825-97DD4A210ABD} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{46C8C875-7053-566F-B7DF-A8735884B10E} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{47B70B6F-A6B0-230A-43C3-9F9B5C710209} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{47DA2122-90A1-597C-94D7-20963F392761} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4822A81B-A35C-81CA-4B1E-595C44DF3F5E} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4904C579-9366-3B77-3148-9401DBD4A5AA} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{491288EB-D314-5571-9C18-B1EAC89ADE09} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4A210C09-C3AE-D36C-3EC5-0D7723985463} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4A5DA6C7-CAFA-ADBE-1CBD-9DB325C4EB88} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4AD64CAF-CC40-779E-C47E-E23705C41C75} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4AEDA6FC-6816-F03C-12F8-CDE056451F16} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4C96C433-2EDC-3926-B873-410DB1199685} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4CC6B346-9934-1C2F-1EBB-53F81823D9B4} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4E11A0FD-72A3-AEF3-D4E4-E168F75A238E} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4F8E9FA5-37E2-683E-E18D-19AC6697532D} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4FBFBE36-BC17-CAB4-CA0B-1F18DD30B292} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4FCD2C21-6232-FD0F-36AA-4EFFC9284B2A} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{4FFB405E-2D99-7374-B6D3-F0CD9DC8744E} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{50B9D537-5DB0-52B1-FF6F-ED6C70DA477E} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{529D86BB-85DC-FC40-1699-BECC09038E95} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{52CA0FCE-F9E0-2125-6CA6-2627141A47E9} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{5345A51F-E5D0-5A0D-1418-A1C95C417E3C} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{551764CC-ABCF-335C-76F6-62283B478A0F} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{5735BB6F-7A93-49E1-B628-ABB60DAA5F0B} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{57CEBAAD-4565-C660-5FAF-624E13DBE3B7} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{5932F9CB-E60E-11C7-5BA5-2CD8198CBDB4} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{595B569B-A80C-DEE4-5AE6-7AF21D2B6F17} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{59935BC1-5F4B-96F1-F3B6-C6B36821D102} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{5AF0B5AF-80E5-5F00-7457-4FF9847707D9} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{5B7E5C2F-7668-51A3-BA8C-F6B376755AF9} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{5BCC3EE7-9153-E89F-6D4E-9B02B02B4E2E} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{5DA6CA48-7D98-BC0B-40EF-22AC6558668A} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{5F1C7FC6-359E-6D58-42B3-3E410DB4CADB} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{5F32646E-6D3E-257C-2369-EFD1A3A012F8} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{5F4B11A7-C0A8-0B95-8741-481C8B0029E3} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{5F574346-A206-D78A-7149-4C709D5204A4} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{5FA0CF1E-5FF7-5212-6D7D-5710E683BABB} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{62B52B4D-547B-BFC7-9850-79709FDECF27} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{6327D790-4626-130D-8171-E0E6AB10B53B} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{64770A00-0C3B-BCEC-D32D-83EE61896228} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{6477E0AE-C44A-D3CD-6823-CC6538DFBFEE} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{64AB146B-0C39-DEC3-5AED-E2DA773C655F} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{65D75D06-7395-6352-09CD-E13B9059EFE9} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{66DEB589-B6D4-E95E-2E36-26287464CD11} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{67654C62-B847-D47B-7386-202E338F4761} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{677E5988-9E47-B4BE-8002-B86CEAD32154} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{67A0E5DD-D21D-3F1C-2FD5-07C50B27B4BD} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{67D02480-710B-80D7-0624-27BB57B32CDE} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{68005AEB-2632-F033-B29F-EA21C446CA22} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{69C2D4B0-CE91-AAB5-0BB5-4F75B848492D} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{69D74EF1-A99E-49CB-BA6C-079035E64ABD} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{6A389597-708B-6F9D-B6EC-8D1A3EC9DFAF} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{6A493714-8012-621E-A09E-CD80FF52FB1F} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{6BE5CD97-C2FD-46BB-5C0A-9634487B916D} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{6C652E08-1C50-09D2-7DC8-0714DB258C39} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{6C91BC18-67AD-0E5B-4D60-515F042A81BC} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{6D012127-ABB2-BF82-D02A-24CBBD599720} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{6D3DF846-86BE-A81E-C69E-5A1818F8E929} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{6D793FE9-8675-897B-589B-5BCAB9D3CFEF} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{6DDF3AF2-CB9D-199D-044C-9941E91E7CFF} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{6EDB124C-8B12-ABA8-CA16-CEBAC7061ADE} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{71476230-0B89-E69D-D223-279F989C21BB} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{72877DD4-A7A3-8B9D-DEB7-F09CC0629D54} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{735DDAC7-F8F1-47DD-D87A-6AF0100B6A48} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{73A0FEF4-C4EC-89F0-F3BC-FE7F59AD1DBA} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{742CF04D-EE46-1423-E899-B91C547ABC20} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{76321C6A-B800-93A4-24BB-B1F318D2A8E0} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{76518006-D7C5-4C71-68F4-DA79559FA482} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{765369C1-D4E0-D6A4-69B4-6261D4E1319A} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{77845652-D4FE-D2AD-12FA-F27B477D9B31} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{7868EC16-8C67-1DBD-6D5A-EBB325881BD9} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{786A41BB-009D-DD27-EA3E-15DCD01EC75C} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{78CA5367-0660-D7DE-5424-C4AD26542538} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{7904D3DD-22E5-C0C1-0648-E66A3897E380} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{792A038A-9C16-9885-5B25-CE939788172A} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{792E2C95-AEBD-D9B8-E958-AD1BB5A3D9BA} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{795714A8-C9C0-E8BD-30DB-A0DA3B603993} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{7B28CC5E-5425-8989-13A1-2929DDA8CC5F} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{7D1F318F-6264-F55E-366B-93087AE94B29} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{7DA446BF-5485-78F9-CC9A-2A02C93519E4} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{7DFA112F-21B6-72CE-A5DE-09FEAF22C151} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{7E2B347A-52AA-597F-9371-80822A8D1263} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{7EFCA545-7AB8-61BF-D7DE-AEA89256912C} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8007F30A-ADD5-7E61-D29C-8F166BC8A3DD} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8169E4D3-2914-C956-AAFE-F49D78C929A8} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{817972EC-CAD1-C47C-A430-508B1E97DE0D} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{818D123D-B7CF-1169-DD32-2310AD262479} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{81