Adware.HBHelper
HKLM\Software\Classes\CLSID\{5CDD839E-255C-415D-9927-3AF98318D15B}
HKCR\CLSID\{5CDD839E-255C-415D-9927-3AF98318D15B}
HKCR\CLSID\{5CDD839E-255C-415D-9927-3AF98318D15B}
HKCR\CLSID\{5CDD839E-255C-415D-9927-3AF98318D15B}\InprocServer32
HKCR\CLSID\{5CDD839E-255C-415D-9927-3AF98318D15B}\InprocServer32#ThreadingModel
HKCR\CLSID\{5CDD839E-255C-415D-9927-3AF98318D15B}\ProgID
HKCR\CLSID\{5CDD839E-255C-415D-9927-3AF98318D15B}\Programmable
HKCR\CLSID\{5CDD839E-255C-415D-9927-3AF98318D15B}\TypeLib
HKCR\CLSID\{5CDD839E-255C-415D-9927-3AF98318D15B}\VersionIndependentProgID
C:\WINDOWS\SYSTEM32\SEARCH\WIZARD.DLL
HKLM\Software\Classes\CLSID\{BFB5F154-9212-46F3-B547-AC6106030A54}
HKCR\CLSID\{BFB5F154-9212-46F3-B547-AC6106030A54}
HKCR\CLSID\{BFB5F154-9212-46F3-B547-AC6106030A54}
HKCR\CLSID\{BFB5F154-9212-46F3-B547-AC6106030A54}\Implemented Categories
HKCR\CLSID\{BFB5F154-9212-46F3-B547-AC6106030A54}\Implemented Categories\{7DD95801-9882-11CF-9FA9-00AA006C42C4}
HKCR\CLSID\{BFB5F154-9212-46F3-B547-AC6106030A54}\Implemented Categories\{7DD95802-9882-11CF-9FA9-00AA006C42C4}
HKCR\CLSID\{BFB5F154-9212-46F3-B547-AC6106030A54}\InprocServer32
HKCR\CLSID\{BFB5F154-9212-46F3-B547-AC6106030A54}\InprocServer32#ThreadingModel
HKCR\CLSID\{BFB5F154-9212-46F3-B547-AC6106030A54}\ProgID
HKCR\CLSID\{BFB5F154-9212-46F3-B547-AC6106030A54}\Programmable
HKCR\CLSID\{BFB5F154-9212-46F3-B547-AC6106030A54}\TypeLib
HKCR\CLSID\{BFB5F154-9212-46F3-B547-AC6106030A54}\VersionIndependentProgID
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CDD839E-255C-415D-9927-3AF98318D15B}
HKLM\Software\Microsoft\Internet Explorer\Toolbar#{BFB5F154-9212-46F3-B547-AC6106030A54}
HKCR\XBTB01994.XBTB01994.3
HKCR\XBTB01994.XBTB01994
HKCR\TypeLib\{77AA25E8-6083-4949-A831-9CB11861DC10}
HKU\S-1-5-21-1606980848-57989841-682003330-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{BFB5F154-9212-46F3-B547-AC6106030A54}
C:\WINDOWS\SYSTEM32\SEARCH\TBHELPER.DLL
Adware.Tracking Cookie
C:\Documents and Settings\localadmin\Cookies\localadmin@f2.bestmanage[1].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@revsci[2].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@f5.bestmanage[1].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@overture[2].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@go.winantispyware[1].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@go.drivecleaner[3].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@amaena[1].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@findwhat[1].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@67.15.239[5].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@go.winantivirus[4].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@ar.atwola[1].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@go.winantivirus[2].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@klik.klikadvertising[2].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@ads.web.aol[1].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@www.googleadservices[1].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@winantispyware[2].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@2o7[1].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@atwola[1].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@adult-web.freehostia[1].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@f3.bestmanage[1].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@go.winantivirus[3].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@f6.bestmanage[1].