35mb mahatyam   Independent houses near kukatpally | Apartments in Pragathi Nagar | AndhraVaani.com | Log Out | Topics | Search
Register | Edit Profile

Bewarse Talk � Archives � Bewarse Bewarse � Archive through May 13, 2005 � 35mb mahatyam � Previous Next �

Author Message
Top of pagePrevious messageNext messageBottom of page Link to this message

Bob
Pilla Bewarse
Username: Bob

Post Number: 263
Registered: 03-2005
Posted From: 220.240.44.49

Rating: N/A
Votes: 0 (Vote!)

Posted on Wednesday, May 11, 2005 - 2:30 am:   Edit PostDelete PostView Post/Check IP
baboyei e site lo link 2 min download sesi ventaney cancel chesaa , denitlo nunchi virus lu vasthayei antey. beta sypware run chestey 6 files infected ani vachindi.
mi yenkamallaraa elanti sites lo links evvadu.
Top of pagePrevious messageNext messageBottom of page Link to this message

Thunker
Pilla Bewarse
Username: Thunker

Post Number: 1
Registered: 05-2005
Posted From: 193.188.105.22

Rating: N/A
Votes: 0 (Vote!)

Posted on Tuesday, May 10, 2005 - 10:32 pm:   Edit PostDelete PostView Post/Check IP
hey aavakaya check this link

http://www.microsoft.com/downloads/details.aspx?Fa milyID=321cd7a2-6a57-4c57-a8bd-dbf62eda9671&displa ylang=en&Hash=6PDYLPB
Top of pagePrevious messageNext messageBottom of page Link to this message

Aavakaaya
Pilla Bewarse
Username: Aavakaaya

Post Number: 492
Registered: 04-2004
Posted From: 195.220.151.50

Rating: N/A
Votes: 0 (Vote!)

Posted on Sunday, May 08, 2005 - 3:03 am:   Edit PostDelete PostView Post/Check IP
>>linux lo extra benefit ga mudo "bokka" vuntadha ***** daniki ani



but windows ke ekkuva bokkalu vuntaayu..
eveadu padithe vaadu...ele padithe ala full D...
Top of pagePrevious messageNext messageBottom of page Link to this message

Aavakaaya
Pilla Bewarse
Username: Aavakaaya

Post Number: 491
Registered: 04-2004
Posted From: 195.220.151.50

Rating: N/A
Votes: 0 (Vote!)

Posted on Sunday, May 08, 2005 - 2:59 am:   Edit PostDelete PostView Post/Check IP
>>mana Avakays Linux linux antuntie, andukosam adigaa.

I need windows only for Yahoo voice chat.
(now Skype vachindi ga..am slowly reducing total use of windows...but this depends on my friends who cannot come out of windows)
Top of pagePrevious messageNext messageBottom of page Link to this message

Proofdada
Bewarse ke Bewarse!
Username: Proofdada

Post Number: 24623
Registered: 03-2004
Posted From: 84.167.204.89

Rating: N/A
Votes: 0 (Vote!)

Posted on Sunday, May 08, 2005 - 2:55 am:   Edit PostDelete PostView Post/Check IP
thadi mayya..
Top of pagePrevious messageNext messageBottom of page Link to this message

Deithadi
Desanike Pedda Bewarse
Username: Deithadi

Post Number: 2590
Registered: 03-2004
Posted From: 68.249.126.205

Rating: N/A
Votes: 0 (Vote!)

Posted on Sunday, May 08, 2005 - 2:48 am:   Edit PostDelete PostView Post/Check IP
adei mama septhunna,

browsing chesthamu, itla DB, cinemalu lantivi regurlar activities kadha, dhanikosam Windows system use chetham.

mana Avakays Linux linux antuntie, andukosam adigaa.

linux lo extra benefit ga mudo "bokka" vuntadha daniki ani :-O
Top of pagePrevious messageNext messageBottom of page Link to this message

Andhramass
Kurra Bewarse
Username: Andhramass

Post Number: 813
Registered: 12-2004
Posted From: 211.27.213.204

Rating: N/A
Votes: 0 (Vote!)

Posted on Sunday, May 08, 2005 - 2:29 am:   Edit PostDelete PostView Post/Check IP
deithadhi mayya nenu chsthannu

nenu kastha bore kodithey sexu bommalu chusthannu gaaaaaaaaaaaa
Top of pagePrevious messageNext messageBottom of page Link to this message

Deithadi
Desanike Pedda Bewarse
Username: Deithadi

Post Number: 2584
Registered: 03-2004
Posted From: 68.249.126.205

Rating: N/A
Votes: 0 (Vote!)

Posted on Sunday, May 08, 2005 - 2:22 am:   Edit PostDelete PostView Post/Check IP
>>Avakays wroted:
nenu ee thokkalo Windows ni anduke movie downloads ki, online music kosam tappithe use cheyyanu..
>>

antha kantei ekkuva emi chestamu computer tho??
mostly browsing related... :-O

intha kanna verei panulu sesthaara evarunna mee computer tho "regular" gaa?

.
Top of pagePrevious messageNext messageBottom of page Link to this message

Pidel
Kurra Bewarse
Username: Pidel

Post Number: 568
Registered: 11-2004
Posted From: 211.28.246.196

Rating: N/A
Votes: 0 (Vote!)

Posted on Sunday, May 08, 2005 - 2:08 am:   Edit PostDelete PostView Post/Check IP
Top of pagePrevious messageNext messageBottom of page Link to this message

Aavakaaya
Pilla Bewarse
Username: Aavakaaya

Post Number: 489
Registered: 04-2004
Posted From: 195.220.151.50

Rating: N/A
Votes: 0 (Vote!)

Posted on Sunday, May 08, 2005 - 2:08 am:   Edit PostDelete PostView Post/Check IP
>>Lava..soft

peru variety ga vundi ...anyways i'll try..thanx
Top of pagePrevious messageNext messageBottom of page Link to this message

Pidel
Kurra Bewarse
Username: Pidel

Post Number: 567
Registered: 11-2004
Posted From: 211.28.246.196

Rating: N/A
Votes: 0 (Vote!)

Posted on Sunday, May 08, 2005 - 2:06 am:   Edit PostDelete PostView Post/Check IP
MAMA,
IDI TRY CHEYI, CHALA BAGUNDI
Lavasoft Ad-Aware SE Personal
Top of pagePrevious messageNext messageBottom of page Link to this message

Kushi_ram
Desanike Pedda Bewarse
Username: Kushi_ram

Post Number: 9267
Registered: 04-2004
Posted From: 68.32.43.70

Rating: N/A
Votes: 0 (Vote!)

Posted on Sunday, May 08, 2005 - 2:04 am:   Edit PostDelete PostView Post/Check IP
ANYWAYS inka mamalu good night and thanks to kodi mama na system is back to full swing.. Unta mari good night..
Top of pagePrevious messageNext messageBottom of page Link to this message

Aavakaaya
Pilla Bewarse
Username: Aavakaaya

Post Number: 488
Registered: 04-2004
Posted From: 195.220.151.50

Rating: N/A
Votes: 0 (Vote!)

Posted on Sunday, May 08, 2005 - 2:04 am:   Edit PostDelete PostView Post/Check IP
>>u don't have to test ur OS for this installation, just click the option "proceed with out check" or somthing like that and install u

nope...aa option ledu mama

can u suggest me someother software..

rt now am using yahoo tool bar anti-spy
Top of pagePrevious messageNext messageBottom of page Link to this message

Pidel
Kurra Bewarse
Username: Pidel

Post Number: 562
Registered: 11-2004
Posted From: 211.28.246.196

Rating: N/A
Votes: 0 (Vote!)

Posted on Sunday, May 08, 2005 - 2:01 am:   Edit PostDelete PostView Post/Check IP
mama, i use both microsoft beta version and also Lavasoft Ad-Aware SE Personal software. both work very well in tandom.
Top of pagePrevious messageNext messageBottom of page Link to this message

Pidel
Kurra Bewarse
Username: Pidel

Post Number: 561
Registered: 11-2004
Posted From: 211.28.246.196

Rating: N/A
Votes: 0 (Vote!)

Posted on Sunday, May 08, 2005 - 1:59 am:   Edit PostDelete PostView Post/Check IP
DADA , how r u?
Top of pagePrevious messageNext messageBottom of page Link to this message

Prasanth
Bewarse ke Bewarse!
Username: Prasanth

Post Number: 13523
Registered: 03-2004
Posted From: 203.199.213.66

Rating: N/A
Votes: 0 (Vote!)

Posted on Sunday, May 08, 2005 - 1:59 am:   Edit PostDelete PostView Post/Check IP
KR mama...nenu istall chesi one year avtondi..i kept automatic spyware scan at 2 AM every night.
Top of pagePrevious messageNext messageBottom of page Link to this message

Aavakaaya
Pilla Bewarse
Username: Aavakaaya

Post Number: 487
Registered: 04-2004
Posted From: 195.220.151.50

Rating: N/A
Votes: 0 (Vote!)

Posted on Sunday, May 08, 2005 - 1:58 am:   Edit PostDelete PostView Post/Check IP


nenu ee thokkalo Windows ni anduke movie downloads ki, online music kosam tappithe use cheyyanu..

my love is linux
Top of pagePrevious messageNext messageBottom of page Link to this message

Proofdada
Bewarse ke Bewarse!
Username: Proofdada

Post Number: 24616
Registered: 03-2004
Posted From: 84.167.204.89

Rating: N/A
Votes: 0 (Vote!)

Posted on Sunday, May 08, 2005 - 1:57 am:   Edit PostDelete PostView Post/Check IP
pidel mayya..
Top of pagePrevious messageNext messageBottom of page Link to this message

Pidel
Kurra Bewarse
Username: Pidel

Post Number: 560
Registered: 11-2004
Posted From: 211.28.246.196

Rating: N/A
Votes: 0 (Vote!)