AE8953-3335-A1BB-5174-F82625372B4E} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{821C8BB3-C516-BEE5-C6A4-ECF0D92BF426} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{821F62C3-1009-929C-3E89-5D066057B36D} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8263BB7B-DDE9-23FF-589B-C8F6C675BE35} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{826D0369-102B-4A44-F27B-D9DCC50A8EE6} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8324D4AA-9FD0-5334-D040-C3B82F9A8957} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{83CBE2FB-4038-4351-9B1C-E69BF75962AA} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{841CB982-C366-4290-3F00-95A1A5F3C340} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8424A742-21C5-E92B-D6A5-2B565D796258} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{85E6B001-B482-61AE-78C6-6EAE60D74D00} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{85F1C7FC-7359-D6D5-C42B-F3E410DB4CAD} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{865E2CEC-DCDC-CF30-C932-8A491F233655} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8669ABB2-7410-3460-F449-E119DCA24CC4} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8735EBDB-E5CE-D8EC-D853-7210E5BC2584} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{877DBFE0-6233-B1C4-8252-A4475BCF6DD2} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{88261A8F-96F3-66D7-0279-B1C677B30B41} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{88289CAD-8761-B286-1697-48C2E3A53747} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8A0FEDBB-3762-AEB7-E85E-6BCC16F76759} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8BB0647D-D9C2-CB7B-7651-2618BD82261B} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8BBD3FEB-8F56-FA45-F83E-0589E7E09434} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8D01C3C9-547A-12EE-5401-4B29F8F98176} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8D1DF6CE-07E4-C211-83F6-537E054EDC98} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8DA5457F-A8AA-4CCF-A842-70E6FD274094} -> Spyware.HuntBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8DF52E69-BA52-5F6E-2A2A-0CD81E0F3492} -> Spyware.BetterInternet : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8E183E4D-1A0C-3195-3741-BBEABE2CBCD0} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8E22B410-9A68-7588-EDE1-05BA98980E7E} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8E883EC3-ABB5-0CD9-EC0A-78CB81A818D1} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{8F60435F-DF74-6308-E8CB-509D69906821} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{90DEE38B-0DB3-A3CA-6F69-126542AD0FA1} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{913EAD11-DA6B-5C8F-D264-E3D4FC8BA5DD} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{92854EC1-0623-4E3A-3993-F60435FEDF74} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{929F8E8D-2C15-4240-E685-FA3C645381C5} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{9320654E-9DD7-7B4E-FD11-BE169AC706F5} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{932ECF21-1DCB-F962-4C70-56830E2BD255} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{952B27F0-D129-A966-5DF7-9E2D52C7E338} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{966FA744-197F-E95E-EB31-73BE39619DE2} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{96EEA21B-4AA3-4627-EA0A-176241DBD1A4} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{98832348-0E38-D102-51A5-517934760119} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{9913F006-5621-D9B4-E3CB-064477E8D278} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{99B1E639-DCA2-2C21-013F-DEF4B5729CA9} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{9A711817-CADB-FD03-EBB1-4E2FC70601C2} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{9B9D4A7D-1232-E364-432D-B58ECFAE5AF4} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{9C060FC3-F4CE-894D-8EB7-FA3935CE5AA1} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{9CC4194D-70AD-AC3B-8852-00B56740427F} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{9D7705A4-9543-9869-8249-F62AC961BDA5} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{9E2092B1-77DB-2A6A-A476-8BAA6CC65237} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{9E960055-CBAB-522C-F6D0-3C06FAA39285} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{9EDC0D8F-954E-A638-C240-D52042910A62} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{9F1D249D-1545-56CD-0C52-0C2EE115ABB1} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{9FF47B90-35D9-6F6F-3BC1-027BAA23833E} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{A01394EE-8B14-B1D4-AE65-22E7424A71D0} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{A0B249A8-05AF-32B0-992B-DB1CAFDEB3E4} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{A167704A-0F01-8543-16A8-ECF3EBA5DC01} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{A1BC7CDD-070B-7E5C-FEAD-F4789795AD1A} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{A1BD0D9E-655B-CB60-6F75-1DFC720AEAB9} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{A3B9B534-33C7-F4A9-994E-4A8BFD538322} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{A4405AD1-A13C-E10B-4B57-D5092B102F2B} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{A45C982E-5E8A-94C9-33A0-1F6E1789AC7E} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{A5B3B4A7-6BD2-E7CE-E654-7A1D658D1BB3} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{A678B034-1492-1AC1-FF9B-636BC85F5643} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{A6BF9B01-2B57-89D9-AD1F-AF854374C992} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{A6BFC374-18DF-B761-3902-53957EFA4847} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{A72CAEB7-7E44-7941-564B-A741D28B01DB} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{A7737E2C-9C15-D4BE-4A5B-C15B7E8C41E9} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{A7D90935-7D8E-3E5D-9E71-486D629FCAAD} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{A8703447-9782-72D3-AA41-606A7E155CE5} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{A94D3AA0-A235-876E-2DCD-617E08BD8301} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{A97B64CA-35C4-DD86-2890-054EE94CE844} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{A9BB7C1A-E63B-E0A9-63EB-7124FA52D1B0} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{AAC06F6E-F261-4E44-CF1D-B1EA9712EF4B} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{AB8789CE-01B6-4B58-C2C0-77D8144D5741} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{ABFF8236-DCBD-E17B-0A69-6FD85FA199FE} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{AEDEFEF1-3732-630E-951F-1CBF02877CF3} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{AEF3E64A-B4FC-FC2A-5EF9-4FC735F322D9} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{AF197E67-53B8-6C01-4733-3E7C25BA3A3B} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B1300934-5207-3933-066D-455DDE935ADD} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B26E0DA6-7964-2B58-9B4B-94CBAA3AFF83} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B2E28203-4884-D849-F129-5F1A3C2A59D2} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B33C5B98-F4B9-B550-C81A-4EE9720874BF} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B36D5282-D413-F545-CF79-A6CE970CFEBB} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B38F516E-48F2-CDBB-7D76-E0CFBCDBEE45} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B4D50626-AAF0-64AC-F1D5-8A697DD0E515} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B4F697AE-7E58-DC0D-D012-24F83EAB9F25} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B5423394-16FB-1F60-5AF9-6CAF30B35009} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B5872D9A-BAAF-EE65-E0A0-6D49EFD1D166} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B595A235-53A2-27D5-EFF6-D0208801D071} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B6E89CAB-169D-C0D8-F8D0-4EB58B02ABAB} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{B7F4D50B-EAC3-A3F3-769F-96194A8DECDE} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{BA5E5B3E-BB1D-2938-3E93-1C81F766E7AB} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{BA8C901D-7125-D60E-C709-3E7F4A433A01} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{BAA4A995-E881-38F6-1E95-AF9F2785FBB3} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{BC0DC8BD-646D-FA46-8739-116B4F8B8228} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{BC0FE7F5-AD1D-A795-C683-F3EB54072EFE} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{BCA18F7D-4CAB-D300-286E-432722FFB0FB} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{BCA234F8-DBE0-1CBE-CE94-63240442E405} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{BD00AB82-F105-58F8-2B31-B600383177E6} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{BD757058-7180-2CE5-E5B6-8C70AEF236CC} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{BD9A8BB0-8BF8-EC2E-5A23-8010E127E35B} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{BE5DCDBC-54D3-95EA-B258-2D53BD817431} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{BF680029-9EFC-9F01-F3C3-ECC0A8DF53A1} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{BFB13F83-4E3B-A3C3-D100-FEE3424CD9C0} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C092CEA0-FB34-5E12-83ED-47942941DECC} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C0E27572-BE10-BE39-5F1B-F26255B8F141} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C151BF9B-FE85-EC38-A53B-AE4D2044C94E} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C174CC42-7291-0DCA-CE42-7DB1C655AADD} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C21C6790-58A0-81BD-58F6-11EF55D9BADF} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C2E5E32B-0FD0-16A5-10FE-EDA2D4478683} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C2FE095E-5BA7-FBC8-5387-2878C932A44F} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C39816D8-BA82-0890-929F-D27B4B0A27F0} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C3CBD491-14A8-F1D3-52CC-F2038BD5FDDE} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C42CF26E-2B02-05DE-7D7B-A16C5C2095BB} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C432F8C9-5E41-F564-674E-C21B8257061B} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C436BE04-B80F-3F1B-B592-67B6C8C95688} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C53D27E6-2A68-7CD9-A09F-541EF27B2319} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C5E66D21-FF6E-2881-4046-8D0402A4597D} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C6986041-AF54-9AEF-5EA0-8C5C69D8DEB3} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C74DF792-DD4B-4B33-4D25-BB3E8A211BB3} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C75B8795-6012-883F-06EE-5F1501763CFE} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C881C594-6F3E-F3F1-EA4B-72C7CEA3E7DB} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{C9368290-DE0B-80FF-0E2D-8933F6CA1A46} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{CAEA3DE4-DAC7-8DF9-1A53-651E63E86CDF} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{CAF35453-A9AB-61D6-E032-1F6CE85168F3} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{CC6A9DFF-521F-7DD3-E624-B30C0B9FF83A} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{CC6B2B65-2D60-CC2D-B4A6-7C0945964771} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{CD01143E-9B70-CB99-C455-87936A69EFA2} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{CD283BB0-5FEA-F204-BC88-8C3CA240315D} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{CDEC09E6-8009-FC50-5FF8-83F317343213} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{D02510A9-69A7-24D5-85DA-D3EC8E911C73} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{D063E7A9-F6B2-80F8-44B2-F8210FDEDF67} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{D223F02D-058E-2CFE-D02D-81826009252B} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{D27DD7B4-A72B-4B66-2BD3-262B793A3C2C} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{D377FF80-B093-7377-D7F1-2D8792CCF322} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{D3E61C7F-BD83-EA01-13F4-464C2595C096} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{D4451521-F203-568E-2657-C5AD1F0B1F77} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{D605EAFF-2C3A-4619-43C1-4FFB062F68DE} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{D6C7DB36-C0AC-C91F-B408-61A55E5AB6C5} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{D75897AF-4779-FE93-0121-038FA5AA18C4} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{D75B9D6B-FB2A-EE40-24DA-791D27C77147} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{D775F18B-70E6-FBB1-C13D-52CE71E899B3} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{D7B5394E-D013-3545-35D0-45376236A8DC} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{D847DBFE-4EE2-AF6C-D202-0D9795B9D820} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{D85FBAA5-5F33-6173-D800-EFD4E38AE63E} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{DA78BE1D-07FE-B346-204E-C738DF8C7F8D} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{DABFF8C3-DF48-F11C-290D-D7CD732B35CC} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{DB054D56-EEA3-C985-BEDB-3E646A49FA44} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{DB3FF0A6-7AD3-085E-3E59-A4318E82D4A8} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{DBE13E5D-7E11-2943-722B-C75B9A94EFED} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{DC690906-09E2-710F-7C3B-F2F819B49B2A} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{DCF499B3-5BE2-6F3F-B6C8-FB0597F0FF79} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{DD25AEF3-3DC7-625D-F3C6-DE10B7C6BF82} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{DE064CF5-809E-A243-CC14-F5427E5967A1} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{DE2D7676-D3B6-1EDB-60CA-DA72D6F9B006} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{DF7346F5-4EB1-7F19-9320-5E86CBCBDA80} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{DF74F87A-B7C0-F480-1D25-D81A257B3152} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{DFC94122-75A0-85E3-3738-430A8B983C39} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{E1259401-E429-8855-B814-BD6EF247346C} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{E24280F1-5872-DD80-6349-14510DFCB851} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{E365460D-7563-2763-5E38-85F172854EAC} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{E36A99D7-088F-A5E8-1BA4-87116D938D49} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{E404F826-ABE4-D856-61BA-BCBD539933F8} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{E43C16BE-9904-7881-7685-DEE7D759572D} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{E4E0C452-0B6D-5B6B-E0AD-5D2B7C054116} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{E5C23746-741A-FEC7-C517-86E204C95729} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{E5E59618-FEBB-174D-3A09-E2EF1B2CDA17} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{E63E927A-86D0-9904-89A5-12291C12FD61} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{E647591B-D33E-72B8-A7F0-9D55C2A7369D} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{E65FC41A-89B3-21B7-1EB6-E92DA3645370} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{E8A06DEA-6626-407D-5720-FE211C989AC1} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{E8C74323-6EAC-41DF-4232-E6575DCCE375} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{EA8D7DFA-04BF-99E7-595C-535DC7F0EFBA} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{EAC3A0EF-0931-C087-DD54-10E2CE664097} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{EBB942DD-6CAD-83C9-BB7A-1A229122535B} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{EC6CC6A4-2DE4-7D97-7906-9D8567369627} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{ECEAF197-B6EF-9E38-0846-FF3BB