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@www.winantivirus[1].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@www.winantispyware[1].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@67.15.239[1].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@e-2dj6wbk4wgajodp.stats.esomniture[2].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@67.15.239[4].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@f1.bestmanage[1].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@drivecleaner[1].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@go.drivecleaner[2].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@go.winantispyware[3].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@goclick[2].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@winantivirus[2].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@stats.privacyprotector[1].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@67.15.239[2].txt
C:\Documents and Settings\localadmin\Cookies\localadmin@stats1.reliablestats[1].txt
Registry Cleaner Trial
HKCR\Install.Install
HKCR\Install.Install\CLSID
HKCR\Install.Install\CurVer
HKCR\Install.Install.1
HKCR\Install.Install.1\CLSID
HKU\S-1-5-21-1606980848-57989841-682003330-1006\Software\SoftwareOnline.com
HKU\S-1-5-21-1606980848-57989841-682003330-1006\Software\Microsoft\Windows\CurrentVersion\Run#Registry Cleaner [ "C:\Program Files\Registry Cleaner Trial\Regclean.exe" -startminimize ]
Adware.MediaMotor
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/safe.tlb
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/System32/safe.tlb#.Owner
C:\WINDOWS\Downloaded Program Files\amm06.inf
C:\WINDOWS\System32\safe.tlb
Browser Hijacker.Deskbar
HKCR\Toolbar3.XBTB01994
HKCR\Toolbar3.XBTB01994\CLSID
HKCR\Toolbar3.XBTB01994\CurVer
HKCR\Toolbar3.XBTB01994.1
HKCR\Toolbar3.XBTB01994.1\CLSID
HKU\S-1-5-21-1606980848-57989841-682003330-1006\Software\XBTB01994
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\XBTB01994.XBTB0199 4Toolbar
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\XBTB01994.XBTB0199 4Toolbar#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\XBTB01994.XBTB0199 4Toolbar#UninstallString
C:\SYSTEM VOLUME INFORMATION\_RESTORE{99F924F0-F72C-49BC-B462-F7ED3DB7F23D}\RP488\A0108180.DLL
Desktop Hijacker.AboutYourPrivacy
HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad# msole [ {30B5F444-4ACB-44D0-B73C-921BBDE22937} ]
C:\QOOBOX\QUARANTINE\C\WINDOWS\PRIVACY_DANGER\IMAGES\CAPT.GIF.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\PRIVACY_DANGER\IMAGES\DANGER.JPG.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\PRIVACY_DANGER\IMAGES\DOWN.GIF.VIR
C:\QOOBOX\QUARANTINE\C\WINDOWS\PRIVACY_DANGER\INDEX.HTM.VIR
Trojan.ZenoSearch
C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\AOL\C_AMERICA ONLINE 9.0B\OPTCLEAN.EXE
Trojan.Downloader-Gen/Win
C:\SYSTEM VOLUME INFORMATION\_RESTORE{99F924F0-F72C-49BC-B462-F7ED3DB7F23D}\RP488\A0108169.EXE
Trojan.Downloader-Gen/AVP
C:\SYSTEM VOLUME INFORMATION\_RESTORE{99F924F0-F72C-49BC-B462-F7ED3DB7F23D}\RP492\A0108709.EXE
Desktop Hijacker.AboutYourPrivacy-Installer
C:\SYSTEM VOLUME INFORMATION\_RESTORE{99F924F0-F72C-49BC-B462-F7ED3DB7F23D}\RP492\A0108711.EXE
Trojan.Net-MSV/VPS-G
C:\SYSTEM VOLUME INFORMATION\_RESTORE{99F924F0-F72C-49BC-B462-F7ED3DB7F23D}\RP492\A0108720.DLL
Browser Hijacker.Deskbar/Installer
C:\WINDOWS\SYSTEM32\FAVORITES\WIZARD.EXE
Trojan.Unknown Origin
C:\WINDOWS\TEMPF.TXT