Which Spyware Remover Is Best?

Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

brendandonhu

Thread Starter
Joined
Jul 8, 2002
Messages
14,681
I have decided to absolutely load up my computer with spyware. Gator, HotBar, Xupiter, all of it.
Then I will run AdAware, Spybot, and Spyware Eliminator.
I will see which one finds the most stuff. I am aware that spybot finds more than spyware, and a couple of the progs dont list each individual file/reg key/ActiveX Control and I will take this into consideration.

Posting results soon, I have to get started d/ling spyware!
 

brendandonhu

Thread Starter
Joined
Jul 8, 2002
Messages
14,681
OK I have finished the test.
Spybot came in at #1, with 355 items found.
AdAware, not far behind at 298
Spyware eliminator came up with only 198 items.
Heres the adaware log, spybot is in my next post.

Adaware log.

Scan initialized on 1/13/2003 6:43:49 PM.
(AAW release 5.83, referencefile 029-15.06.2002)
=================================================


Started memory scan
====================
Running processes:

#:1 : C:\WINDOWS\SYSTEM\KERNEL32.DLL

#:2 : C:\WINDOWS\SYSTEM\MSGSRV32.EXE

#:3 : C:\WINDOWS\SYSTEM\mmtask.tsk

#:4 : C:\WINDOWS\SYSTEM\MPREXE.EXE

#:5 : C:\PROGRAM FILES\GRISOFT\AVG6\AVGSERV9.EXE

#:6 : C:\WINDOWS\TASKMON.EXE

#:7 : C:\WINDOWS\SYSTEM\SYSTRAY.EXE

#:8 : C:\PROGRAM FILES\GRISOFT\AVG6\AVGCC32.EXE

#:9 : C:\PROGRAM FILES\COMMON FILES\CMEII\CMESYS.EXE
Warning! GATOR : cmesys.exe (cmesys.exe)

"cmesys.exe" unload successfull!


#:10 : C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE

#:11 : C:\PROGRAM FILES\SAVENOW\SAVENOW.EXE
Warning! SAVENOW : savenow.exe (savenow.exe)

"savenow.exe" unload successfull!


#:12 : C:\PROGRAM FILES\HOTBAR\BIN\4.2.4.0\HBINST.EXE

#:13 : C:\WINDOWS\SYSTEM\WMIEXE.EXE

#:14 : C:\PROGRAM FILES\COMMON FILES\GMT\GMT.EXE
Warning! GATOR : gmt.exe (gmt.exe)

"gmt.exe" unload successfull!


#:15 : C:\PROGRAM FILES\PRECISIONTIME\PRECISIONTIME.EXE

#:16 : C:\WINDOWS\START MENU\PROGRAMS\STARTUP\DLHELPEREXE.EXE

#:17 : C:\WINDOWS\SYSTEM\DDHELP.EXE

#:18 : C:\PROGRAM FILES\REDV\EASYINSTALL\EASYINSTALL.EXE

#:19 : C:\WINDOWS\RUNDLL32.EXE

#:20 : C:\PROGRAM FILES\EZULA\MMOD.EXE
Warning! EZULA : mmod.exe (mmod.exe)

"mmod.exe" unload successfull!