03983AD} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{ED765395-C8D8-4E11-153C-4CF57031518D} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{EDB7FF48-2CC7-7131-A993-53C8F83DD550} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{EDE4719B-AC04-9EE1-7AEA-7712560B2832} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{EE5F21BB-197A-041B-53A6-055C6B35DD91} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{EE72D9B5-81C8-E738-8F1C-E3D4FED74E0D} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{EF24BEB1-9592-9F8F-4B29-99399FD2C231} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{EF4CB83E-BEF0-2DE3-F01E-55D0127FF3EA} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{EFC71F6E-8006-6787-AAD0-B50964B31181} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{EFF18EAC-64BF-91FF-8F1B-42B57350D99F} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F065E398-2ACB-9034-8B2A-28A827FF521F} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F1B10CDC-1975-EC0C-C522-2571525E92CF} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F1E91259-92C0-8767-A2E0-85139867622A} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F2255AF4-092C-0BF6-52CF-8484B194FCC4} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F22C21C3-2FA8-F0A7-72B3-7927ADEFC66E} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F2352FD0-B78A-FC66-EE98-5DFBF99E1F48} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F2903213-C2D0-B852-F56D-8B10D6C8C121} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F317424C-8ECC-86C7-5E5B-7AA1BD81D1C4} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F3267BA7-14CC-4368-6BFC-E59341D01507} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F55B9B22-5BAA-C8BB-5C3F-3E652D794BF7} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F6802757-10AB-DBC8-719A-C48394D31082} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F6EB941E-9DCD-6E07-E139-D2AB90BAAE62} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F704A16D-BA8A-0DD4-CB9E-F0FA4A957D8D} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F7DFCD4F-46CD-BDA8-264C-0A68205F4979} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F80F0D50-2D6C-75C3-606A-3DFE0F4FC5D0} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{F99D5FC9-1F47-B6F5-F1D5-55AFEAD2853A} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{FA6A8ADC-5ACF-A739-A8BF-5E4D7B5991C1} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{FA986CDE-0FA2-33A9-ECFD-8291DFA81985} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{FB277F1B-89B6-A114-DD01-EC507A933F39} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{FBD21FB3-D80F-1A9B-2038-2D60684CDEE0} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{FC5F30D8-4A16-B1C4-CFF8-EE955DFA16A2} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{FC92C3DE-F786-C2A4-4565-359ECF140E14} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{FC955BB2-DAA2-E394-1DD3-E8A207B823A6} -> Spyware.BetterInternet : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{FDEDD1BB-EE5D-1AF2-C50B-11681C5E2A93} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{FE0CF482-D7A9-BD18-0056-CF55E4EDD446} -> Spyware.CoolWebSearch : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{FF9A5C46-DA40-2321-E19B-261681A78BB1} -> Spyware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-861567501-152049171-1957994488-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4DAC7D8D-9C1A-3965-E63E-6CDFBCD1EB33} -> Spyware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-861567501-152049171-1957994488-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5E6B001B-4822-1AE8-8C64-EAE60D74D00C} -> Spyware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-861567501-152049171-1957994488-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6477E0AE-C44A-D3CD-6823-CC6538DFBFEE} -> Spyware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-861567501-152049171-1957994488-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8037964D-1365-8C5E-3AC3-419713B83CBE} -> Spyware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-861567501-152049171-1957994488-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{816A50DB-569D-3BB1-E768-24983B6F81CB} -> Spyware.CoolWebSearch : Cleaned with backup
HKU\S-1-5-21-861567501-152049171-1957994488-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9C07AC43-1C2D-BD1B-FEDF-58BEDA6A49E1} -> Spyware.CoolWebSearch : Cleaned with backup
C:\Documents and Settings\Brian\Cookies\brian@2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Brian\Cookies\brian@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Brian\Cookies\brian@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Brian\Cookies\brian@questionmarket[1].txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
C:\Documents and Settings\Brian\Cookies\brian@serving-sys[1].txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
C:\ms32.exe -> TrojanDownloader.Small : Cleaned with backup
C:\WINDOWS\002429_.tmp:noikp -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\addlg.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\aolback.exe.lnk:ahdei -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\aolback.exe.lnk:ivgvv -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\aolback.exe.lnk:zjyzt -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\apipe.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\apixt32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\atlfh.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\atlkb32.exe -> Trojan.Agent.bi : Cleaned with backup
C:\WINDOWS\atlpj32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\atlzd32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\Blue Lace 16.bmp:lwwll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\Blue Lace 16.bmp:mqcdd -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\Blue Lace 16.bmp:zbocj -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\bootstat.dat:sassq -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\clock.avi:cgflq -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\clock.avi:ulsut -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\cmsetacl.log:gxdnt -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\cmsetacl.log:vhiho -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\Coffee Bean.bmp:ezany -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\Coffee Bean.bmp:jkgzv -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\Coffee Bean.bmp:pnckf -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\comsetup.log:asttz -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\comsetup.log:bvsxw -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\comsetup.log:fhkte -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\comsetup.log:jpgas -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\comsetup.log:nktbb -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\comsetup.log:vlbvs -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\comsetup.log:yofwm -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\control.ini:etlzb -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\control.ini:mafzx -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\control.ini:sqgvy -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\crjx.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\crrj.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\d3hw32.dll -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\dahotfix.log:kelmg -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\dasetup.log:apwcy -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\dasetup.log:bqkej -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\dasetup.log:dvmeh -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\dasetup.log:omyac -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\dasetup.log:swexi -> TrojanDownloader.Agent.bc : Cleaned with backup
C:\WINDOWS\dasetup.log:udgns -> TrojanDownloade