Posted on Sunday, May 08, 2005 - 1:56 am:   Edit PostDelete PostView Post/Check IP
Aavakaaya maayya,

u don't have to test ur OS for this installation, just click the option "proceed with out check" or somthing like that and install ur software.
Top of pagePrevious messageNext messageBottom of page Link to this message

Kushi_ram
Desanike Pedda Bewarse
Username: Kushi_ram

Post Number: 9266
Registered: 04-2004
Posted From: 68.32.43.70

Rating: N/A
Votes: 0 (Vote!)

Posted on Sunday, May 08, 2005 - 1:55 am:   Edit PostDelete PostView Post/Check IP
nenu brathiki poyaa.. Mama licensed version aithe no problems kani pirate aithe problem emo.. Nadi licensed so it cleaned up my pc now AND ITS VERY FAST NOW.. COOLIO
Top of pagePrevious messageNext messageBottom of page Link to this message

Aavakaaya
Pilla Bewarse
Username: Aavakaaya

Post Number: 486
Registered: 04-2004
Posted From: 195.220.151.50

Rating: N/A
Votes: 0 (Vote!)

Posted on Sunday, May 08, 2005 - 1:54 am:   Edit PostDelete PostView Post/Check IP
I have installed XP from a CD given with a laptop on my PC..(it worked!).

But to download Spyware Beta it is asking to test if my OS is "genuine MS windows" ...do I have any problem if I proceed.
Top of pagePrevious messageNext messageBottom of page Link to this message

Andhramass
Kurra Bewarse
Username: Andhramass

Post Number: 809
Registered: 12-2004
Posted From: 211.27.213.204

Rating: N/A
Votes: 0 (Vote!)

Posted on Sunday, May 08, 2005 - 1:50 am:   Edit PostDelete PostView Post/Check IP
KR mayyaa a 35MB naa system ni okka sari m*** gudipinchidhii
Top of pagePrevious messageNext messageBottom of page Link to this message

Kushi_ram
Desanike Pedda Bewarse
Username: Kushi_ram

Post Number: 9265
Registered: 04-2004
Posted From: 68.32.43.70

Rating: N/A
Votes: 0 (Vote!)

Posted on Sunday, May 08, 2005 - 1:47 am:   Edit PostDelete PostView Post/Check IP
also activate the real time protections from the spyware
Top of pagePrevious messageNext messageBottom of page Link to this message

Pidel
Kurra Bewarse
Username: Pidel

Post Number: 558
Registered: 11-2004
Posted From: 211.28.246.196

Rating: N/A
Votes: 0 (Vote!)

Posted on Sunday, May 08, 2005 - 1:46 am:   Edit PostDelete PostView Post/Check IP
nenu chala rojula nunchi adi vadutunanu KR maayya
Top of pagePrevious messageNext messageBottom of page Link to this message

Kushi_ram
Desanike Pedda Bewarse
Username: Kushi_ram

Post Number: 9264
Registered: 04-2004
Posted From: 68.32.43.70

Rating: N/A
Votes: 0 (Vote!)

Posted on Sunday, May 08, 2005 - 1:46 am:   Edit PostDelete PostView Post/Check IP
microsoft site lo spyware gurunchi baga ichadu information. Ventane download chessi mi systems clean ceyyandi..
Top of pagePrevious messageNext messageBottom of page Link to this message

Kushi_ram
Desanike Pedda Bewarse
Username: Kushi_ram

Post Number: 9263
Registered: 04-2004
Posted From: 68.32.43.70

Rating: N/A
Votes: 0 (Vote!)

Posted on Sunday, May 08, 2005 - 1:45 am:   Edit PostDelete PostView Post/Check IP
mamalu Microsoft Spyware beta available now , tho cleanup ur pcs from this dangerous SPYWARE.. ippudu na sysem entha hayiga undo..lekapothe Enno enno windows..vachevi,system slow ga undedi.. Now its totally fine..
Top of pagePrevious messageNext messageBottom of page Link to this message

Kushi_ram
Desanike Pedda Bewarse
Username: Kushi_ram

Post Number: 9262
Registered: 04-2004
Posted From: 68.32.43.70

Rating: N/A
Votes: 0 (Vote!)

Posted on Sunday, May 08, 2005 - 1:43 am:   Edit PostDelete PostView Post/Check IP
Spyware Scan Details
Start Date: 5/8/2005 1:49:31 AM
End Date: 5/8/2005 2:15:59 AM
Total Time: 26 mins 28 secs

Detected Threats

WinTools Trojan more information...
Details: Bubba WinTools’ purpose is currently unknown. Bubba.WinTools installs an Internet Explorer browser helper object, a URL search hook, and downloads several files in Common files\WinTools\. Bubba.WinTools runs at startup
Status: Removed
Severe threat - Severe-risk items have an extreme potential for harm, such as a security exploit, and should be removed.

Infected files detected
C:\Program Files\Common Files\WinTools\WToolsS.exe
C:\Program Files\Common Files\WinTools\WToolsA.exe
C:\Program Files\Common Files\WinTools\WSup.exe
c:\Program Files\Common Files\WinTools\WToolsB.dll
c:\program files\common files\wintools\rmhgxlmu.wzg
c:\program files\common files\wintools\wtoolsc.cfg
c:\program files\common files\wintools\wtoolsd.cfg
c:\program files\common files\wintools\wtoolsp.cfg

Infected folders detected
c:\program files\common files\wintools
c:\program files\common files\wintools\update

Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run WinTools
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run WinTools
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\nlibx4m\0q xri4zn LH
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\nlibx4m\0q xraz7 -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\nlibx4m\0q myzys -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools hminlzz2ym5hx3rk .
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools hminlzzzrwrz 1
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools lkkrzl7 -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools lkjhn2j .
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools lkbd4xz eqqm7,,^p+^at^sb+`lj,^p+^pju,Po`eHbvp<^c\fa:"^c\f a"#ht:"hbvtloap"#alj:"kbt\alj"#QRFA:"qrfa"#`\efpq: "`\efpq"#`llhfbp:"`llhfbp"#o\fm:
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools lkixw4xz eqqm7,,^p+^at^sb+`lj,^p+^pju,@ekdAlj<^c\fa:"^c\fa "#la:"lia\alj"#ka:"kbt\alj"#QRFA:"qrfa"#`\efpq:"`\ efpq"#`llhfbp:"`llhfbp"#o\fm:
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools libkrzl7 3-
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{87766247 -311C-43B4-8499-3D5FEC94A183}
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 25s2jr2bjy4x .3
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 25s4xz eqqm7,,altkil^a+tb_pb^o`e+`lj,^p/`lkcfd+^pju,DbqU JIFp:"bk^_ib\^rqlfkpq"#>Pp:"bk^_ib\^ap"#qphp\p:"`c d\qphp\p"#qph\e:"`cd\qph\e"#j^u\fa:"`cd\j^u\fa"#po s\s:"`cd\pos\s"#pq^qp:"`cd\pq^qp"#n\obp:"`cd\n\obp "
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 25swrx .+-+-+.6
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 5x62lalk %.-&
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 5x62labd %-&
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 5x62laiar2 %-&
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools hminlzz2ym5hx3t eqqm7,,altkil^a+tb_pb^o`e+`lj,Q_Pq^qFkpqIld+^pju, PbqPq^qrpPS/\BUB\FK#QRFA:"qrfa"#Fkcl:Pb^o`eFkpq^ii #pa^qb:"fa^qb"#pqfjb:"fqfjb"
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools hminlzz2ym5hx3i7i eqqm7,,altkil^a+tb_pb^o`e+`lj,Q_FkpqIld+^pju,DbqU JIP/\PVP#Mltbo\R:"m\rpo"#Fkcl:"ob^plk"#QRFA:"qrfa"
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools hminlzz2ym5hx3i7iru eqqm7,,altkil^a+tb_pb^o`e+`lj,Q_FkpqIld+^pju,DbqU JIP/\PVPBU#Mltbo\R:"m\rpo"#Fkcl:"ob^plk"#QRFA:"qrf a"
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools hminlzzijyd 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects{87766247-311C-43B4-8499-3D5FEC94A183}
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 4mhminlcy4nhm5y eqqm7,,ttt+tfk*qllip+`lj,
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 4mhmin2ym5hx3 eqqm7,,altkil^a+tb_pb^o`e+`lj,Q_Pq^qFkpqIld+^pju, PbqPq^qrpPS/\BUB\RK#QRFA:"qrfa"#Fkcl:Pb^o`eFkpq^ii #pa^qb:"fa^qb"#pqfjb:"fqfjb"
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 4mhminml3r Tfk*QllipB^pvFkpq^iibo%_vTb_Pb^o`e&
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 4mhmina4czhijrx TfkQllip
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools wrxcyir .
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 5hxinlk -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 5hxinbd -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 4mml3rlk Tb_Pb^o`eQllip@lkqbuqr^i>ap
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 4mml3rbd Tb_Pb^o`eQllipPb^o`e>ppfpq^kq
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 4mml3rri Tb_Pb^o`eQllipBooloPb^o`e
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{A8DEB4A5 -D9EF-4D21-B4F6-921475004E7D}
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 4mml3rhri Tb_Pb^o`eQllipPb^o`e?rqqlk
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 4mml3rja Tb_Pb^o`eQllipEljbM^db
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 4mml3rlkbd Pb^o`e>ppfpq^kq
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 4mml3rrihri Tb_Pb^o`eQllip
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 4mhminlzzhm5yt 
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 4mhminlzzhm5y1 eqqm7,,altkil^a+tb_pb^o`e+`lj,Prmmloq,>P\rkfkpq^i i\/+^pmuHKEY_LOCAL_MACHINE\SOFTWARE\WinTools 5hxinrbd -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 5x62larbd %.&
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools x4zrirua 0-
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools x4zriinya .-
HKEY_CLASSES_ROOT\WToolsB.ResProtocol
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools lk4mh4xz eqqm7,,^p+^at^sb+`lj,^p+^pju,RKFHKEY_LOCAL_MACHIN E\SOFTWARE\WinTools rmlczrjy3ralsr -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools librmlczrjy3ralsr -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools rmlczr8g8 -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools librmlczr8g8 -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools rmlczrli -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools librmlczrli -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools rmlczrhri -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools librmlczrhri -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 4mkralk -
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WToolsB.ResPro tocol
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 4mkrabd -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 4mkrari -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 4mkrahri -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 4mkraja -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools rmlczrlki -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools rmlczrl4nyhmin .
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools rmlczrbdlki -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools n4hk S1C3-6-B4//66-1054>-C4@54C1@.1@/..*U3-/6--/.5-
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools k25s4ak /--2-2-4-47137-2
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 24irxi /
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run WinTools
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools kydmklnr 05146
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 2lki -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 2zlki -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 2rlki -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 2zrlki -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 2bd -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 2zbd -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 2rbd -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 2zrbd -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 2rrbd -
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run WinTools
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 2zrrbd -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 2xhr 0.-4
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 2zxhr 26
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 28g8 -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 2z8g8 -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 2li -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 2zli -
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools z225s /--2-2-4-47137-2
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools li4xz eqqm7,,po+tb_pb^o`e+`lj,^p+^pmuHKEY_LOCAL_MACHINE \SOFTWARE\WinTools khminlzz /--2-1.6-2706726
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{87766247 -311C-43B4-8499-3D5FEC94A183}
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools 25sixwwlx FMODP:y.-y
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools kydm4xziw2 eqqm7,,apq+tb_pb^o`e+`lj,Aki,Q\2-/12,TfkQP+`^_
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools kydm4xzihnr eqqm7,,^p+^at^sb+`lj,TQllip@+`^_
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools kydm4xzkr5 eqqm7,,^p+^at^sb+`lj,TQllipA+`^_
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools kydm4xzaxr5 eqqm7,,^p+^at^sb+`lj,TQllipM+`^_
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools kydm4xzbd4 eqqm7,,^p+^at^sb+`lj,TQllipR+`^_
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools kydm4xzbdk eqqm7,,^p+^at^sb+`lj,TQllipO+`^_
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools zlh /--2-2-4-47137-2
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools hri4xz eqqm7,,ttt+tb_pb^o`e+`lj,fb+^pmuHKEY_LOCAL_MACHIN E\SYSTEM\CurrentControlSet\Services\WinToolsSvc
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects{87766247-311C-43B4-8499-3D5FEC94A183}
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\WinToolsSvc\Security Security
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\WinToolsSvc\Enum 0 Root\LEGACY_WINTOOLSSVC\0000
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\WinToolsSvc\Enum Count 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\WinToolsSvc\Enum NextInstance 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\WinToolsSvc Type 16
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\WinToolsSvc Start 2
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\WinToolsSvc ErrorControl 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\WinToolsSvc ImagePath C:\Program Files\Common Files\WinTools\WToolsS.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\WinToolsSvc DisplayName WinTools for IE service
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\WinToolsSvc ObjectName LocalSystem
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run WinTools
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{A8DEB4A5 -D9EF-4D21-B4F6-921475004E7D}
HKEY_CLASSES_ROOT\WToolsB.ResProtocol
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WToolsB.ResPro tocol
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run WinTools
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run WinTools
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{87766247 -311C-43B4-8499-3D5FEC94A183}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects{87766247-311C-43B4-8499-3D5FEC94A183}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{A8DEB4A5 -D9EF-4D21-B4F6-921475004E7D}
HKEY_CLASSES_ROOT\WToolsB.ResProtocol
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WToolsB.ResPro tocol
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run WinTools
HKEY_CLASSES_ROOT\clsid{87067F04-DE4C-4688-BC3C-4F CF39D609E7}
HKEY_CLASSES_ROOT\clsid{87067F04-DE4C-4688-BC3C-4F CF39D609E7}\LocalServer32 C:\Program Files\Common Files\WinTools\WToolsA.exe
HKEY_CLASSES_ROOT\clsid{87067F04-DE4C-4688-BC3C-4F CF39D609E7}\LocalServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid{87766247-311C-43B4-8499-3D 5FEC94A183}
HKEY_CLASSES_ROOT\clsid{87766247-311C-43B4-8499-3D 5FEC94A183}\InprocServer32 C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll
HKEY_CLASSES_ROOT\clsid{87766247-311C-43B4-8499-3D 5FEC94A183}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid{87766247-311C-43B4-8499-3D 5FEC94A183}
HKEY_CLASSES_ROOT\clsid{A8DEB4A5-D9EF-4D21-B4F6-92 1475004E7D}
HKEY_CLASSES_ROOT\clsid{A8DEB4A5-D9EF-4D21-B4F6-92 1475004E7D}\InprocServer32 C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll
HKEY_CLASSES_ROOT\clsid{A8DEB4A5-D9EF-4D21-B4F6-92 1475004E7D}\InprocServer32 ThreadingModel Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{87766247 -311C-43B4-8499-3D5FEC94A183}
HKEY_CLASSES_ROOT\clsid{A8DEB4A5-D9EF-4D21-B4F6-92 1475004E7D}\ProgID WToolsB.ResProtocol
HKEY_CLASSES_ROOT\clsid{A8DEB4A5-D9EF-4D21-B4F6-92 1475004E7D}
HKEY_CURRENT_USER\Software\WinTools
HKEY_CURRENT_USER\Software\WinTools ICheck ok
HKEY_CURRENT_USER\Software\WinTools hminlzz2ym5hx3rk4irx .
HKEY_CURRENT_USER\Software\WinTools a4ix -
HKEY_CURRENT_USER\Software\WinTools alk3hm -
HKEY_CURRENT_USER\Software\WinTools 4irx2y4mnrk .
HKEY_CURRENT_USER\Software\WinTools hrhrirlx2j4xz eqqm7,,ttt+tb_pb^o`e+`lj,fb+^pmuHKEY_CURRENT_USER \Software\WinTools rmhri .
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects{87766247-311C-43B4-8499-3D5FEC94A183}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{87766247 -311C-43B4-8499-3D5FEC94A183}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{87766247 -311C-43B4-8499-3D5FEC94A183}\InprocServer32 C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{87766247 -311C-43B4-8499-3D5FEC94A183}\InprocServer32 ThreadingModel Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{87766247 -311C-43B4-8499-3D5FEC94A183}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{A8DEB4A5 -D9EF-4D21-B4F6-921475004E7D}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{A8DEB4A5 -D9EF-4D21-B4F6-921475004E7D}\InprocServer32 C:\PROGRA~1\COMMON~1\WinTools\WToolsB.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{A8DEB4A5 -D9EF-4D21-B4F6-921475004E7D}\InprocServer32 ThreadingModel Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{A8DEB4A5 -D9EF-4D21-B4F6-921475004E7D}\ProgID WToolsB.ResProtocol
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{A8DEB4A5 -D9EF-4D21-B4F6-921475004E7D}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Name -Space Handler\res\WToolsB.ResProtocol
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{A8DEB4A5 -D9EF-4D21-B4F6-921475004E7D}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WToolsB.ResPro tocol\Clsid
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WToolsB.ResPro tocol\Clsid {A8DEB4A5-D9EF-4D21-B4F6-921475004E7D}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WToolsB.ResPro tocol
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WToolsB.ResPro tocol\Clsid {A8DEB4A5-D9EF-4D21-B4F6-921475004E7D}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WToolsB.ResPro tocol
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects{87766247-311C-43B4-8499-3D5FEC94A183}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run WinTools
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\WinTools
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\WinTools DisplayName Win-Tools Easy Installer (by WebSearch)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\WinTools UninstallString C:\PROGRA~1\COMMON~1\WinTools\WToolsA.exe uninst
HKEY_CLASSES_ROOT\WToolsB.ResProtocol
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\WinTools Publisher WinTools
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\WinTools URLInfoAbout http://www.win-tools.com/
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\kydmzylki iw2zlin /--2-1.6
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\kydmzylki ihnrzlin /--2-2-/
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\kydmzylki axr5zlin /--2-2-4
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\kydmzylki kr5zlin /--2-1.6
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\kydmzylki bdkzlin /--2-2-4
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\kydmzylki bd4zlin /--2-2-4
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\nlibjhin v /--2-1.6-671-7-4)LH
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WToolsB.ResPro tocol
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\nlibjhin tg /--2-1.6-671-7-4)LH
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\nlibjhin ef /--2-1.6-671-7-4)LH
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\nlibjhin vv /--2-1.6-671-7-4)C@LKA)@/
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\nlibjhin qe /--2-1.6-671-7-4)LH
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\nlibjhin q8 /--2-1.6-671-7-4)LH
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\nlibjhin tgv /--2-1.6-671-7-4)LH
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\nlibjhin ttt /--2-1.6-671-7-4)C@LKA)@/
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\nlibjhin tt1 /--2-1.6-671-7-4)C@LKA)@/
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\nlibjhin 1v /--2-1/2-6704723)LH
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\nlibjhin vg /--2-1/2-6704724)C@LKA)@.y@/y@0y@1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run WinTools
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\nlibjhin teg /--2-1/3-671/7//)C@LKA)@.
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\nlibjhin 8v /--2-2-/./7/37.3)C@LKA)@.
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\nlibjhin 80 /--2-2-/./7/37.3)LH
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\nlibjhin 8e /--2-2-1.-7-67//)C@LKA)@0)@1
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\nlibjhin 0q /--2-2-4.-7137-2)LH
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\nlibx4m\0q x4mln /--2-2-4..7-37-2
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\nlibx4m\0q x4m2y4mn 0
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\nlibx4m\0q ru2y4mn 0
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\nlibx4m\0q ruln /--2-2-4.-7137-2
HKEY_LOCAL_MACHINE\SOFTWARE\WinTools\nlibx4m\0q hmrnxr6 -


WindUpdates Browser Plug-in more information...
Details: WindUpdates downloads additional adware and displays pop-up advertising.
Status: Removed
Severe threat - Severe-risk items have an extreme potential for harm, such as a security exploit, and should be removed.