#:21 : C:\WINDOWS\EXPLORER.EXE

#:22 : C:\PROGRAM FILES\LAVASOFT AD-AWARE\AD-AWARE.EXE

Memory scan result:
Total modules found:22
Suspicious modules found:4


Started registry scan
======================
BrilliantDigital key:HKEY_CLASSES_ROOT\.b3d\
BrilliantDigital key:HKEY_CLASSES_ROOT\.b3dini\
EzuLa key:HKEY_USERS\.default\software\ezula\
Web3000 key:HKEY_USERS\.default\software\web3000.com\
BrilliantDigital key:HKEY_CLASSES_ROOT\b3dini_auto_file\
BrilliantDigital key:HKEY_CLASSES_ROOT\b3d_auto_file\
BrilliantDigital key:HKEY_CLASSES_ROOT\bdeplayer.bdeplayerctrl\
BrilliantDigital key:HKEY_CLASSES_ROOT\bdeplayer.bdeplayerctrl.1\
BonziBuddy key:HKEY_CLASSES_ROOT\bonzibuddy.ccalendarvbperiod\
BonziBuddy key:HKEY_CLASSES_ROOT\bonzibuddy.ccalendarvbperiods\
BonziBuddy key:HKEY_CLASSES_ROOT\bonzibuddy.clsaddressbook\
BonziBuddy key:HKEY_CLASSES_ROOT\bonzibuddy.clsbbplayer\
BonziBuddy key:HKEY_CLASSES_ROOT\bonzibuddy.clsclickthebutton\
BonziBuddy key:HKEY_CLASSES_ROOT\bonzibuddy.clsdownloadmanager\
BonziBuddy key:HKEY_CLASSES_ROOT\bonzibuddy.clsstoryreader\
BonziBuddy key:HKEY_CLASSES_ROOT\bonzibuddy.cperiod\
BonziBuddy key:HKEY_CLASSES_ROOT\bonzibuddy.cperiods\
BonziBuddy key:HKEY_CLASSES_ROOT\bonzictbhelper.clsbonzictbhelper\
BonziBuddy key:HKEY_CLASSES_ROOT\bonzitapfilters.clsbonzicontent\
BonziBuddy key:HKEY_CLASSES_ROOT\bonzitapfilters.clscommanddownloadfile\
BonziBuddy key:HKEY_CLASSES_ROOT\bonzitapfilters.clscommandhttppost\
BonziBuddy key:HKEY_CLASSES_ROOT\bonzitapfilters.clscommandmsgbox\
BonziBuddy key:HKEY_CLASSES_ROOT\bonzitapfilters.clscommandmsgboxonno\
BonziBuddy key:HKEY_CLASSES_ROOT\bonzitapfilters.clscommandmsgboxonyes\
BonziBuddy key:HKEY_CLASSES_ROOT\bonzitapfilters.clscommandopenweb\
BonziBuddy key:HKEY_CLASSES_ROOT\bonzitapfilters.clscommandplay\
BonziBuddy key:HKEY_CLASSES_ROOT\bonzitapfilters.clscommandraiseevent\
BonziBuddy key:HKEY_CLASSES_ROOT\bonzitapfilters.clscommandsetiehomepage\
BonziBuddy key:HKEY_CLASSES_ROOT\bonzitapfilters.clscommandspeak\
BonziBuddy key:HKEY_CLASSES_ROOT\bonzitapfilters.clscontent\
BonziBuddy key:HKEY_CLASSES_ROOT\bonzitapfilters.clsfiltration\
BonziBuddy key:HKEY_CLASSES_ROOT\bonzitapfilters.clstapevent\
Gator key:HKEY_CLASSES_ROOT\clsid\{21ffb6c0-0da1-11d5-a9d5-00500413153c}\
BonziBuddy key:HKEY_CLASSES_ROOT\clsid\{22eb59ae-1cb8-4153-9dfc-b5ce048357cf}\
BrilliantDigital key:HKEY_CLASSES_ROOT\clsid\{51958169-d5e3-11d1-aa42-0000e842e40a}\
BonziBuddy key:HKEY_CLASSES_ROOT\clsid\{57da7e73-b94f-49a2-9fef-9f4b40c8e221}\
BonziBuddy key:HKEY_CLASSES_ROOT\clsid\{5d11b6dc-358a-44b3-b2ac-22b5dcbc936b}\
HotBar key:HKEY_CLASSES_ROOT\clsid\{75d2080b-4857-4b96-9b7d-732634fbd01f}\
BonziBuddy key:HKEY_CLASSES_ROOT\clsid\{a031fbf6-81a7-4440-9e20-51abb2289e4b}\
HotBar key:HKEY_CLASSES_ROOT\clsid\{b195b3b3-8a05-11d3-97a4-0004aca6948e}\
HotBar key:HKEY_CLASSES_ROOT\clsid\{becafc17-baf9-11d4-b492-00d0b77f0a6d}\
BonziBuddy key:HKEY_CLASSES_ROOT\clsid\{e26dd3cd-b06c-47ba-9766-5f264b858e09}\
BonziBuddy key:HKEY_CLASSES_ROOT\clsid\{f4900f67-055f-11d4-8f9b-00104ba312d6}\
BonziBuddy key:HKEY_CLASSES_ROOT\clsid\{f4900f6a-055f-11d4-8f9b-00104ba312d6}\
BonziBuddy key:HKEY_CLASSES_ROOT\clsid\{f4900f8d-055f-11d4-8f9b-00104ba312d6}\
BonziBuddy key:HKEY_CLASSES_ROOT\clsid\{f4900f96-055f-11d4-8f9b-00104ba312d6}\
BonziBuddy key:HKEY_CLASSES_ROOT\clsid\{f5a31f2f-122f-4615-a9b7-90841538ec7c}\
HotBar key:HKEY_CLASSES_ROOT\hotbar.hbbho\
HotBar key:HKEY_CLASSES_ROOT\hotbar.hbcommband\
HotBar key:HKEY_CLASSES_ROOT\hotbar.hbcommband.1\
HotBar key:HKEY_CLASSES_ROOT\hotbar.hbmain\
HotBar key:HKEY_CLASSES_ROOT\hotbar.hbmain.1\
Alexa key:HKEY_CLASSES_ROOT\interface\{1c1f99ea-8b5d-4d08-b6a8-b1e4cb542f9e}\
Alexa key:HKEY_CLASSES_ROOT\interface\{36600c37-fac4-471e-90bb-fc7a9c979c24}\
BrilliantDigital key:HKEY_CLASSES_ROOT\interface\{51958167-d5e3-11d1-aa42-0000e842e40a}\
BrilliantDigital key:HKEY_CLASSES_ROOT\interface\{51958168-d5e3-11d1-aa42-0000e842e40a}\
Alexa key:HKEY_CLASSES_ROOT\interface\{533b5798-12d1-4063-8cd0-ffe842de872d}\
Alexa key:HKEY_CLASSES_ROOT\interface\{57405e21-4f6d-11d3-bd52-00600827885e}\
Alexa key:HKEY_CLASSES_ROOT\interface\{5cdc7a97-f8e3-4ea6-b0a7-578ecd31de2c}\
Alexa key:HKEY_CLASSES_ROOT\interface\{62e5bcee-2b5f-4866-8b19-197cfacb770c}\
HotBar key:HKEY_CLASSES_ROOT\interface\{6a6ebae8-8c66-4675-b423-95b3ba530940}\
Alexa key:HKEY_CLASSES_ROOT\interface\{7280333e-17d0-4246-9510-2d6170468585}\
Alexa key:HKEY_CLASSES_ROOT\interface\{79a4d241-de89-11d3-ac85-00c04f2ee811}\
Alexa key:HKEY_CLASSES_ROOT\interface\{7b068023-1ac9-4168-a133-9fdd9361af80}\
Alexa key:HKEY_CLASSES_ROOT\interface\{7e22206d-52d1-11d4-acb8-00c04f2ee811}\
Alexa key:HKEY_CLASSES_ROOT\interface\{911a1dfe-c959-11d3-8164-00c04f30faf9}\
HotBar key:HKEY_CLASSES_ROOT\interface\{ad9a7b03-be12-11d4-b493-00d0b77f0a6d}\
HotBar key:HKEY_CLASSES_ROOT\interface\{b195b3b2-8a05-11d3-97a4-0004aca6948e}\
Alexa key:HKEY_CLASSES_ROOT\interface\{c42000c4-703a-4a55-b8af-5c83b24c9922}\
Alexa key:HKEY_CLASSES_ROOT\interface\{d1f6abee-b889-11d2-8e3c-dcca155f9a71}\
Alexa key:HKEY_CLASSES_ROOT\interface\{f88028b4-4523-4ec4-a48e-064db9952f30}\
Alexa key:HKEY_CLASSES_ROOT\interface\{fb1d5ef1-df31-11d3-ac86-00c04f2ee811}\
Alexa key:HKEY_CLASSES_ROOT\popmenu.menu\
Alexa key:HKEY_CLASSES_ROOT\popmenu.menu.1\
BrilliantDigital key:HKEY_CLASSES_ROOT\s3d_auto_file\
Alexa key:HKEY_LOCAL_MACHINE\software\alexa internet\
BrilliantDigital key:HKEY_CURRENT_USER\software\brilliant digital entertainment\
BrilliantDigital key:HKEY_LOCAL_MACHINE\software\brilliant digital entertainment\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\appid\ezulabootexe.exe\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\appid\ezulamain.exe\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\appid\{8a044397-5da2-11d4-b185-0050dab79376}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\appid\{c0335198-6755-11d4-8a73-0050da2ee1be}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\clsid\{07f0a543-47ba-11d4-8a6d-0050da2ee1be}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\clsid\{07f0a545-47ba-11d4-8a6d-0050da2ee1be}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\clsid\{19dfb2cb-9b27-11d4-b192-0050dab79376}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\clsid\{2079884b-6ef3-11d4-8a74-0050da2ee1be}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\clsid\{2306abe4-4d42-11d4-8a6d-0050da2ee1be}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\clsid\{2babd334-5c3f-11d4-b184-0050dab79376}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\clsid\{3d7247e8-5db8-11d4-8a72-0050da2ee1be}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\clsid\{55910916-8b4e-4c1e-9253-cce296ea71eb}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\clsid\{58359010-bf36-11d3-99a2-0050da2ee1be}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\clsid\{b1dd8a69-1b96-11d4-b175-0050dab79376}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\clsid\{c03351a4-6755-11d4-8a73-0050da2ee1be}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\clsid\{c4fee4a7-4b