#4 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,718 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:01 AM

Posted 22 September 2005 - 09:36 PM

Lets see a new hijackthis log

#5 float1ng1nspace

float1ng1nspace
  • Topic Starter

  • Members
  • 33 posts
  • OFFLINE
  •  
  • Local time:08:01 AM

Posted 24 September 2005 - 06:55 PM

Sorry...forgot to post the hijackthis log. Here it is....

Logfile of HijackThis v1.99.1
Scan saved at 8:54:57 PM, on 9/21/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {05563232-5F02-763A-E92E-D32E0B4BF53F} - C:\WINDOWS\crjx.dll (file missing)
O2 - BHO: Class - {0D477064-C0A0-92DC-477A-47E26D658ED6} - C:\WINDOWS\system32\javavq32.dll (file missing)
O2 - BHO: Class - {199282EC-E1E7-785F-8E93-283E6306E881} - C:\WINDOWS\iebx32.dll (file missing)
O2 - BHO: Class - {19B907F0-A6CA-BB49-9C14-FD51E9541ECD} - C:\WINDOWS\d3jm32.dll (file missing)
O2 - BHO: Class - {1AF3C52E-680B-95C6-99B3-CA20401DF669} - C:\WINDOWS\system32\appzq.dll (file missing)
O2 - BHO: Class - {1FA8EA19-344B-EDDA-FF8C-8DF485F11C72} - C:\WINDOWS\iegb.dll (file missing)
O2 - BHO: Class - {29292D86-4874-4575-BB37-B5ADBFB2C0AA} - C:\WINDOWS\winvt32.dll (file missing)
O2 - BHO: Class - {29A6547A-53D1-3FE9-AEF4-47DCE7FBA687} - C:\WINDOWS\system32\iewt32.dll (file missing)
O2 - BHO: Class - {2C957FC6-4BF9-7E14-76AA-8D1B10A5B6EE} - C:\WINDOWS\d3hw32.dll (file missing)
O2 - BHO: Class - {347AF52A-7597-E937-0808-2A8D1263EAAD} - C:\WINDOWS\nttc32.dll (file missing)
O2 - BHO: Class - {39ADD310-9B90-5CF2-F764-BCF455179292} - C:\WINDOWS\netvx32.dll (file missing)
O2 - BHO: Class - {3C733A18-BA69-B034-3516-D68F69A95735} - C:\WINDOWS\atlzd32.dll (file missing)
O2 - BHO: Class - {4B655899-8D01-4317-F6FB-450597CE8789} - C:\WINDOWS\system32\sdkep.dll (file missing)
O2 - BHO: Class - {50B880E0-130E-F77B-46BB-0062598D56CC} - C:\WINDOWS\system32\mfcdl.dll (file missing)
O2 - BHO: Class - {59658A25-7B74-EDCF-F455-A75FF0E4C8BE} - C:\WINDOWS\system32\crxt32.dll (file missing)
O2 - BHO: Class - {5B264A71-ACA3-B02C-C94B-CE36D3C130D4} - C:\WINDOWS\system32\winod32.dll (file missing)
O2 - BHO: Class - {5BC00790-A8E8-1F25-4CAA-C9AE7CFE95AF} - C:\WINDOWS\system32\addjz.dll (file missing)
O2 - BHO: Class - {60367A0D-8790-F166-DEFE-E88F3C410154} - C:\WINDOWS\system32\d3ah32.dll (file missing)
O2 - BHO: Class - {67A3DA43-B5A2-4C8B-0D91-69629122ADDF} - C:\WINDOWS\system32\ntle32.dll (file missing)
O2 - BHO: Class - {6ED83E98-B32D-C5BC-E588-CC2CC1475BFF} - C:\WINDOWS\system32\crdh.dll (file missing)
O2 - BHO: Class - {78CDF456-5F61-ED9E-53AF-2939AB9F8E94} - C:\WINDOWS\system32\apiwb32.dll (file missing)
O2 - BHO: Class - {79FB99E0-9529-0FF5-9D52-B42B3DCDEF49} - C:\WINDOWS\sdkaw32.dll (file missing)
O2 - BHO: Class - {7A23E735-EC07-BB26-5CF0-DCDEBB6EADC9} - C:\WINDOWS\sdkvf.dll (file missing)
O2 - BHO: Class - {7DBD6986-1C5E-5F61-5CDC-F5402DB34848} - C:\WINDOWS\mfcee32.dll (file missing)
O2 - BHO: Class - {80C01395-9FF4-13F4-EE8C-750CC0B764CF} - C:\WINDOWS\javaxg.dll (file missing)
O2 - BHO: Class - {8705901D-8680-E8CA-FBE0-7D485E343513} - C:\WINDOWS\javajd32.dll (file missing)
O2 - BHO: Class - {874D597C-E06D-69E4-175D-315152F9904F} - C:\WINDOWS\system32\addky32.dll (file missing)