Infected files detected
c:\windows\system32\ide21201.vxd


AproposMedia Browser Modifier more information...
Details: AproposMedia is a component of PeopleOnPage, sometimes found on computers without the commonly visible portion of the application . AproposMedia displays pop-up advertisements, and changes browser settings.
Status: Removed
Severe threat - Severe-risk items have an extreme potential for harm, such as a security exploit, and should be removed.

Infected files detected
c:\program files\autoupdate\autoupdate.exe
c:\program files\cxtpls\ai_04-05-2005.log
c:\program files\cxtpls\ai_05-05-2005.log
c:\program files\cxtpls\ai_06-05-2005.log
c:\program files\cxtpls\ai_07-05-2005.log
c:\program files\cxtpls\ai_08-05-2005.log
c:\program files\cxtpls\atl.dll
c:\program files\cxtpls\cxtpls.dll
c:\program files\cxtpls\cxtpls.exe
c:\program files\cxtpls\data.bin
c:\program files\cxtpls\libexpat.dll
C:\Documents and Settings\AtteliR\Local Settings\Temp\auf0.exe
c:\program files\cxtpls\proxystub.dll
c:\program files\cxtpls\uninstaller.exe
c:\program files\cxtpls\wingenerics.dll
C:\Documents and Settings\AtteliR\Local Settings\Temp\AutoUpdate0\auto_update_install.exe
C:\Documents and Settings\AtteliR\Local Settings\Temp\cxtpls_loader.exe
c:\windows\system32\itintfs.exe
c:\windows\system32\jitrprof.exe
c:\program files\cxtpls\ace.dll
c:\program files\cxtpls\ai_02-05-2005.log
c:\program files\cxtpls\ai_03-05-2005.log

Infected folders detected
c:\program files\cxtpls

Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run AutoUpdater
HKEY_CLASSES_ROOT\clsid{B5AB638F-D76C-415B-A8F2-F3 CEAC502212}\ProgID
HKEY_CLASSES_ROOT\clsid{B5AB638F-D76C-415B-A8F2-F3 CEAC502212}\VersionIndependentProgID
HKEY_CLASSES_ROOT\clsid{B5AB638F-D76C-415B-A8F2-F3 CEAC502212}
HKEY_CLASSES_ROOT\clsid{BC333116-6EA1-40A1-9D07-EC B192DB8CEA}
HKEY_CLASSES_ROOT\clsid{BC333116-6EA1-40A1-9D07-EC B192DB8CEA}\InProcServer32 C:\Program Files\CxtPls\proxystub.dll
HKEY_CLASSES_ROOT\clsid{BC333116-6EA1-40A1-9D07-EC B192DB8CEA}\InProcServer32 ThreadingModel Both
HKEY_CLASSES_ROOT\clsid{BC333116-6EA1-40A1-9D07-EC B192DB8CEA} PSFactoryBuffer
HKEY_CURRENT_USER\SOFTWARE\Apropos\Client
HKEY_CURRENT_USER\SOFTWARE\Apropos\Client\Cookies\ Data\net\contextplus\adchannel.contextplus.net/ser vices/AdChannelServer
HKEY_CURRENT_USER\Software\Apropos
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{016235BE -59D4-4CEB-ADD5-E2378282A1D9}
HKEY_CURRENT_USER\Software\Apropos\Client\Cookies\ Data\net\contextplus\adchannel.contextplus.net/ser vices/AdChannelServer
HKEY_LOCAL_MACHINE\software\apropos
HKEY_LOCAL_MACHINE\software\apropos\Client ProxyStub C:\Program Files\CxtPls\proxystub.dll
HKEY_LOCAL_MACHINE\software\apropos\Client Plugin C:\Program Files\CxtPls\cxtpls.dll
HKEY_LOCAL_MACHINE\software\apropos\Client ClientName C:\Program Files\CxtPls\CxtPls.exe
HKEY_LOCAL_MACHINE\software\apropos\Client LegalNote nonbranded
HKEY_LOCAL_MACHINE\software\apropos\Client InstallationId {H04c4811-465d-6d26-dde7-d65679042ef2}
HKEY_LOCAL_MACHINE\software\apropos\Client PartnerId CP.IST
HKEY_LOCAL_MACHINE\software\apropos\Client ServerAddress adchannel.contextplus.net
HKEY_LOCAL_MACHINE\SOFTWARE\Envolo\AutoUpdate\Stat e
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects{016235BE-59D4-4CEB-ADD5-E2378282A1D9}
HKEY_LOCAL_MACHINE\SOFTWARE\Envolo\AutoUpdate\Stat e AM_version 1.0.192
HKEY_LOCAL_MACHINE\SOFTWARE\Envolo\AutoUpdate\Stat e EnvoloAutoUpdater_version 1.0.24
HKEY_LOCAL_MACHINE\SOFTWARE\Envolo\AutoUpdate\Stat e AM_1.0.192 executed (0)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects{016235BE-59D4-4CEB-ADD5-E2378282A1D9}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run AutoUpdater "C:\Program Files\AutoUpdate\AutoUpdate.exe"
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{BC333116 -6EA1-40A1-9D07-ECB192DB8CEA}
HKEY_CLASSES_ROOT\clsid{016235BE-59D4-4CEB-ADD5-E2 378282A1D9}
HKEY_CLASSES_ROOT\clsid{016235BE-59D4-4CEB-ADD5-E2 378282A1D9}\InprocServer32 C:\Program Files\CxtPls\cxtpls.dll
HKEY_CLASSES_ROOT\clsid{016235BE-59D4-4CEB-ADD5-E2 378282A1D9}\InprocServer32 ThreadingModel Both
HKEY_CLASSES_ROOT\clsid{B5AB638F-D76C-415B-A8F2-F3 CEAC502212}
HKEY_CLASSES_ROOT\clsid{B5AB638F-D76C-415B-A8F2-F3 CEAC502212}\LocalServer32 C:\Program Files\CxtPls\CxtPls.exe


CoolWebSearch Browser Modifier more information...
Details: CoolWebSearch is a wide range of browser redirection tools. All variants redirect you to specific Web sites.
Status: Removed
Severe threat - Severe-risk items have an extreme potential for harm, such as a security exploit, and should be removed.

Infected registry keys/values detected
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks _{CFBFAE00-17A6-11D0-99CB-00C04FD64497}


AvenueMedia.DyFuCA Browser Plug-in more information...
Details: AvenueMedia DyFuCA Internet Optimizer is adware that changes your browser error page. It periodically displays pop-up advertisements from its remote sites and may update itself.
Status: Removed
Severe threat - Severe-risk items have an extreme potential for harm, such as a security exploit, and should be removed.

Infected files detected
C:\Program Files\Internet Optimizer\optimize.exe
C:\Program Files\Internet Optimizer\actalert.exe
c:\windows\nem220.dll
c:\windows\wsem303.dll
C:\Program Files\Internet Optimizer\install.exe
C:\Program Files\Internet Optimizer\update\install.exe
c:\program files\internet optimizer\sim\goldentiger.exe
c:\program files\internet optimizer\update\actalert.exe
c:\program files\internet optimizer\update\rogue.exe

Infected folders detected
c:\program files\internet optimizer
c:\program files\internet optimizer\sim
c:\program files\internet optimizer\update

Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run Internet Optimizer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects{8F4E5661-F99E-4B3E-8D85-0EA71C0748E4}
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Software Installer\cf1 Version 3.0.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Software Installer
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Software Installer\cf1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Software Installer\cf1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Software Installer\cf1 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Software Installer\cf1 TimeStamp 20040803000001
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Software Installer\cf1 Version 3.0.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Software Installer Version 3.0.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Software Installer Target C:\Program Files\Internet Optimizer\install.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{CEA206E8 -8057-4A04-ACE9-FF0D69A92297}
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf1 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf1 TimeStamp 20050402141432
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf1 Version 3.0.3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2 TimeStamp 20050402141432
HKEY_CLASSES_ROOT\DyFuCA_BH.SinkObj.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2 Version 3.0.3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2 Last 1115524633
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2 StartT 1115523781
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2 Num 4
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf3 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf3 TimeStamp 20050402141432
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf3 Version 3.0.3
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DyFuCA_BH.Sink Obj.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf4
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf4 RawData
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf4 Data
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf4 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf4 TimeStamp 20050402141432
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf4 Version 3.0.3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf5
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf5 RawData
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf5 Data
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf5 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run Internet Optimizer
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf5 TimeStamp 20050402141432
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf5 Version 3.0.3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf1 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf1 TimeStamp 20050402141432
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf1 Version 3.0.3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{00000010 -6F7D-442C-93E3-4A4827C2E4C8}
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2 TimeStamp 20050402141432
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2 Version 3.0.3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2 Last 1115524633
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2 StartT 1115523781
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2 Num 4
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf3 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf3 TimeStamp 20050402141432
HKEY_CLASSES_ROOT\DyFuCA_BH.BHObj.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf3 Version 3.0.3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf4 RawData
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf4 Data
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf4 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf4 TimeStamp 20050402141432
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf4 Version 3.0.3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf5 RawData
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf5 Data
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf5 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf5 TimeStamp 20050402141432
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DyFuCA_BH.BHOb j.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf5 Version 3.0.3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE Version 3.0.3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE Options 1,Search Engine Optimization,1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE ModuleFileName C:\WINDOWS\wsem303.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI2481 4170015901
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1443 4170063052
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1442 4170063052
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1440 4170063052
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI19981 4170035572
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1436 4170062789
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects{00000010-6F7D-442C-93E3-4A4827C2E4C8}
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI22802 4168651604
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI509180 4168651724
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI506203 4168651773
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI19994 4170062841
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI19995 4170063470
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI19975 4169799405
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI19968 4170062905
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI19967 4169843316
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1435 4170062897
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI506430 4169100965
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run Internet Optimizer
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI509489 4168761682
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1422 4168904444
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1424 4169768271
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI20234 4168857095
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI507735 4168918759
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI508214 4169008763
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI896 4169866367
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI23266 4169070485
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI21593 4169106923
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI20004 4169966680
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run Internet Optimizer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{8F4E5661 -F99E-4B3E-8D85-0EA71C0748E4}
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI500673 4169785198
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI19048 4169256654
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI508432 4169256654
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1398 4169785421
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI509488 4169965521
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI508129 4169279914
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI508195 4169683477
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1466 4169345828
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI20000 4169434179
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1426 4169434179
HKEY_CLASSES_ROOT\DyFuCA_BH.BHObj.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI16895 4169434179
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI972 4169594188
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1544 4169594861
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1437 4169596217
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI19996 4169597273
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI22013 4169673293
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI19978 4169688797
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1547 4169688804
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI19983 4169934914
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI20070 4169977660
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DyFuCA_BH.BHOb j.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI2422 4170063641
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf1 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf1 TimeStamp 20040702154727
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf1 Version 3.0.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf3 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf3 TimeStamp 20040628000000
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf3 Version 3.0.1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects{8F4E5661-F99E-4B3E-8D85-0EA71C0748E4}
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert Version 3.0.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert Target C:\Program Files\Internet Optimizer\actalert.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert RI75 4168650993
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert RILast 4168903644
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert RI73 4165980419
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert RI78 4168655943
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert RI77 4168716468
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert RI74 4168903644
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper\cf1 RawData
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper\cf1 Data
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{CEA206E8 -8057-4A04-ACE9-FF0D69A92297}
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper\cf1 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper\cf1 TimeStamp 20041116000000
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper\cf1 Version 2.2.0
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper Version 2.2.0
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper ModuleFileName C:\WINDOWS\nem220.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper Options 1,URL Search Optimization,1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Software Installer\cf1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Software Installer\cf1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Software Installer\cf1 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Software Installer\cf1 TimeStamp 20040803000001
HKEY_CLASSES_ROOT\DyFuCA_BH.SinkObj.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Software Installer\cf1 Version 3.0.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Software Installer Version 3.0.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Software Installer Target C:\Program Files\Internet Optimizer\install.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf1 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf1 TimeStamp 20050402141432
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf1 Version 3.0.3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DyFuCA_BH.Sink Obj.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2 TimeStamp 20050402141432
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2 Version 3.0.3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2 Last 1115524633
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2 StartT 1115523781
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2 Num 4
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf3 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf3 TimeStamp 20050402141432
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{00000010 -6F7D-442C-93E3-4A4827C2E4C8}
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf3 Version 3.0.3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf4 RawData
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf4 Data
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf4 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf4 TimeStamp 20050402141432
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf4 Version 3.0.3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf5 RawData
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf5 Data
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf5 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf5 TimeStamp 20050402141432
HKEY_CLASSES_ROOT\DyFuCA_BH.BHObj.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf5 Version 3.0.3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE Version 3.0.3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE Options 1,Search Engine Optimization,1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE ModuleFileName C:\WINDOWS\wsem303.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI2481 4170015901
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1443 4170063052
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1442 4170063052
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1440 4170063052
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI19981 4170035572
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1436 4170062789
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DyFuCA_BH.BHOb j.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI22802 4168651604
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI509180 4168651724
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI506203 4168651773
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI19994 4170062841
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI19995 4170063470
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI19975 4169799405
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI19968 4170062905
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI19967 4169843316
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1435 4170062897
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI506430 4169100965
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{00000010 -6F7D-442C-93E3-4A4827C2E4C8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects{00000010-6F7D-442C-93E3-4A4827C2E4C8}
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI509489 4168761682
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1422 4168904444
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1424 4169768271
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI20234 4168857095
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI507735 4168918759
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI508214 4169008763
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI896 4169866367
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI23266 4169070485
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI21593 4169106923
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI20004 4169966680
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{8F4E5661 -F99E-4B3E-8D85-0EA71C0748E4}
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI500673 4169785198
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI19048 4169256654
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI508432 4169256654
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1398 4169785421
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI509488 4169965521
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI508129 4169279914
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI508195 4169683477
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1466 4169345828
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI20000 4169434179
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1426 4169434179
HKEY_CLASSES_ROOT\DyFuCA_BH.BHObj.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI16895 4169434179
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI972 4169594188
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1544 4169594861
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1437 4169596217
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI19996 4169597273
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI22013 4169673293
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI19978 4169688797
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI1547 4169688804
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI19983 4169934914
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI20070 4169977660
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DyFuCA_BH.BHOb j.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\WSE RI2422 4170063641
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer TargetDir
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer TAC Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer CLS wsi25
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer RID c01
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer Version 3.1.3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer ServerVisited 29709181,986105424
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer UpdateInterval 21600
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer ID 1-77e2b8d77862a7b3a937da4
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer InstallT 1113918020
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects{8F4E5661-F99E-4B3E-8D85-0EA71C0748E4}
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer remember[LLT] 1115476846
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer Conn 1223,6
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer 403 1024
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer 404 1024
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer 410 1024
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer 500 1024
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer PendingRemoval
HKEY_LOCAL_MACHINE\software\avenue media
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Active Alert\cf1 DiffAll Yes
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Active Alert\cf1 TimeStamp 20040702154727
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{CEA206E8 -8057-4A04-ACE9-FF0D69A92297}
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Active Alert\cf1 Version 3.0.1
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Active Alert\cf3
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Active Alert\cf3
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Active Alert\cf3 DiffAll Yes
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Active Alert\cf3 TimeStamp 20040628000000
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Active Alert\cf3 Version 3.0.1
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Active Alert Version 3.0.1
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Active Alert Target C:\Program Files\Internet Optimizer\actalert.exe
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Active Alert RI75 4168650993
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Active Alert RILast 4168903644
HKEY_CLASSES_ROOT\DyFuCA_BH.SinkObj.1
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Active Alert RI73 4165980419
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Active Alert RI78 4168655943
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Active Alert RI77 4168716468
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Active Alert RI74 4168903644
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Browser Helper\cf1 RawData
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Browser Helper\cf1 Data
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Browser Helper\cf1 DiffAll Yes
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Browser Helper\cf1 TimeStamp 20041116000000
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Browser Helper\cf1 Version 2.2.0
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Browser Helper Version 2.2.0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DyFuCA_BH.Sink Obj.1
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Browser Helper ModuleFileName C:\WINDOWS\nem220.dll
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Browser Helper Options 1,URL Search Optimization,1
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Software Installer\cf1
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Software Installer\cf1
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Software Installer\cf1 DiffAll Yes
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Software Installer\cf1 TimeStamp 20040803000001
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Software Installer\cf1 Version 3.0.1
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Software Installer Version 3.0.1
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\Software Installer Target C:\Program Files\Internet Optimizer\install.exe
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run Internet Optimizer
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf1
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf1 DiffAll Yes
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf1 TimeStamp 20050402141432
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf1 Version 3.0.3
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf2
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf2
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf2 DiffAll Yes
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf2 TimeStamp 20050402141432
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf2 Version 3.0.3
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf2 Last 1115524633
HKEY_CLASSES_ROOT\dyfuca_bh.bhobj.1
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf2 StartT 1115523781
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf2 Num 4
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf3
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf3
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf3 DiffAll Yes
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf3 TimeStamp 20050402141432
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf3 Version 3.0.3
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf4 RawData
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf4 Data
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf4 DiffAll Yes
HKEY_CLASSES_ROOT\DyFuCA_BH.BHObj.1
HKEY_CLASSES_ROOT\dyfuca_bh.bhobj.1\CLSID {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4}
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf4 TimeStamp 20050402141432
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf4 Version 3.0.3
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf5 RawData
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf5 Data
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf5 DiffAll Yes
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf5 TimeStamp 20050402141432
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE\cf5 Version 3.0.3
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE Version 3.0.3
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE Options 1,Search Engine Optimization,1
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE ModuleFileName C:\WINDOWS\wsem303.dll
HKEY_CLASSES_ROOT\dyfuca_bh.bhobj.1 BHObj Class
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI2481 4170015901
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI1443 4170063052
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI1442 4170063052
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI1440 4170063052
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI19981 4170035572
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI1436 4170062789
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI22802 4168651604
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI509180 4168651724
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI506203 4168651773
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI19994 4170062841
HKEY_CLASSES_ROOT\interface{1c01d150-91a4-4de0-9bf 8-a35d1bdf1001}
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI19995 4170063470
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI19975 4169799405
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI19968 4170062905
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI19967 4169843316
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI1435 4170062897
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI506430 4169100965
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI509489 4168761682
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI1422 4168904444
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI1424 4169768271
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI20234 4168857095
HKEY_CLASSES_ROOT\interface{1c01d150-91a4-4de0-9bf 8-a35d1bdf1001}\ProxyStubClsid {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI507735 4168918759
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI508214 4169008763
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI896 4169866367
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI23266 4169070485
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI21593 4169106923
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI20004 4169966680
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI500673 4169785198
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI19048 4169256654
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI508432 4169256654
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI1398 4169785421
HKEY_CLASSES_ROOT\interface{1c01d150-91a4-4de0-9bf 8-a35d1bdf1001}\ProxyStubClsid32 {00020424-0000-0000-C000-000000000046}
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI509488 4169965521
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI508129 4169279914
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI508195 4169683477
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI1466 4169345828
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI20000 4169434179
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI1426 4169434179
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI16895 4169434179
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI972 4169594188
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI1544 4169594861
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI1437 4169596217
HKEY_CLASSES_ROOT\interface{1c01d150-91a4-4de0-9bf 8-a35d1bdf1001}\TypeLib {40B1D454-9CA4-43CC-86AA-CB175EAC52FB}
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI19996 4169597273
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI22013 4169673293
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI19978 4169688797
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI1547 4169688804
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI19983 4169934914
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI20070 4169977660
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer\WSE RI2422 4170063641
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer TargetDir
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer TAC Yes
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer CLS wsi25
HKEY_CLASSES_ROOT\interface{1c01d150-91a4-4de0-9bf 8-a35d1bdf1001}\TypeLib Version 1.0
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer RID c01
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer Version 3.1.3
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer ServerVisited 29709181,986105424
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer UpdateInterval 21600
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer ID 1-77e2b8d77862a7b3a937da4
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer InstallT 1113918020
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer remember[LLT] 1115476846
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer Conn 1223,6
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer 403 1024
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer 404 1024
HKEY_CLASSES_ROOT\interface{1c01d150-91a4-4de0-9bf 8-a35d1bdf1001} IBHObj
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer 410 1024
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer 500 1024
HKEY_LOCAL_MACHINE\software\avenue media\Internet Optimizer PendingRemoval
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DyFuCA_BH.BHOb j.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DyFuCA_BH.BHOb j.1\CLSID {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DyFuCA_BH.BHOb j.1 BHObj Class
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DyFuCA_BH.BHOb j
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DyFuCA_BH.BHOb j\CLSID {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DyFuCA_BH.BHOb j\CurVer DyFuCA_BH.BHObj.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DyFuCA_BH.BHOb j BHObj Class
HKEY_CLASSES_ROOT\typelib{0be10b0d-b4db-4693-9b1f- 9aead54d17dc}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DyFuCA_BH.Sink Obj.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DyFuCA_BH.Sink Obj.1\CLSID {CEA206E8-8057-4A04-ACE9-FF0D69A92297}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DyFuCA_BH.Sink Obj.1 SinkObj Class
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DyFuCA_BH.Sink Obj
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DyFuCA_BH.Sink Obj\CLSID {CEA206E8-8057-4A04-ACE9-FF0D69A92297}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DyFuCA_BH.Sink Obj\CurVer DyFuCA_BH.SinkObj.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DyFuCA_BH.Sink Obj SinkObj Class
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\App Management\ARPCache\Internet Optimizer Active Alert
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\App Management\ARPCache\Internet Optimizer Active Alert
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\App Management\ARPCache\Internet Optimizer Active Alert Changed 0
HKEY_CLASSES_ROOT\typelib{0be10b0d-b4db-4693-9b1f- 9aead54d17dc}\1.0\0\win32 C:\WINDOWS\wsem303.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\App Management\ARPCache\Internet Optimizer Software Installer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\App Management\ARPCache\Internet Optimizer Software Installer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\App Management\ARPCache\Internet Optimizer Software Installer Changed 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\App Management\ARPCache\Internet Optimizer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\App Management\ARPCache\Internet Optimizer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\App Management\ARPCache\Internet Optimizer Changed 0
HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\explorer\browser helper objects{8f4e5661-f99e-4b3e-8d85-0ea71c0748e4}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run Internet Optimizer "C:\Program Files\Internet Optimizer\optimize.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\uninstall\dyfuca
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\Internet Optimizer Active Alert
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DyFuCA_BH.BHOb j.1
HKEY_CLASSES_ROOT\typelib{0be10b0d-b4db-4693-9b1f- 9aead54d17dc}\1.0\FLAGS 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\Internet Optimizer Active Alert DisplayIcon C:\Program Files\Internet Optimizer\actalert.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\Internet Optimizer Active Alert DisplayName Active Alert
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\Internet Optimizer Active Alert UninstallString "C:\Program Files\Internet Optimizer\actalert.exe" /u
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\Internet Optimizer Software Installer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\Internet Optimizer Software Installer DisplayIcon C:\Program Files\Internet Optimizer\install.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\Internet Optimizer Software Installer DisplayName Software Update Manager
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\Internet Optimizer Software Installer UninstallString "C:\Program Files\Internet Optimizer\install.exe" /u
HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\uninstall\internet optimizer
HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\uninstall\internet optimizer DisplayIcon C:\Program Files\Internet Optimizer\optimize.exe
HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\uninstall\internet optimizer DisplayName Internet Optimizer
HKEY_CLASSES_ROOT\typelib{0be10b0d-b4db-4693-9b1f- 9aead54d17dc}\1.0\HELPDIR C:\WINDOWS\
HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\uninstall\internet optimizer UninstallString "C:\Program Files\Internet Optimizer\optimize.exe" /u
HKEY_LOCAL_MACHINE\Software\microsoft\windows\curr entversion\uninstall\Kapabout
HKEY_LOCAL_MACHINE\Software\microsoft\windows\curr entversion\uninstall\Kapabout Comment
HKEY_LOCAL_MACHINE\Software\microsoft\windows\curr entversion\uninstall\Kapabout DComment YES
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\WSEM Update
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\WSEM Update DisplayName WSEM Update
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\WSEM Update UninstallString "C:\Program Files\Internet Optimizer\optimize.exe" /u 1
HKEY_CLASSES_ROOT\typelib{0be10b0d-b4db-4693-9b1f- 9aead54d17dc}\1.0 DyFuCA_BH 1.0 Type Library
HKEY_CLASSES_ROOT\typelib{40b1d454-9ca4-43cc-86aa- cb175eac52fb}
HKEY_CLASSES_ROOT\typelib{40b1d454-9ca4-43cc-86aa- cb175eac52fb}\1.0\0\win32 C:\WINDOWS\nem220.dll
HKEY_CLASSES_ROOT\typelib{40b1d454-9ca4-43cc-86aa- cb175eac52fb}\1.0\FLAGS 0
HKEY_CLASSES_ROOT\typelib{40b1d454-9ca4-43cc-86aa- cb175eac52fb}\1.0\HELPDIR C:\WINDOWS\
HKEY_CLASSES_ROOT\typelib{40b1d454-9ca4-43cc-86aa- cb175eac52fb}\1.0 DyFuCA_BH 1.0 Type Library
HKEY_CURRENT_USER\Software\Avenue Media
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects{00000010-6F7D-442C-93E3-4A4827C2E4C8}
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf1 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf1 TimeStamp 20040702154727
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf1 Version 3.0.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf3 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf3 TimeStamp 20040628000000
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf3 Version 3.0.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{8F4E5661 -F99E-4B3E-8D85-0EA71C0748E4}
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf1 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf1 TimeStamp 20040702154727
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf1 Version 3.0.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf3
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf3 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf3 TimeStamp 20040628000000
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert\cf3 Version 3.0.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert Version 3.0.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert Target C:\Program Files\Internet Optimizer\actalert.exe
HKEY_CLASSES_ROOT\DyFuCA_BH.BHObj.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert RI75 4168650993
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert RILast 4168903644
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert RI73 4165980419
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert RI78 4168655943
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert RI77 4168716468
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Active Alert RI74 4168903644
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper\cf1 RawData
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper\cf1 Data
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper\cf1 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\DyFuCA_BH.BHOb j.1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper\cf1 TimeStamp 20041116000000
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper\cf1 Version 2.2.0
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper Version 2.2.0
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper ModuleFileName C:\WINDOWS\nem220.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper Options 1,URL Search Optimization,1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Software Installer\cf1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Software Installer\cf1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Software Installer\cf1
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Software Installer\cf1 DiffAll Yes
HKEY_LOCAL_MACHINE\SOFTWARE\Avenue Media\Internet Optimizer\Software Installer\cf1 TimeStamp 20040803000001