8b-11d4-8a6d-0050da2ee1be}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\clsid\{d290d6e7-bf9d-42f0-9c1b-3bc8ae769b57}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulaagent.ezulactrlhost\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulaagent.ezulactrlhost.1\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulaagent.ieobject\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulaagent.ieobject.1\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulaagent.plugprot\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulaagent.plugprot.1\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulaagent.toolbarband\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulaagent.toolbarband.1\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulabootexe.installctrl\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulabootexe.installctrl.1\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulafsearcheng.ezulacode\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulafsearcheng.ezulacode.1\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulafsearcheng.ezulahash\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulafsearcheng.ezulahash.1\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulafsearcheng.ezulasearch\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulafsearcheng.ezulasearch.1\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulafsearcheng.popupdisplay\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulafsearcheng.popupdisplay.1\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulafsearcheng.resulthelper\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulafsearcheng.resulthelper.1\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulafsearcheng.searchhelper\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulafsearcheng.searchhelper.1\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulamain.ezulasearchpipe\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulamain.ezulasearchpipe.1\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulamain.trayiconm\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\ezulamain.trayiconm.1\
Gator key:HKEY_LOCAL_MACHINE\software\classes\getandrun.dfrun\
Gator key:HKEY_LOCAL_MACHINE\software\classes\getandrun.dfrun.1\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\interface\{07f0a542-47ba-11d4-8a6d-0050da2ee1be}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\interface\{07f0a544-47ba-11d4-8a6d-0050da2ee1be}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\interface\{1823bc4b-a253-4767-9cfc-9aca62a6b136}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\interface\{19dfb2ca-9b27-11d4-b192-0050dab79376}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\interface\{27bc6871-4d5a-11d4-8a6d-0050da2ee1be}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\interface\{3d7247f1-5db8-11d4-8a72-0050da2ee1be}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\interface\{4fd8645f-9b3e-46c1-9727-9837842a84ab}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\interface\{58359012-bf36-11d3-99a2-0050da2ee1be}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\interface\{7edc96e1-5dd3-11d4-b185-0050dab79376}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\interface\{8a0443a2-5da2-11d4-b185-0050dab79376}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\interface\{8ebb1743-9a2f-11d4-8a7e-0050da2ee1be}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\interface\{c03351a3-6755-11d4-8a73-0050da2ee1be}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\interface\{c4fee4a6-4b8b-11d4-8a6d-0050da2ee1be}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\interface\{ef0372dc-f552-11d3-8528-0050dab79376}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\interface\{ef0372de-f552-11d3-8528-0050dab79376}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\typelib\{07f0a536-47ba-11d4-8a6d-0050da2ee1be}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\typelib\{083fa8f4-84f4-11d4-8a77-0050da2ee1be}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\typelib\{58359011-bf36-11d3-99a2-0050da2ee1be}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\typelib\{8a044396-5da2-11d4-b185-0050dab79376}\
EzuLa key:HKEY_LOCAL_MACHINE\software\classes\typelib\{c0335197-6755-11d4-8a73-0050da2ee1be}\
EzuLa key:HKEY_CURRENT_USER\software\ezula\
Gator key:HKEY_LOCAL_MACHINE\software\gator.com\
HotBar key:HKEY_CURRENT_USER\software\hotbar\
HotBar key:HKEY_LOCAL_MACHINE\software\hotbar\
Alexa key:HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}\
HotBar key:HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{b195b3b3-8a05-11d3-97a4-0004aca6948e}\
Gator key:HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/iegator.dll\
BrilliantDigital key:HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bdeplayer\
BonziBuddy key:HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\bonzibuddy\
EzuLa key:HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\ezula\
Other key:HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\netsonic\
SaveNow key:HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\savenow\
Web3000 key:HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\web3000 network\
Gator key:HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\{6c8dbec0-8052-11d5-a9d5-00500413153c}\
BonziBuddy key:HKEY_CURRENT_USER\software\vb and vba program settings\bonzibuddy\
Web3000 key:HKEY_CURRENT_USER\software\web3000.com\
Web3000 key:HKEY_LOCAL_MACHINE\software\web3000.com\
SaveNow key:HKEY_LOCAL_MACHINE\software\whenu\
SaveNow key:HKEY_LOCAL_MACHINE\software\whenu\savenow\
BonziBuddy key:HKEY_CLASSES_ROOT\typelib\{50a2c2b1-5a56-4183-b1d0-3f59877bad60}\
BrilliantDigital key:HKEY_CLASSES_ROOT\typelib\{51958166-d5e3-11d1-aa42-0000e842e40a}\
HotBar key:HKEY_CLASSES_ROOT\typelib\{b195b3a5-8a05-11d3-97a4-0004aca6948e}\
BonziBuddy key:HKEY_CLASSES_ROOT\typelib\{f4900f5d-055f-11d4-8f9b-00104ba312d6}\
SaveNow key:HKEY_CLASSES_ROOT\wusn.1\
HotBar key:HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar\{b195b3b3-8a05-11d3-97a4-0004aca6948e}
BonziBuddy key:HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\bonzibuddy
BonziBuddy key:HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\clickthebutton
Gator key:HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\cmesys
EzuLa key:HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run\ezmmod
HotBar key:HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\hotbar
SaveNow key:HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\savenow
Web3000 key:HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\w3knetwork
BrilliantDigital key:Software\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\SYSTEM\bdefdi.dll
BrilliantDigital key:Software\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\SYSTEM\bdedownloader.dll
BonziBuddy key:Software\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\Program Files\BonziBUDDY\BBuddyMini.exe
BonziBuddy key:Software\Microsoft\Windows\CurrentVersion\SharedDLLs\C:\WINDOWS\SYSTEM\BonziTapFilters.dll