O2 - BHO: Class - {8A402A73-D74F-29E4-67DE-8A44CC69FD23} - C:\WINDOWS\apixt32.dll (file missing)
O2 - BHO: Class - {8C515B6E-2ACB-2FD2-4CE4-82655F4C0C9F} - C:\WINDOWS\system32\mfcjd32.dll (file missing)
O2 - BHO: Class - {907FF544-66BA-B27D-E5E3-572C182318D0} - C:\WINDOWS\system32\appvj32.dll (file missing)
O2 - BHO: Class - {99336825-8A2F-E710-D7AA-913C67C38EDC} - C:\WINDOWS\atlfh.dll (file missing)
O2 - BHO: Class - {9B86CC76-3686-802D-B036-D25C675E70D8} - C:\WINDOWS\mfcqb.dll (file missing)
O2 - BHO: Class - {A201E9FB-E957-9FD0-D7B8-E7180B6535EB} - C:\WINDOWS\system32\d3rh32.dll (file missing)
O2 - BHO: Class - {A483DB2B-AC74-4D6E-38EA-1510A71538BD} - C:\WINDOWS\apipe.dll (file missing)
O2 - BHO: Class - {AF78CC8D-6C38-4877-8A5D-18C72E19E404} - C:\WINDOWS\system32\atlcf32.dll (file missing)
O2 - BHO: Class - {B3F2B6DF-2D0C-3BA8-E40F-EABB35F0653B} - C:\WINDOWS\system32\ieyu.dll (file missing)
O2 - BHO: Class - {BB1C7E31-AB2A-B10E-AD1C-F84A89B87AC1} - C:\WINDOWS\crrj.dll (file missing)
O2 - BHO: Class - {C4779094-FC70-CB85-B11A-252CD133E619} - C:\WINDOWS\system32\nthh32.dll (file missing)
O2 - BHO: Class - {C682057F-E371-B29A-848C-7D9B32E2DD9C} - C:\WINDOWS\system32\appje.dll (file missing)
O2 - BHO: Class - {DA961EB4-D503-2B8A-69AB-C4905735F48D} - C:\WINDOWS\atlpj32.dll (file missing)
O2 - BHO: Class - {DECFFA99-148A-41DC-E235-46258815DBF8} - C:\WINDOWS\sysye32.dll (file missing)
O2 - BHO: Class - {E45A180C-02A8-D9D9-3A2F-A8BA2A458B2C} - C:\WINDOWS\system32\crrb32.dll (file missing)
O2 - BHO: Class - {E8D49CA9-C5FD-6BCF-DD51-31A53DF80403} - C:\WINDOWS\ipzp32.dll (file missing)
O2 - BHO: Class - {ED800884-CF0B-46CC-6B33-43B8AA363DE1} - C:\WINDOWS\winxa32.dll (file missing)
O2 - BHO: Class - {FA1487A3-BE0B-8C8F-EE8B-A7306DC4EB4E} - C:\WINDOWS\msuw.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll (file missing)
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WebInstall2] C:\Program Files\ClipGenie\WebInstall.exe /R
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [Pure Networks Port Magic] "C:\PROGRA~1\PURENE~1\PORTMA~1\PortAOL.exe" -Run
O4 - HKLM\..\RunOnce: [ntqf.exe] C:\WINDOWS\system32\ntqf.exe
O4 - HKLM\..\RunOnce: [addsu32.exe] C:\WINDOWS\system32\addsu32.exe
O4 - HKLM\..\RunOnce: [winyn32.exe] C:\WINDOWS\winyn32.exe
O4 - HKLM\..\RunOnce: [addgy.exe] C:\WINDOWS\system32\addgy.exe
O4 - HKLM\..\RunOnce: [d3px.exe] C:\WINDOWS\d3px.exe
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Tpaa] C:\Documents and Settings\Brian\Application Data\stcp.exe
O4 - HKCU\..\Run: [Weather] C:\Program Files\AWS\WeatherBug\Weather.exe 1
O4 - Global Startup: America Online 9.0 Tray Icon.lnk = C:\Program Files\America Online 9.0\aoltray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (HKCU)
O16 - DPF: Yahoo! NBA StatTracker - http://aud3.sports.sc5.yahoo.com/java/y/nbast8268_x.cab
O16 - DPF: {36C66BBD-E667-4DAD-9682-58050E7C9FDC} (CDKey Class) - http://www.cdkeybonus.com/cdkey/ITCDKey.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.com/computercheckup/qdiagcc.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/d.../ITDetector.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\\aolserv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - PCtel, Inc. - C:\WINDOWS\system32\pctspk.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