IExplores Trojan Trojan more information...
Status: Removed
Severe threat - Severe-risk items have an extreme potential for harm, such as a security exploit, and should be removed.

Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run explorer


IST.ISTbar Browser Modifier more information...
Details: ISTbar is an Internet Explorer redirector that modifies your homepage and searches without your consent using an Internet Explorer toolbar.
Status: Removed
Severe threat - Severe-risk items have an extreme potential for harm, such as a security exploit, and should be removed.

Infected files detected
C:\Documents and Settings\AtteliR\Local Settings\Temp\iinstall.exe

Infected registry keys/values detected
HKEY_CURRENT_USER\software\ist
HKEY_CURRENT_USER\software\ist InstallDate 2005-04-13 03:34:57
HKEY_CURRENT_USER\software\ist account_id 1000940
HKEY_CURRENT_USER\software\ist config ysb_l3
HKEY_CURRENT_USER\software\ist NeverISTsvc 1
HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\uninstall\autoupdate
HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\uninstall\autoupdate UninstallString C:\WINDOWS\system32\auto_update_uninstall.exe C:\WINDOWS\system32\auto_update_uninstall.log


MoneyTree Dialer more information...
Details: MoneyTree is an ActiveX installer control that downloads premium-rate dialers, primarily for adult content sites. On system startup MoneyTree attempts to connect to an adult content site.
Status: Removed
Severe threat - Severe-risk items have an extreme potential for harm, such as a security exploit, and should be removed.