Started extended registry scan
===============================
Gator key:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\moduleusage\C:/WINDOWS/Downloaded Program Files/IEGator.dll
Gator key:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\moduleusage\C:/WINDOWS/Downloaded Program Files/CONFLICT.1/IEGator.dll
BrilliantDigital key:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\moduleusage\C:/WINDOWS/SYSTEM/bdefdi.dll
BrilliantDigital key:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\moduleusage\C:/WINDOWS/SYSTEM/bdefdi.dll
BrilliantDigital key:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\moduleusage\C:/WINDOWS/SYSTEM/bdedownloader.dll
BrilliantDigital key:HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\moduleusage\C:/WINDOWS/SYSTEM/bdedownloader.dll
EzuLa value:Software\Microsoft\Windows\CurrentVersion\Run:eZmmod
SaveNow value:Software\Microsoft\Windows\CurrentVersion\Run:SaveNow


Registry scan result:
Suspicious keys found : 187


Started folder scan
====================
Gator file:C:\WINDOWS\GatorPlugin.log
Gator file:C:\WINDOWS\GatorSetup.log
Web3000 file:C:\WINDOWS\w3knet.dll
Web3000 file:C:\WINDOWS\w3knet2.num
Web3000 file:C:\WINDOWS\W3KNetP.w3k
Web3000 file:C:\WINDOWS\W3KNET_W3I.DLL
Web3000 file:C:\WINDOWS\w3kselfinst.exe
HotBar folder:C:\WINDOWS\Application Data\Hotbar\v3.0\Hotbar
HotBar folder:C:\WINDOWS\Application Data\Hotbar
Gator folder:C:\WINDOWS\Start Menu\Programs\GAIN
Other folder:C:\WINDOWS\Start Menu\Programs\NetSonic
Gator folder:C:\WINDOWS\Start Menu\Programs\Gator eWallet
BonziBuddy folder:C:\WINDOWS\Start Menu\Programs\BonziBUDDY
EzuLa folder:C:\WINDOWS\Start Menu\Programs\TopText iLookup
BrilliantDigital folder:C:\WINDOWS\BDE\b3dlogo
Gator folder:C:\Program Files\Common Files\GMT\DownloadTemp\accum\GMT
Gator folder:C:\Program Files\Common Files\GMT
Gator folder:C:\Program Files\Common Files\CMEII
Gator folder:C:\Program Files\Gator.com\Gator
Gator folder:C:\Program Files\Gator.com
HotBar folder:C:\Program Files\Hotbar
BonziBuddy folder:C:\Program Files\BonziBUDDY
SaveNow folder:C:\Program Files\SaveNow
Other folder:C:\Program Files\NetSonic
EzuLa folder:C:\Program Files\eZula
Folder scan result:
Folders processed:1108
Suspicious folders found:18


Started file scan
==================
BrilliantDigital file:C:\WINDOWS\SYSTEM\bdedownloader.dll
BrilliantDigital file:C:\WINDOWS\SYSTEM\bdedownloader.dll
BrilliantDigital file:C:\WINDOWS\SYSTEM\bdefdi.dll
BrilliantDigital file:C:\WINDOWS\SYSTEM\bdefdi.dll
BrilliantDigital file:C:\WINDOWS\SYSTEM\bdeload.dll
BrilliantDigital file:C:\WINDOWS\SYSTEM\BDESac10.dll
BrilliantDigital file:C:\WINDOWS\SYSTEM\BDESac24.dll
BonziBuddy file:C:\WINDOWS\SYSTEM\BonziTapFilters.dll
EzuLa file:C:\WINDOWS\SYSTEM\ezstub.exe
Alexa file:C:\WINDOWS\INF\alexa65.inf
BonziBuddy file:C:\WINDOWS\Start Menu\Programs\StartUp\BonziBUDDY.lnk
Gator file:C:\WINDOWS\Start Menu\Programs\StartUp\GStartup.lnk
Other file:C:\WINDOWS\Start Menu\Programs\StartUp\NetSonic.lnk
Other file:C:\WINDOWS\Start Menu\Programs\NetSonic\NetSonic.lnk
Gator file:C:\WINDOWS\Start Menu\Programs\Gator eWallet\Gator Website.URL
BonziBuddy file:C:\WINDOWS\Start Menu\Programs\BonziBUDDY\BonziBUDDY.lnk
BonziBuddy file:C:\WINDOWS\Start Menu\Programs\BonziBUDDY\Uninstall BonziBUDDY.lnk
BrilliantDigital file:C:\WINDOWS\Start Menu\b3d Projector.lnk
BonziBuddy file:C:\WINDOWS\Desktop\BonziBUDDY.lnk
BrilliantDigital file:C:\WINDOWS\Desktop\b3d Projector.lnk
BonziBuddy file:C:\WINDOWS\Desktop\bbsetuphom.exe
Alexa file:C:\WINDOWS\Downloaded Program Files\alexa65.inf
EzuLa file:C:\WINDOWS\Temporary Internet Files\Content.IE5\QQQT19G2\eZinstall[1].exe
Other file:C:\WINDOWS\Cookies\[email protected][2].txt
Doubleclick file:C:\WINDOWS\Cookies\[email protected][1].txt
Doubleclick file:C:\WINDOWS\Cookies\[email protected][1].txt
Other file:C:\WINDOWS\Cookies\[email protected][2].txt
Other file:C:\WINDOWS\Cookies\[email protected][1].txt
Other file:C:\WINDOWS\Cookies\[email protected][1].txt
Web3000 file:C:\WINDOWS\Cookies\[email protected]www.web3000[1].txt
BrilliantDigital file:C:\WINDOWS\BDE\Cache\b3d.b3d
BrilliantDigital file:C:\WINDOWS\BDE\Cache\b3dstats.cab
BrilliantDigital file:C:\WINDOWS\BDE\Cache\bdeclean.exe
BrilliantDigital file:C:\WINDOWS\BDE\Cache\bdedetect1.dll
BrilliantDigital file:C:\WINDOWS\BDE\Cache\installb3d3200.cab
BrilliantDigital file:C:\WINDOWS\BDE\Cache\installb3dviewer2.cab
BrilliantDigital file:C:\WINDOWS\BDE\Cache\installb3dplayer3200.cab
BrilliantDigital file:C:\WINDOWS\BDE\Cache\installb3dcodecs.cab
BrilliantDigital file:C:\WINDOWS\BDE\Cache\installb3drasts.cab
BrilliantDigital file:C:\WINDOWS\BDE\Cache\installb3dcodecs.cab
BrilliantDigital file:C:\WINDOWS\BDE\Cache\installb3drasts.cab
BrilliantDigital file:C:\WINDOWS\BDE\Cache\installb3dviewer2.cab
BrilliantDigital file:C:\WINDOWS\BDE\Cache\syscheckb3dplayer.cab
BrilliantDigital file:C:\WINDOWS\BDE\b3dlogo\b3d.b3d
BrilliantDigital file:C:\WINDOWS\BDE\b3d Projector.lnk
BrilliantDigital file:C:\WINDOWS\BDE\bdeclean.exe
BrilliantDigital file:C:\WINDOWS\BDE\bdedetect1.dll
BrilliantDigital file:C:\WINDOWS\BDE\bdeimage.dll
BrilliantDigital file:C:\WINDOWS\BDE\bdeviewer.exe
Gator file:C:\Program Files\Common Files\GMT\egIEEngine.dll
Gator file:C:\Program Files\Common Files\GMT\EGIEProcess.dll
Gator file:C:\Program Files\Common Files\GMT\EGNSEngine.dll
Gator file:C:\Program Files\Common Files\GMT\Gator.log
Gator file:C:\Program Files\Common Files\GMT\Gator.log
Gator file:C:\Program Files\Common Files\GMT\GatorRes.dll
Gator file:C:\Program Files\Common Files\GMT\GatorStubSetup.exe
Gator file:C:\Program Files\Common Files\GMT\mepcme.dat
Gator file:C:\Program Files\Common Files\CMEII\CMEIIAPI.dll
Gator file:C:\Program Files\Common Files\CMEII\CMESys.exe
Gator file:C:\Program Files\Common Files\CMEII\GAppMgr.dll
Gator file:C:\Program Files\Common Files\CMEII\GController.dll
Gator file:C:\Program Files\Common Files\CMEII\GDwldEng.dll
Gator file:C:\Program Files\Common Files\CMEII\GMTProxy.dll
Gator file:C:\Program Files\Common Files\CMEII\GObjs.dll
Gator file:C:\Program Files\Common Files\CMEII\GStore.dll
Gator file:C:\Program Files\Common Files\CMEII\GStoreServer.dll
Gator file:C:\Program Files\Gator.com\Gator\Gator.exe
HotBar file:C:\Program Files\Hotbar\hotbar.log
BonziBuddy file:C:\Program Files\BonziBUDDY\bbsmartsetup.exe
BonziBuddy file:C:\Program Files\BonziBUDDY\bbsmartstubfal.exe
BonziBuddy file:C:\Program Files\BonziBUDDY\BBuddyMini.exe
BonziBuddy file:C:\Program Files\BonziBUDDY\BonziCTB.dll
SaveNow file:C:\Program Files\BonziBUDDY\SaveNowInst.exe
SaveNow file:C:\Program Files\SaveNow\savenow.db
SaveNow file:C:\Program Files\SaveNow\SaveNow.exe
SaveNow file:C:\Program Files\SaveNow\savenow.htm
Other file:C:\Program Files\NetSonic\NetSonic.dll
Other file:C:\Program Files\NetSonic\NetSonic.ini
Web3000 file:C:\Program Files\NetSonic\w3kselfinst.exe
Web3000 file:C:\Program Files\NetSonic\W3Util2.dll
Web3000 file:C:\Program Files\NetSonic\WebMain.exe
EzuLa file:C:\Program Files\eZula\mmod.exe