#6 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,718 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:08:01 AM

Posted 25 September 2005 - 09:36 AM

Go into your control panel and uninstall ClipGenie from add/remove programs.

Print out these instructions and then close all windows including Internet Explorer.

Then I want you to fix some of those entries. Please do the following:

Please make sure that you can view all hidden files. Instructions on how to do this can be found here:

How to see hidden files in Windows

Run Hijackthis again, click scan, and Put a checkmark next to each of these. Then click the Fix button:


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {05563232-5F02-763A-E92E-D32E0B4BF53F} - C:\WINDOWS\crjx.dll (file missing)
O2 - BHO: Class - {0D477064-C0A0-92DC-477A-47E26D658ED6} - C:\WINDOWS\system32\javavq32.dll (file missing)
O2 - BHO: Class - {199282EC-E1E7-785F-8E93-283E6306E881} - C:\WINDOWS\iebx32.dll (file missing)
O2 - BHO: Class - {19B907F0-A6CA-BB49-9C14-FD51E9541ECD} - C:\WINDOWS\d3jm32.dll (file missing)
O2 - BHO: Class - {1AF3C52E-680B-95C6-99B3-CA20401DF669} - C:\WINDOWS\system32\appzq.dll (file missing)
O2 - BHO: Class - {1FA8EA19-344B-EDDA-FF8C-8DF485F11C72} - C:\WINDOWS\iegb.dll (file missing)
O2 - BHO: Class - {29292D86-4874-4575-BB37-B5ADBFB2C0AA} - C:\WINDOWS\winvt32.dll (file missing)
O2 - BHO: Class - {29A6547A-53D1-3FE9-AEF4-47DCE7FBA687} - C:\WINDOWS\system32\iewt32.dll (file missing)
O2 - BHO: Class - {2C957FC6-4BF9-7E14-76AA-8D1B10A5B6EE} - C:\WINDOWS\d3hw32.dll (file missing)
O2 - BHO: Class - {347AF52A-7597-E937-0808-2A8D1263EAAD} - C:\WINDOWS\nttc32.dll (file missing)
O2 - BHO: Class - {39ADD310-9B90-5CF2-F764-BCF455179292} - C:\WINDOWS\netvx32.dll (file missing)
O2 - BHO: Class - {3C733A18-BA69-B034-3516-D68F69A95735} - C:\WINDOWS\atlzd32.dll (file missing)
O2 - BHO: Class - {4B655899-8D01-4317-F6FB-450597CE8789} - C:\WINDOWS\system32\sdkep.dll (file missing)
O2 - BHO: Class - {50B880E0-130E-F77B-46BB-0062598D56CC} - C:\WINDOWS\system32\mfcdl.dll (file missing)
O2 - BHO: Class - {59658A25-7B74-EDCF-F455-A75FF0E4C8BE} - C:\WINDOWS\system32\crxt32.dll (file missing)
O2 - BHO: Class - {5B264A71-ACA3-B02C-C94B-CE36D3C130D4} - C:\WINDOWS\system32\winod32.dll (file missing)
O2 - BHO: Class - {5BC00790-A8E8-1F25-4CAA-C9AE7CFE95AF} - C:\WINDOWS\system32\addjz.dll (file missing)
O2 - BHO: Class - {60367A0D-8790-F166-DEFE-E88F3C410154} - C:\WINDOWS\system32\d3ah32.dll (file missing)
O2 - BHO: Class - {67A3DA43-B5A2-4C8B-0D91-69629122ADDF} - C:\WINDOWS\system32\ntle32.dll (file missing)
O2 - BHO: Class - {6ED83E98-B32D-C5BC-E588-CC2CC1475BFF} - C:\WINDOWS\system32\crdh.dll (file missing)
O2 - BHO: Class - {78CDF456-5F61-ED9E-53AF-2939AB9F8E94} - C:\WINDOWS\system32\apiwb32.dll (file missing)
O2 - BHO: Class - {79FB99E0-9529-0FF5-9D52-B42B3DCDEF49} - C:\WINDOWS\sdkaw32.dll (file missing)
O2 - BHO: Class - {7A23E735-EC07-BB26-5CF0-DCDEBB6EADC9} - C:\WINDOWS\sdkvf.dll (file missing)
O2 - BHO: Class - {7DBD6986-1C5E-5F61-5CDC-F5402DB34848} - C:\WINDOWS\mfcee32.dll (file missing)
O2 - BHO: Class - {80C01395-9FF4-13F4-EE8C-750CC0B764CF} - C:\WINDOWS\javaxg.dll (file missing)
O2 - BHO: Class - {8705901D-8680-E8CA-FBE0-7D485E343513} - C:\WINDOWS\javajd32.dll (file missing)