Infected registry keys/values detected
HKEY_CLASSES_ROOT\clsid{00000010-6F7D-442C-93E3-4A 4827C2E4C8}
HKEY_CLASSES_ROOT\clsid{8f4e5661-f99e-4b3e-8d85-0e a71c0748e4}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid{8f4e5661-f99e-4b3e-8d85-0e a71c0748e4}\ProgID DyFuCA_BH.BHObj.1
HKEY_CLASSES_ROOT\clsid{8f4e5661-f99e-4b3e-8d85-0e a71c0748e4}\TypeLib {0BE10B0D-B4DB-4693-9B1F-9AEAD54D17DC}
HKEY_CLASSES_ROOT\clsid{8f4e5661-f99e-4b3e-8d85-0e a71c0748e4}\VersionIndependentProgID DyFuCA_BH.BHObj
HKEY_CLASSES_ROOT\clsid{8f4e5661-f99e-4b3e-8d85-0e a71c0748e4} BHObj Class
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{00000010 -6F7D-442C-93E3-4A4827C2E4C8}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{00000010 -6F7D-442C-93E3-4A4827C2E4C8}\InprocServer32 C:\WINDOWS\nem220.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{00000010 -6F7D-442C-93E3-4A4827C2E4C8}\InprocServer32 ThreadingModel Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{00000010 -6F7D-442C-93E3-4A4827C2E4C8}\ProgID DyFuCA_BH.BHObj.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{00000010 -6F7D-442C-93E3-4A4827C2E4C8}\TypeLib {40B1D454-9CA4-43CC-86AA-CB175EAC52FB}
HKEY_CLASSES_ROOT\clsid{00000010-6F7D-442C-93E3-4A 4827C2E4C8}\InprocServer32 C:\WINDOWS\nem220.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{00000010 -6F7D-442C-93E3-4A4827C2E4C8}\VersionIndependentPr ogID DyFuCA_BH.BHObj
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{00000010 -6F7D-442C-93E3-4A4827C2E4C8} BHObj Class
HKEY_LOCAL_MACHINE\software\classes\clsid{8f4e5661 -f99e-4b3e-8d85-0ea71c0748e4}
HKEY_LOCAL_MACHINE\software\classes\clsid{8f4e5661 -f99e-4b3e-8d85-0ea71c0748e4}\InprocServer32 C:\WINDOWS\wsem303.dll
HKEY_LOCAL_MACHINE\software\classes\clsid{8f4e5661 -f99e-4b3e-8d85-0ea71c0748e4}\InprocServer32 ThreadingModel Apartment
HKEY_LOCAL_MACHINE\software\classes\clsid{8f4e5661 -f99e-4b3e-8d85-0ea71c0748e4}\ProgID DyFuCA_BH.BHObj.1
HKEY_LOCAL_MACHINE\software\classes\clsid{8f4e5661 -f99e-4b3e-8d85-0ea71c0748e4}\TypeLib {0BE10B0D-B4DB-4693-9B1F-9AEAD54D17DC}
HKEY_LOCAL_MACHINE\software\classes\clsid{8f4e5661 -f99e-4b3e-8d85-0ea71c0748e4}\VersionIndependentPr ogID DyFuCA_BH.BHObj
HKEY_LOCAL_MACHINE\software\classes\clsid{8f4e5661 -f99e-4b3e-8d85-0ea71c0748e4} BHObj Class
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{CEA206E8 -8057-4A04-ACE9-FF0D69A92297}
HKEY_CLASSES_ROOT\clsid{00000010-6F7D-442C-93E3-4A 4827C2E4C8}\InprocServer32 ThreadingModel Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{CEA206E8 -8057-4A04-ACE9-FF0D69A92297}\InprocServer32 C:\WINDOWS\wsem303.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{CEA206E8 -8057-4A04-ACE9-FF0D69A92297}\InprocServer32 ThreadingModel Apartment
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{CEA206E8 -8057-4A04-ACE9-FF0D69A92297}\ProgID DyFuCA_BH.SinkObj.1
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{CEA206E8 -8057-4A04-ACE9-FF0D69A92297}\TypeLib {0BE10B0D-B4DB-4693-9B1F-9AEAD54D17DC}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{CEA206E8 -8057-4A04-ACE9-FF0D69A92297}\VersionIndependentPr ogID DyFuCA_BH.SinkObj
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{CEA206E8 -8057-4A04-ACE9-FF0D69A92297} SinkObj Class
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\Browser Helper Objects{00000010-6F7D-442C-93E3-4A4827C2E4C8}
HKEY_CLASSES_ROOT\clsid{00000010-6F7D-442C-93E3-4A 4827C2E4C8}\ProgID DyFuCA_BH.BHObj.1
HKEY_CLASSES_ROOT\clsid{00000010-6F7D-442C-93E3-4A 4827C2E4C8}\TypeLib {40B1D454-9CA4-43CC-86AA-CB175EAC52FB}
HKEY_CLASSES_ROOT\clsid{00000010-6F7D-442C-93E3-4A 4827C2E4C8}\VersionIndependentProgID DyFuCA_BH.BHObj
HKEY_CLASSES_ROOT\clsid{00000010-6F7D-442C-93E3-4A 4827C2E4C8} BHObj Class
HKEY_CLASSES_ROOT\clsid{8f4e5661-f99e-4b3e-8d85-0e a71c0748e4}
HKEY_CLASSES_ROOT\clsid{8f4e5661-f99e-4b3e-8d85-0e a71c0748e4}\InprocServer32 C:\WINDOWS\wsem303.dll


Twain Tech Adware more information...
Details: Twain Tech is an adware based Internet Explorer browser helper object that displays targeted advertisements based on your browsing patterns.
Status: Removed
High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed.

Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run Internet Optimizer


IST.SideFind Adware more information...
Details: SideFind installs an adware Internet Explorer browser helper object that installs some extra buttons.
Status: Removed
High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed.

Infected files detected
c:\documents and settings\attelir\local settings\temp\sidefind.exe

Infected folders detected
c:\program files\sidefind
c:\program files\sidefind\update


YourSiteBar Spyware more information...
Details: YourSiteBar from IST, the makers of numerous spyware threats, is an affiliate based marketing toolbar.
Status: Removed
High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed.

Infected files detected
c:\windows\downloaded program files\ysbactivex.dll
c:\program files\yoursitebar\imagemap_normal.bmp
c:\program files\yoursitebar\version.txt
c:\program files\yoursitebar\yoursitebar.xml

Infected folders detected
c:\program files\yoursitebar

Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{42F2C9BA -614F-47c0-B3E3-ECFD34EED658}
HKEY_CLASSES_ROOT\YSBactivex.Installer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YSBactivex.Ins taller
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units{42F2C9BA-614F-47c0-B3E3-ECFD34EED658}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{42F2C9BA -614F-47c0-B3E3-ECFD34EED658}
HKEY_CLASSES_ROOT\YSBactivex.Installer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YSBactivex.Ins taller
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units{42F2C9BA-614F-47c0-B3E3-ECFD34EED658}
HKEY_CLASSES_ROOT\clsid{42F2C9BA-614F-47c0-B3E3-EC FD34EED658}
HKEY_CLASSES_ROOT\clsid{42F2C9BA-614F-47c0-B3E3-EC FD34EED658}\InprocServer32 C:\WINDOWS\Downloaded Program Files\ysbactivex.dll
HKEY_CLASSES_ROOT\clsid{42F2C9BA-614F-47c0-B3E3-EC FD34EED658}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\YSBactivex.Installer
HKEY_CLASSES_ROOT\clsid{42F2C9BA-614F-47c0-B3E3-EC FD34EED658}\ProgID YSBactivex.Installer
HKEY_CLASSES_ROOT\clsid{42F2C9BA-614F-47c0-B3E3-EC FD34EED658} Installer Class
HKEY_CLASSES_ROOT\clsid{86227D9C-0EFE-4f8a-AA55-30 386A3F5686}
HKEY_CLASSES_ROOT\clsid{86227D9C-0EFE-4f8a-AA55-30 386A3F5686} YourSiteBar
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}\Contai ns\Files C:\WINDOWS\Downloaded Program Files\ysbactivex.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}\Downlo adInformation CODEBASE http://static.35mb.com/applet/applet_y.cab
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}\Instal ledVersion 1,0,0,3
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}\Instal ledVersion LastModified Wed, 06 Apr 2005 22:33:18 GMT
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units{42F2C9BA-614F-47C0-B3E3-ECFD34EED658} SystemComponent 0
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YSBactivex.Ins taller
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units{42F2C9BA-614F-47C0-B3E3-ECFD34EED658} Installer MSICD
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units{42F2C9BA-614F-47c0-B3E3-ECFD34EED658}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{42F2C9BA -614F-47c0-B3E3-ECFD34EED658}
HKEY_CLASSES_ROOT\YSBactivex.Installer
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\YSBactivex.Ins taller
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units{42F2C9BA-614F-47c0-B3E3-ECFD34EED658}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{42F2C9BA -614F-47c0-B3E3-ECFD34EED658}


TargetSaver Trojan Downloader more information...
Details: TargetSaver is a process run at Windows startup, which opens pop-ups.
Status: Removed
High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed.

Infected files detected
C:\Documents and Settings\AtteliR\Local Settings\Temp\targetsaver.exe
C:\Documents and Settings\AtteliR\Local Settings\Temp\tsinstall_4_0_3_8_b17.exe
C:\WINDOWS\system32\tsuninst.exe

Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\TSL Installer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Uninstall\TSL Installer NoRemove 1
HKEY_LOCAL_MACHINE\SOFTWARE\TSA
HKEY_LOCAL_MACHINE\SOFTWARE\TSA NewInstall 0


WindUpdates.MediaAccess Adware more information...
Status: Removed
High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed.

Infected files detected
C:\Program Files\Media Access\MediaAccK.exe
C:\Program Files\Media Access\MediaAccess.exe
c:\windows\downloaded program files\mediaaccx.dll
c:\program files\media access\mediaaccc.dll

Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run Media Access
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units{15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{15AD6789 -CDB4-47E1-A9DA-992EE8E6BAD6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units{15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6}
HKEY_CLASSES_ROOT\clsid{15AD6789-CDB4-47E1-A9DA-99 2EE8E6BAD6}
HKEY_CLASSES_ROOT\clsid{15AD6789-CDB4-47E1-A9DA-99 2EE8E6BAD6}\InprocServer32 C:\WINDOWS\Downloaded Program Files\MediaAccX.dll
HKEY_CLASSES_ROOT\clsid{15AD6789-CDB4-47E1-A9DA-99 2EE8E6BAD6}\InprocServer32 ThreadingModel Apartment
HKEY_CLASSES_ROOT\clsid{1E5F0D38-214B-4085-AD2A-D2 290E6A2D2C}
HKEY_CLASSES_ROOT\clsid{1E5F0D38-214B-4085-AD2A-D2 290E6A2D2C}\LocalServer32 C:\PROGRA~1\MEDIAA~1\MEDIAA~1.EXE
HKEY_CLASSES_ROOT\clsid{1E5F0D38-214B-4085-AD2A-D2 290E6A2D2C}\ProgID MediaAccess.Installer
HKEY_CLASSES_ROOT\clsid{1E5F0D38-214B-4085-AD2A-D2 290E6A2D2C}\TypeLib {15696AE2-6EA4-47F4-BEA6-A3D32693EFC7}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run Media Access
HKEY_CLASSES_ROOT\clsid{1E5F0D38-214B-4085-AD2A-D2 290E6A2D2C}\VersionIndependentProgID MediaAccess.Installer
HKEY_CLASSES_ROOT\clsid{1E5F0D38-214B-4085-AD2A-D2 290E6A2D2C} Installer Class
HKEY_CLASSES_ROOT\clsid{1E5F0D38-214B-4085-AD2A-D2 290E6A2D2C} AppID {735C5A0C-F79F-47A1-8CA1-2A2E482662A8}
HKEY_LOCAL_MACHINE\Software\Media Access
HKEY_LOCAL_MACHINE\Software\Media Access param 2f46ac713ad52164ef656dc1cd8a3ebb21a31b924006a5dd79 8cb7bd1e35226e7bd199de0bebafe018c8:336634343765656 3663231643530323739383431663931616137663966353237: Internet%20Explorer:6.0%20SP2%28SV1%29:winxp:flash
HKEY_LOCAL_MACHINE\Software\Media Access LastUpdate 1115496515
HKEY_LOCAL_MACHINE\Software\Media Access reqcount 52
HKEY_LOCAL_MACHINE\Software\Media Access track 0
HKEY_LOCAL_MACHINE\Software\Media Access DownloadPath \temp
HKEY_LOCAL_MACHINE\Software\Media Access Language en
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{15AD6789 -CDB4-47E1-A9DA-992EE8E6BAD6}
HKEY_LOCAL_MACHINE\Software\Media Access
HKEY_LOCAL_MACHINE\Software\Media Access
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units{15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units{15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6}\Contai ns\Files C:\WINDOWS\Downloaded Program Files\MediaAccX.dll
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units{15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6}\Downlo adInformation CODEBASE http://static.35mb.com/applet/applet_l.cab
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units{15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6}\Instal ledVersion 0,0,0,1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units{15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6}\Instal ledVersion LastModified Tue, 12 Apr 2005 11:53:30 GMT
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units{15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} SystemComponent 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units{15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} Installer MSICD
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run Media Access
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units{15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6}
HKEY_LOCAL_MACHINE\Software\microsoft\windows\curr entversion\uninstall\Media Access
HKEY_LOCAL_MACHINE\Software\microsoft\windows\curr entversion\uninstall\Media Access UninstallString C:\Program Files\Media Access\MediaAccess.exe /Remove
HKEY_LOCAL_MACHINE\Software\microsoft\windows\curr entversion\uninstall\Media Access DisplayName Media Access
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{15AD6789 -CDB4-47E1-A9DA-992EE8E6BAD6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units{15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run Media Access
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run Media Access
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{15AD6789 -CDB4-47E1-A9DA-992EE8E6BAD6}


ClearSearch Browser Modifier more information...
Details: ClearSearch is an adware component that periodically contacts a specific search site for advertisement-tracking purposes.
Status: Removed
High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed.

Infected files detected
C:\Documents and Settings\AtteliR\Local Settings\Temp\djtopr1150.exe


IBIS Toolbar Adware more information...
Details: IBIS Toolbar is an Internet Explorer search redirector.
Status: Removed
High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed.

Infected files detected
C:\Documents and Settings\AtteliR\Local Settings\Temp\IExploreSkins.exe
C:\Documents and Settings\AtteliR\Local Settings\Temp\TBPS.exe

Infected registry keys/values detected
HKEY_CLASSES_ROOT\clsid{2C4E6D22-B71F-491F-AAD3-B6 972A650D50}
HKEY_CLASSES_ROOT\clsid{6E21F428-5617-47F7-AED8-B2 E1D8FBA711}
HKEY_CLASSES_ROOT\CLSID{708BE496-E202-497B-BC31-9C F47E3BF8D6}
HKEY_CLASSES_ROOT\CLSID{708BE496-E202-497B-BC31-9C F47E3BF8D6}\Implemented Categories{7DD95801-9882-11CF-9FA9-00AA006C42C4}
HKEY_CLASSES_ROOT\CLSID{708BE496-E202-497B-BC31-9C F47E3BF8D6}\Implemented Categories{7DD95802-9882-11CF-9FA9-00AA006C42C4}
HKEY_CLASSES_ROOT\CLSID{708BE496-E202-497B-BC31-9C F47E3BF8D6}\Implemented Categories
HKEY_CLASSES_ROOT\CLSID{708BE496-E202-497B-BC31-9C F47E3BF8D6}
HKEY_CLASSES_ROOT\clsid{8B0FA130-0C3D-4CB1-AEB7-2C 29DA5509A3}
HKEY_CLASSES_ROOT\clsid{8B0FA130-0C3D-4CB1-AEB7-2C 29DA5509A3}\Implemented Categories{7DD95801-9882-11CF-9FA9-00AA006C42C4}
HKEY_CLASSES_ROOT\clsid{8B0FA130-0C3D-4CB1-AEB7-2C 29DA5509A3}\Implemented Categories{7DD95802-9882-11CF-9FA9-00AA006C42C4}
HKEY_CLASSES_ROOT\clsid{8B0FA130-0C3D-4CB1-AEB7-2C 29DA5509A3}\Implemented Categories
HKEY_CLASSES_ROOT\clsid{2C4E6D22-B71F-491F-AAD3-B6 972A650D50}\Implemented Categories{7DD95801-9882-11CF-9FA9-00AA006C42C4}
HKEY_CLASSES_ROOT\clsid{8B0FA130-0C3D-4CB1-AEB7-2C 29DA5509A3}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{6E21F428 -5617-47F7-AED8-B2E1D8FBA711}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{6E21F428 -5617-47F7-AED8-B2E1D8FBA711}\Implemented Categories{7DD95801-9882-11CF-9FA9-00AA006C42C4}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{6E21F428 -5617-47F7-AED8-B2E1D8FBA711}\Implemented Categories{7DD95802-9882-11CF-9FA9-00AA006C42C4}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{6E21F428 -5617-47F7-AED8-B2E1D8FBA711}\Implemented Categories
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{6E21F428 -5617-47F7-AED8-B2E1D8FBA711}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{708BE496 -E202-497B-BC31-9CF47E3BF8D6}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{708BE496 -E202-497B-BC31-9CF47E3BF8D6}\Implemented Categories{7DD95801-9882-11CF-9FA9-00AA006C42C4}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{708BE496 -E202-497B-BC31-9CF47E3BF8D6}\Implemented Categories{7DD95802-9882-11CF-9FA9-00AA006C42C4}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{708BE496 -E202-497B-BC31-9CF47E3BF8D6}\Implemented Categories
HKEY_CLASSES_ROOT\clsid{2C4E6D22-B71F-491F-AAD3-B6 972A650D50}\Implemented Categories{7DD95802-9882-11CF-9FA9-00AA006C42C4}
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID{708BE496 -E202-497B-BC31-9CF47E3BF8D6}
HKEY_CLASSES_ROOT\clsid{2C4E6D22-B71F-491F-AAD3-B6 972A650D50}\Implemented Categories
HKEY_CLASSES_ROOT\clsid{2C4E6D22-B71F-491F-AAD3-B6 972A650D50}
HKEY_CLASSES_ROOT\clsid{6E21F428-5617-47F7-AED8-B2 E1D8FBA711}
HKEY_CLASSES_ROOT\clsid{6E21F428-5617-47F7-AED8-B2 E1D8FBA711}\Implemented Categories{7DD95801-9882-11CF-9FA9-00AA006C42C4}
HKEY_CLASSES_ROOT\clsid{6E21F428-5617-47F7-AED8-B2 E1D8FBA711}\Implemented Categories{7DD95802-9882-11CF-9FA9-00AA006C42C4}
HKEY_CLASSES_ROOT\clsid{6E21F428-5617-47F7-AED8-B2 E1D8FBA711}\Implemented Categories


PeopleOnPage Browser Modifier more information...
Details: The PeopleOnPage program is an adware and browser redirector that purports to be an Internet Explorer sidebar, and displays a list of other users of the current site.
Status: Removed
High threat - High-risk items have a large potential for harm, such as loss of computer control, and should be removed unless knowingly installed.

Infected files detected
C:\Program Files\AutoUpdate\AutoUpdate.exe
c:\windows\system32\auto_update_uninstall.exe
c:\windows\system32\auto_update_uninstall.log

Infected registry keys/values detected
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run AutoUpdater
HKEY_LOCAL_MACHINE\software\envolo\AutoUpdate DestDir C:\Program Files\AutoUpdate\AutoUpdate.exe
HKEY_LOCAL_MACHINE\software\envolo\AutoUpdate HostId {BF767916-089B-40ED-AB20-5BAF2BFACC32}
HKEY_LOCAL_MACHINE\software\envolo\AutoUpdate NextPingTime64 1115563243
HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\uninstall\aproposclient
HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\uninstall\aproposclient UninstallString "C:\Program Files\CxtPls\uninstaller.exe"
HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\uninstall\aproposclient DisplayName CtxPls
HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\uninstall\aproposclient DisplayIcon C:\Program Files\CxtPls\uninstaller.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run AutoUpdater
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run AutoUpdater
HKEY_LOCAL_MACHINE\software\envolo
HKEY_LOCAL_MACHINE\software\envolo\AutoUpdate\Stat e AM_version 1.0.192
HKEY_LOCAL_MACHINE\software\envolo\AutoUpdate\Stat e EnvoloAutoUpdater_version 1.0.24
HKEY_LOCAL_MACHINE\software\envolo\AutoUpdate\Stat e AM_1.0.192 executed (0)
HKEY_LOCAL_MACHINE\software\envolo\AutoUpdate PollInterval 86400
HKEY_LOCAL_MACHINE\software\envolo\AutoUpdate ServerUrl http://envolo.peopleonpage.com:80/servlets/auto_up date


TopRebates.WebRebates Adware more information...
Details: TopRebates is a browser toolbar that can display pop-up advertisements and monitor your Web browsing activities.
Status: Removed
Elevated threat - Eleveated-risk items have some potential for harm. Users should review such programs and remove them if unwanted.

Infected files detected
C:\Documents and Settings\AtteliR\Local Settings\Temp\jkill.exe


180search Assistant Adware more information...
Details: 180search Assistant displays pop-up advertismenets.
Status: Quarantined
Moderate threat - Moderate-risk items have some potential for harm, but may be part of a wanted service. Users may decide to ignore such programs after review.

Infected folders detected
c:\program files\180solutions


Detected Spyware Cookies
No spyware cookies were found during this scan.