File scan result:
Suspicious files found:89



Scanning finished
==================
Suspicious modules found:4
Suspicious keys found : 187
Suspicious folders found:18
Suspicious files found:89
==========================
Components ignored:0
Total components found:298
 

brendandonhu

Thread Starter
Joined
Jul 8, 2002
Messages
14,681
Spybot log.


--- Search result list ---
Advertising.com: Tracking cookie or cookie of tracking site (File)
[email protected][2].txt

Advertising.com: Tracking cookie or cookie of tracking site (File)
[email protected]rtising[2].txt

Alexa Related: What's related link (Replace file)
RELATED.HTM

Alexa: Class (Registry key)
HKEY_CLASSES_ROOT\PopMenu.Menu.1

Alexa: Class (Registry key)
HKEY_CLASSES_ROOT\PopMenu.Menu

Alexa: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{7E22206E-52D1-11D4-ACB8-00C04F2EE811}

Alexa: Code store database (Registry key)
HKEY_LOCAL_MACHINE\Software\Microsoft\Code Store Database\Distribution Units\{CA68BDCC-579C-4730-99F5-37C4E206E4F9}

Alexa: Global settings (Registry key)
HKEY_LOCAL_MACHINE\Software\Alexa Internet

Alexa: IE extension (Registry key)
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Extensions\{9D74677A-E227-40fb-9511-F7E92EA4083A}

Alexa: IE menu extension (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Alexa Web Search

Alexa: IE menu extension (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\Get Alexa Data

Alexa: Interface( (IBrowserProxy)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{533B5798-12D1-4063-8CD0-FFE842DE872D}

Alexa: Interface( (INavWnd)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{911A1DFE-C959-11D3-8164-00C04F30FAF9}

Alexa: Interface( (IAlexaWindow)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{57405E21-4F6D-11D3-BD52-00600827885E}

Alexa: Interface( (IBHOAlexa)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{D1F6ABEE-B889-11D2-8E3C-DCCA155F9A71}

Alexa: Interface( (IBblHTML)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{FB1D5EF1-DF31-11D3-AC86-00C04F2EE811}

Alexa: Interface( (IBblWnd)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{79A4D241-DE89-11D3-AC85-00C04F2EE811}

Alexa: Interface( (IAlxWebBrowser2)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{1C1F99EA-8B5D-4D08-B6A8-B1E4CB542F9E}

Alexa: Interface( (IXMLOnReadyStateChange)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{C42000C4-703A-4A55-B8AF-5C83B24C9922}

Alexa: Interface( (IAlxXMLDOMDocument)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{F88028B4-4523-4EC4-A48E-064DB9952F30}

Alexa: Interface( (IBubbles)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{62E5BCEE-2B5F-4866-8B19-197CFACB770C}

Alexa: Stored file (File)
C:\WINDOWS\SYSTEM\AlxTB.dll

Alexa: Typelib (Registry key)
HKEY_CLASSES_ROOT\Typelib\{D32EA48B-025D-4CED-810B-B2D805478837}

Alexa: Uninstall settings (Registry key)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Alexa65

Avenue A, Inc.: Tracking cookie or cookie of tracking site (File)
[email protected][2].txt

BDE Projector: Class (Registry key)
HKEY_CLASSES_ROOT\BDEPLAYER.BDEPlayerCtrl.1

BDE Projector: Class (Registry key)
HKEY_CLASSES_ROOT\BDEPLAYER.BDEPlayerCtrl

BDE Projector: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{51958169-D5E3-11D1-AA42-0000E842E40A}

BDE Projector: Download library (File)
bdedownloader.dll

BDE Projector: Extension link (Registry key)
HKEY_CLASSES_ROOT\s3d_auto_file

BDE Projector: Extension link (Registry key)
HKEY_CLASSES_ROOT\b3dini_auto_file

BDE Projector: Extension link (Registry key)
HKEY_CLASSES_ROOT\b3d_auto_file

BDE Projector: File extension link (Registry key)
HKEY_CLASSES_ROOT\.b3dini

BDE Projector: File extension link (Registry key)
HKEY_CLASSES_ROOT\.b3d

BDE Projector: Global settings (Registry key)
HKEY_LOCAL_MACHINE\SOFTWARE\Brilliant Digital Entertainment

BDE Projector: Library (File)
bdeplayer3.dll

BDE Projector: Library (File)
bderastdx3.dll

BDE Projector: Library (File)
bdeengine3.dll

BDE Projector: Library (File)
bdesac24.dll

BDE Projector: Library (File)
bdeimage.dll

BDE Projector: Library (File)
bdesac10.dll

BDE Projector: Library (File)
bdefdi.dll

BDE Projector: Library (File)
bde3dref3p3.dll

BDE Projector: Loader library (File)
bdeload.dll

BDE Projector: Program directory (Directory)
C:\WINDOWS\BDE

BDE Projector: Program directory (Directory)
C:\WINDOWS\BDE\

BDE Projector: Typelib (Registry key)
HKEY_CLASSES_ROOT\Typelib\{51958166-D5E3-11D1-AA42-0000E842E40A}

BDE Projector: Uninstall settings (Registry key)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bdeplayer

BDE Projector: User settings (Registry key)
HKEY_CURRENT_USER\SOFTWARE\Brilliant Digital Entertainment

BFast: Tracking cookie or cookie of tracking site (File)
[email protected][1].txt

BFast: Tracking cookie or cookie of tracking site (File)
[email protected][1].txt

BonziBuddy: Autorun settings (Registry value)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BonziBUDDY