O2 - BHO: Class - {874D597C-E06D-69E4-175D-315152F9904F} - C:\WINDOWS\system32\addky32.dll (file missing)
O2 - BHO: Class - {8A402A73-D74F-29E4-67DE-8A44CC69FD23} - C:\WINDOWS\apixt32.dll (file missing)
O2 - BHO: Class - {8C515B6E-2ACB-2FD2-4CE4-82655F4C0C9F} - C:\WINDOWS\system32\mfcjd32.dll (file missing)
O2 - BHO: Class - {907FF544-66BA-B27D-E5E3-572C182318D0} - C:\WINDOWS\system32\appvj32.dll (file missing)
O2 - BHO: Class - {99336825-8A2F-E710-D7AA-913C67C38EDC} - C:\WINDOWS\atlfh.dll (file missing)
O2 - BHO: Class - {9B86CC76-3686-802D-B036-D25C675E70D8} - C:\WINDOWS\mfcqb.dll (file missing)
O2 - BHO: Class - {A201E9FB-E957-9FD0-D7B8-E7180B6535EB} - C:\WINDOWS\system32\d3rh32.dll (file missing)
O2 - BHO: Class - {A483DB2B-AC74-4D6E-38EA-1510A71538BD} - C:\WINDOWS\apipe.dll (file missing)
O2 - BHO: Class - {AF78CC8D-6C38-4877-8A5D-18C72E19E404} - C:\WINDOWS\system32\atlcf32.dll (file missing)
O2 - BHO: Class - {B3F2B6DF-2D0C-3BA8-E40F-EABB35F0653B} - C:\WINDOWS\system32\ieyu.dll (file missing)
O2 - BHO: Class - {BB1C7E31-AB2A-B10E-AD1C-F84A89B87AC1} - C:\WINDOWS\crrj.dll (file missing)
O2 - BHO: Class - {C4779094-FC70-CB85-B11A-252CD133E619} - C:\WINDOWS\system32\nthh32.dll (file missing)
O2 - BHO: Class - {C682057F-E371-B29A-848C-7D9B32E2DD9C} - C:\WINDOWS\system32\appje.dll (file missing)
O2 - BHO: Class - {DA961EB4-D503-2B8A-69AB-C4905735F48D} - C:\WINDOWS\atlpj32.dll (file missing)
O2 - BHO: Class - {DECFFA99-148A-41DC-E235-46258815DBF8} - C:\WINDOWS\sysye32.dll (file missing)
O2 - BHO: Class - {E45A180C-02A8-D9D9-3A2F-A8BA2A458B2C} - C:\WINDOWS\system32\crrb32.dll (file missing)
O2 - BHO: Class - {E8D49CA9-C5FD-6BCF-DD51-31A53DF80403} - C:\WINDOWS\ipzp32.dll (file missing)
O2 - BHO: Class - {ED800884-CF0B-46CC-6B33-43B8AA363DE1} - C:\WINDOWS\winxa32.dll (file missing)
O2 - BHO: Class - {FA1487A3-BE0B-8C8F-EE8B-A7306DC4EB4E} - C:\WINDOWS\msuw.dll (file missing)
O4 - HKLM\..\Run: [WebInstall2] C:\Program Files\ClipGenie\WebInstall.exe /R
O4 - HKLM\..\RunOnce: [ntqf.exe] C:\WINDOWS\system32\ntqf.exe
O4 - HKLM\..\RunOnce: [addsu32.exe] C:\WINDOWS\system32\addsu32.exe
O4 - HKLM\..\RunOnce: [winyn32.exe] C:\WINDOWS\winyn32.exe
O4 - HKLM\..\RunOnce: [addgy.exe] C:\WINDOWS\system32\addgy.exe
O4 - HKLM\..\RunOnce: [d3px.exe] C:\WINDOWS\d3px.exe
O4 - HKCU\..\Run: [Tpaa] C:\Documents and Settings\Brian\Application Data\stcp.exe
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} - C:\Program Files\AWS\WeatherBug\Weather.exe (HKCU)
O16 - DPF: {36C66BBD-E667-4DAD-9682-58050E7C9FDC} (CDKey Class) - http://www.cdkeybonus.com/cdkey/ITCDKey.cab
O16 - DPF: {FA3662C3-B8E8-11D6-A667-0010B556D978} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/_media/dalaillama/ampx.cab

Reboot your computer into Safe Mode

Then delete these files or directories (Do not be concerned if they do not exist)


C:\Program Files\ClipGenie\
C:\WINDOWS\system32\ntqf.exe
C:\WINDOWS\system32\addsu32.exe
C:\WINDOWS\winyn32.exe
C:\WINDOWS\system32\addgy.exe
C:\WINDOWS\d3px.exe
C:\Documents and Settings\Brian\Application Data\stcp.exe
C:\Program Files\AWS\

Reboot your computer to go back to normal mode and post a new log.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users