BonziBuddy: Autostart item (File)
BonziBUDDY.lnk

BonziBuddy: Character file (File)
Short.acs

BonziBuddy: Character file (File)
Bonzi.acs

BonziBuddy: Class (Registry key)
HKEY_CLASSES_ROOT\BonziTapFilters.clsCommandHTTPPost

BonziBuddy: Class (Registry key)
HKEY_CLASSES_ROOT\BonziTapFilters.clsCommandMsgBox

BonziBuddy: Class (Registry key)
HKEY_CLASSES_ROOT\BonziTapFilters.clsCommandMsgBoxOnNo

BonziBuddy: Class (Registry key)
HKEY_CLASSES_ROOT\BonziTapFilters.clsCommandMsgBoxOnYes

BonziBuddy: Class (Registry key)
HKEY_CLASSES_ROOT\BonziTapFilters.clsCommandOpenWeb

BonziBuddy: Class (Registry key)
HKEY_CLASSES_ROOT\BonziTapFilters.clsCommandPlay

BonziBuddy: Class (Registry key)
HKEY_CLASSES_ROOT\BonziTapFilters.clsCommandRaiseEvent

BonziBuddy: Class (Registry key)
HKEY_CLASSES_ROOT\BonziTapFilters.clsCommandSetIEHomePage

BonziBuddy: Class (Registry key)
HKEY_CLASSES_ROOT\BonziTapFilters.clsCommandSpeak

BonziBuddy: Class (Registry key)
HKEY_CLASSES_ROOT\BonziTapFilters.clsContent

BonziBuddy: Class (Registry key)
HKEY_CLASSES_ROOT\BonziTapFilters.clsFiltration

BonziBuddy: Class (Registry key)
HKEY_CLASSES_ROOT\BonziTapFilters.clsTapEvent

BonziBuddy: Class (Registry key)
HKEY_CLASSES_ROOT\BonziBUDDY.clsDownloadManager

BonziBuddy: Class (Registry key)
HKEY_CLASSES_ROOT\BonziBUDDY.clsStoryReader

BonziBuddy: Class (Registry key)
HKEY_CLASSES_ROOT\BonziBUDDY.clsAddressBook

BonziBuddy: Class (Registry key)
HKEY_CLASSES_ROOT\BonziBUDDY.CPeriod

BonziBuddy: Class (Registry key)
HKEY_CLASSES_ROOT\BonziBUDDY.CPeriods

BonziBuddy: Class (Registry key)
HKEY_CLASSES_ROOT\BonziCTBHelper.clsBonziCTBHelper

BonziBuddy: Class (Registry key)
HKEY_CLASSES_ROOT\BonziBUDDY.CCalendarVBPeriods

BonziBuddy: Class (Registry key)
HKEY_CLASSES_ROOT\BonziTapFilters.clsBonziContent

BonziBuddy: Class (Registry key)
HKEY_CLASSES_ROOT\BonziBUDDY.clsBBPlayer

BonziBuddy: Class (Registry key)
HKEY_CLASSES_ROOT\BonziTapFilters.clsCommandDownloadFile

BonziBuddy: Class (Registry key)
HKEY_CLASSES_ROOT\BonziBUDDY.clsClickTheButton

BonziBuddy: Class (Registry key)
HKEY_CLASSES_ROOT\BonziBUDDY.CCalendarVBPeriod

BonziBuddy: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{F4900F8D-055F-11D4-8F9B-00104BA312D6}

BonziBuddy: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{F4900F67-055F-11D4-8F9B-00104BA312D6}

BonziBuddy: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{57DA7E73-B94F-49A2-9FEF-9F4B40C8E221}

BonziBuddy: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{F5A31F2F-122F-4615-A9B7-90841538EC7C}

BonziBuddy: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{F4900F6A-055F-11D4-8F9B-00104BA312D6}

BonziBuddy: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{A031FBF6-81A7-4440-9E20-51ABB2289E4B}

BonziBuddy: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{5D11B6DC-358A-44B3-B2AC-22B5DCBC936B}

BonziBuddy: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{3B89AD5A-42A2-4258-9242-D67EB0C80442}

BonziBuddy: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{A7AA73E0-F6F9-4967-B209-AA1B11C47DCF}

BonziBuddy: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{F2394898-748D-4415-8CE8-65E429445B33}

BonziBuddy: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{F77A2B0F-476C-4536-BEB1-2CB17CA6BCBC}

BonziBuddy: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{E509D0E0-DA02-4D16-BA63-70F23CAC74C8}

BonziBuddy: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{F91F3264-454B-45BE-A402-FE0E56BB9315}

BonziBuddy: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{7C3845B5-4B34-43CE-99DE-3BFAD5308E68}

BonziBuddy: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{856B6CBE-B0C1-4B4D-8586-2D6E9DF3E4F2}

BonziBuddy: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{FE56C7A2-AAF1-47F2-9B68-4057D7FF5B4A}

BonziBuddy: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{53F082C5-72FE-49D5-A34F-C054CAD30DD0}

BonziBuddy: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{837CCA31-1813-40EA-80BC-ABA9D97CB64B}

BonziBuddy: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{962F96F8-624C-4B0E-B055-F2F1D1DEFF0E}

BonziBuddy: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{82CA10AE-D2F8-441E-A01D-4DFC46F37612}

BonziBuddy: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{D3CD5F89-BFE3-4BAD-AC10-25751A08811C}

BonziBuddy: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{22EB59AE-1CB8-4153-9DFC-B5CE048357CF}

BonziBuddy: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{F4900F96-055F-11D4-8F9B-00104BA312D6}

BonziBuddy: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{E26DD3CD-B06C-47BA-9766-5F264B858E09}

BonziBuddy: Desktop icon (File)
BonziBUDDY.lnk

BonziBuddy: DLL use (1 apps) (Registry value)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Program Files\BonziBUDDY\BBuddyMini.exe

BonziBuddy: Filter library (File)
BonziTapFilters.dll

BonziBuddy: IE Start page (Registry change)
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page=about:blank

BonziBuddy: Interface( (clsBonziCTBHelper)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{6A96C266-F125-4D60-8BE0-C247349A7CE4}

BonziBuddy: Interface( (clsBonziContent)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{CB6F59F9-FA69-4D14-9D96-4BB3190E3DF5}

BonziBuddy: Program directory (Directory)
C:\Program Files\BonziBuddy

BonziBuddy: Program files (Directory)
C:\Program files\BonziBUDDY\

BonziBuddy: Program group (Directory)
C:\WINDOWS\Start Menu\Programs\BonziBUDDY

BonziBuddy: System file (File)
C:\Program Files\BonziBUDDY\BBuddyMini.exe

BonziBuddy: Typelib (Registry key)
HKEY_CLASSES_ROOT\Typelib\{50A2C2B1-5A56-4183-B1D0-3F59877BAD60}

BonziBuddy: Typelib (Registry key)
HKEY_CLASSES_ROOT\Typelib\{AAB7FAED-91F8-4591-8E4C-9291D2B7F381}

BonziBuddy: Typelib (Registry key)
HKEY_CLASSES_ROOT\Typelib\{F4900F5D-055F-11D4-8F9B-00104BA312D6}

BonziBuddy: Uninstall settings (Registry key)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BonziBUDDY

BonziBuddy: VB settings (Registry key)
HKEY_CURRENT_USER\Software\VB and VBA Program Settings\BONZIBUDDY

ClickTheButton: Autorun settings (Registry value)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ClickTheButton

Commission Junction: Tracking cookie or cookie of tracking site (File)
[email protected]www.qksrv[1].txt

Commission Junction: Tracking cookie or cookie of tracking site (File)
[email protected]www.qksrv[1].txt

DoubleClick: Tracking cookie or cookie of tracking site (File)
[email protected][1].txt

DoubleClick: Tracking cookie or cookie of tracking site (File)
[email protected][1].txt

EasyInstall: Autorun settings (Registry value)
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\EasyInstall

EasyInstall: Program directory (Directory)
C:\Program Files\RedV\EasyInstall

EasyInstall: Uninstall settings (Registry key)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\EasyInstall

EasyInstall: Uninstaller (File)
EIUninst.exe

EasyInstall: User settings (Registry key)
HKEY_CURRENT_USER\Software\RedV.net\RVPopup

EasyInstall: User settings (Registry key)
HKEY_CURRENT_USER\Software\RedV.net\EasyInstall

eZula HotText: Application ID (Registry key)
HKEY_CLASSES_ROOT\AppID\eZulaBootExe.EXE

eZula HotText: Application ID (Registry key)
HKEY_CLASSES_ROOT\AppID\{8A044397-5DA2-11D4-B185-0050DAB79376}

eZula HotText: Application ID (Registry key)
HKEY_CLASSES_ROOT\AppID\{C0335198-6755-11D4-8A73-0050DA2EE1BE}

eZula HotText: Application ID (Registry key)
HKEY_CLASSES_ROOT\AppID\eZulaMain.EXE

eZula HotText: Autorun settings (Registry value)
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\eZmmod

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\EZulaFSearchEng.SearchHelper.1

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\EZulaBootExe.InstallCtrl.1

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\EZulaMain.eZulaSearchPipe.1

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\EZulaMain.eZulaSearchPipe

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\EZulaAgent.PlugProt

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\eZulaAgent.ToolBarBand

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\eZulaAgent.ToolBarBand.1

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\EZulaMain.TrayIConM

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\EZulaMain.TrayIConM.1

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\EZulaAgent.PlugProt.1

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\EZulaFSearchEng.eZulaCode.1

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\EZulaFSearchEng.eZulaCode

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\EZulaAgent.eZulaCtrlHost.1

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\EZulaFSearchEng.eZulaHash

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\EZulaFSearchEng.eZulaHash.1

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\EZulaBootExe.InstallCtrl

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\EZulaFSearchEng.eZulaSearch

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\EZulaFSearchEng.eZulaSearch.1

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\EZulaFSearchEng.PopupDisplay

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\EZulaFSearchEng.PopupDisplay.1

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\eZulaAgent.IEObject

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\eZulaAgent.IEObject.1

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\EZulaFSearchEng.ResultHelper

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\EZulaFSearchEng.ResultHelper.1

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\EZulaFSearchEng.SearchHelper

eZula HotText: Class (Registry key)
HKEY_CLASSES_ROOT\EZulaAgent.eZulaCtrlHost

eZula HotText: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{2BABD334-5C3F-11D4-B184-0050DAB79376}

eZula HotText: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{55910916-8B4E-4C1E-9253-CCE296EA71EB}

eZula HotText: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{B1DD8A69-1B96-11D4-B175-0050DAB79376}

eZula HotText: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{2079884B-6EF3-11D4-8A74-0050DA2EE1BE}

eZula HotText: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{C03351A4-6755-11D4-8A73-0050DA2EE1BE}

eZula HotText: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{3D7247E8-5DB8-11D4-8A72-0050DA2EE1BE}

eZula HotText: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{2306ABE4-4D42-11D4-8A6D-0050DA2EE1BE}

eZula HotText: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{58359010-BF36-11d3-99A2-0050DA2EE1BE}

eZula HotText: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{07F0A543-47BA-11D4-8A6D-0050DA2EE1BE}

eZula HotText: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{07F0A545-47BA-11D4-8A6D-0050DA2EE1BE}

eZula HotText: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{D290D6E7-BF9D-42F0-9C1B-3BC8AE769B57}

eZula HotText: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{C4FEE4A7-4B8B-11D4-8A6D-0050DA2EE1BE}

eZula HotText: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{19DFB2CB-9B27-11D4-B192-0050DAB79376}

eZula HotText: Installer (File)
eZinstall.exe

eZula HotText: Interface( (IeZulaSearchPipe)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{7EDC96E1-5DD3-11D4-B185-0050DAB79376}

eZula HotText: Interface( (IeZulaSearch)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{07F0A544-47BA-11D4-8A6D-0050DA2EE1BE}

eZula HotText: Interface( (ISearchHelper)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{C4FEE4A6-4B8B-11D4-8A6D-0050DA2EE1BE}

eZula HotText: Interface( (IResultHelper)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{27BC6871-4D5A-11D4-8A6D-0050DA2EE1BE}

eZula HotText: Interface( (IPopupDisplay)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{1823BC4B-A253-4767-9CFC-9ACA62A6B136}

eZula HotText: Interface( (IInstallCtrl)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{C03351A3-6755-11D4-8A73-0050DA2EE1BE}

eZula HotText: Interface( (IeZulaCode)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{3D7247F1-5DB8-11D4-8A72-0050DA2EE1BE}

eZula HotText: Interface( (IeZulaHash)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{07F0A542-47BA-11D4-8A6D-0050DA2EE1BE}

eZula HotText: Interface( (ITrayIConM)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{8A0443A2-5DA2-11D4-B185-0050DAB79376}

eZula HotText: Interface( (_IIEButtonEvents)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{EF0372DE-F552-11D3-8528-0050DAB79376}

eZula HotText: Interface( (IPlugProt)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{8EBB1743-9A2F-11D4-8A7E-0050DA2EE1BE}

eZula HotText: Interface( (IeZulaCtrlHost)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{19DFB2CA-9B27-11D4-B192-0050DAB79376}

eZula HotText: Interface( (IToolBarBand)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{4FD8645F-9B3E-46C1-9727-9837842A84AB}

eZula HotText: Interface( (IIEButton)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{EF0372DC-F552-11D3-8528-0050DAB79376}

eZula HotText: Interface( (IIEObject)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{58359012-BF36-11D3-99A2-0050DA2EE1BE}

eZula HotText: Program directory (Directory)
C:\Program Files\eZula

eZula HotText: Program file (File)
C:\PROGRA~1\ezula\mmod.exe

eZula HotText: Program group (Directory)
C:\WINDOWS\Start Menu\Programs\TopText iLookup

eZula HotText: Stub (File)
ezstub.exe

eZula HotText: Typelib (Registry key)
HKEY_CLASSES_ROOT\Typelib\{07F0A536-47BA-11D4-8A6D-0050DA2EE1BE}

eZula HotText: Typelib (Registry key)
HKEY_CLASSES_ROOT\Typelib\{8A044396-5DA2-11D4-B185-0050DAB79376}

eZula HotText: Typelib (Registry key)
HKEY_CLASSES_ROOT\Typelib\{4A954C6B-6946-40CF-B211-62385CDB85F9}

eZula HotText: Typelib( (AOLHook 1.0 Type Library)) (Registry key)
HKEY_CLASSES_ROOT\Typelib\{083FA8F4-84F4-11D4-8A77-0050DA2EE1BE}

eZula HotText: Typelib (Registry key)
HKEY_CLASSES_ROOT\Typelib\{C0335197-6755-11D4-8A73-0050DA2EE1BE}

eZula HotText: Typelib (Registry key)
HKEY_CLASSES_ROOT\Typelib\{58359011-BF36-11d3-99A2-0050DA2EE1BE}

eZula HotText: Uninstall settings (Registry key)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\eZula

eZula HotText: User settings (Registry key)
HKEY_CURRENT_USER\SOFTWARE\eZula

FastClick: Tracking cookie or cookie of tracking site (File)
[email protected][1].txt

FastClick: Tracking cookie or cookie of tracking site (File)
[email protected][2].txt

Gator: Autorun settings (Registry value)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\CMESys

Gator: Autostart item (File)
Gator eWallet.lnk

Gator: Autostart item (File)
PrecisionTime.lnk

Gator: Autostart item (File)
Date Manager.lnk

Gator: Global settings (Registry key)
HKEY_LOCAL_MACHINE\Software\Gator.com

Gator: GMT directory (Directory)
C:\Program Files\Common Files\GMT

Gator: Hidden identity (Registry key)
HKEY_CLASSES_ROOT\CLSID\{21FFB6C0-0DA1-11D5-A9D5-00500413153C}

Gator: Module usage setting (Registry key)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/CONFLICT.1/IEGator.dll

Gator: Module usage setting (Registry key)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/IEGator.dll

Gator: Plugin log (File)
GatorPlugin.log

Gator: Program directory (Directory)
C:\PROGRAM FILES\COMMON FILES\CMEII

Gator: Program directory (Directory)
C:\Program Files\PrecisionTime

Gator: Program directory (Directory)
C:\Program Files\Date Manager

Gator: Program directory (Directory)
C:\Program Files\Gator.com

Gator: Program group (Directory)
C:\WINDOWS\Start Menu\Programs\Gator eWallet

Gator: Program group (Directory)
C:\WINDOWS\Start Menu\Programs\GAIN

Gator: Setup log (File)
GatorSetup.log

Gator: Uninstall settings (Registry key)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{6C8DBEC0-8052-11d5-A9D5-00500413153C}

Gator: Uninstall settings (Registry key)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PrecisionTime

Gator: Uninstall settings (Registry key)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Date Manager

HitBox: Tracking cookie or cookie of tracking site (File)
[email protected][1].txt

HitBox: Tracking cookie or cookie of tracking site (File)
[email protected]ox[2].txt

HitBox: Tracking cookie or cookie of tracking site (File)
[email protected]ox[1].txt

HitBox: Tracking cookie or cookie of tracking site (File)
[email protected][2].txt

Hotbar: Application ID (Registry key)
HKEY_CLASSES_ROOT\AppID\{B701A705-F828-11D4-A466-00508B5BA2DF}

Hotbar: Application ID (Registry key)
HKEY_CLASSES_ROOT\AppID\HbSrv.EXE

Hotbar: Autorun settings (Registry value)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Hotbar

Hotbar: Browser helper object (Registry key)
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{B195B3B3-8A05-11D3-97A4-0004ACA6948E}

Hotbar: Class (Registry key)
HKEY_CLASSES_ROOT\HbCoreSrv.HbCoreServices.1

Hotbar: Class (Registry key)
HKEY_CLASSES_ROOT\HbToolbar.HbToolbarCtl

Hotbar: Class (Registry key)
HKEY_CLASSES_ROOT\HbToolbar.HbToolbarCtl.1

Hotbar: Class (Registry key)
HKEY_CLASSES_ROOT\Hotbar.HbMain

Hotbar: Class (Registry key)
HKEY_CLASSES_ROOT\Hotbar.HbMain.1

Hotbar: Class (Registry key)
HKEY_CLASSES_ROOT\Hotbar.HbBho

Hotbar: Class (Registry key)
HKEY_CLASSES_ROOT\HBInstIE.HbInstObj

Hotbar: Class (Registry key)
HKEY_CLASSES_ROOT\HbSrv.HbCoreServices

Hotbar: Class (Registry key)
HKEY_CLASSES_ROOT\HbSrv.HbCoreServices.1

Hotbar: Class (Registry key)
HKEY_CLASSES_ROOT\HBInstIE.HbInstObj.1

Hotbar: Class (Registry key)
HKEY_CLASSES_ROOT\HbCoreSrv.HbCoreServices

Hotbar: Class (Registry key)
HKEY_CLASSES_ROOT\Hotbar.HbCommBand.1

Hotbar: Class (Registry key)
HKEY_CLASSES_ROOT\HbHostIE.HbBho.1

Hotbar: Class (Registry key)
HKEY_CLASSES_ROOT\Hotbar.HbCommBand

Hotbar: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{B195B3B3-8A05-11D3-97A4-0004ACA6948E}

Hotbar: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{75D2080B-4857-4B96-9B7D-732634FBD01F}

Hotbar: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{4DBCFAF7-62E1-4811-8ACC-6511E7192CB4}

Hotbar: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{60F630A2-41EC-11D5-B558-00D0B77F0A6D}

Hotbar: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{A80347E0-F757-11D4-A466-00508B5BA2DF}

Hotbar: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{69FD62B1-0216-4C31-8D55-840ED86B7C8F}

Hotbar: Class ID (Registry key)
HKEY_CLASSES_ROOT\CLSID\{BECAFC17-BAF9-11D4-B492-00D0B77F0A6D}

Hotbar: Global settings (Registry key)
HKEY_LOCAL_MACHINE\Software\Hotbar

Hotbar: IE toolbar (Registry value)
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\{B195B3B3-8A05-11D3-97A4-0004ACA6948E}

Hotbar: Interface( (IHbMenus)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{F4132B7B-1576-41B6-ABD8-39C6C53047F7}

Hotbar: Interface( (IHbDomainList)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{918E4B7A-4D80-43A4-83A7-39ADCC11841F}

Hotbar: Interface( (IHbPartnerInfo)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{DA603411-0593-11D5-A46B-10101B1B1111}

Hotbar: Interface( (IHbCTB)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{DA603411-0593-11D5-A46B-10101DDD1111}

Hotbar: Interface( (IHbBubbleList)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{F7A1BF21-1D7D-4F5F-A201-0CA35A5CD68F}

Hotbar: Interface( (IHbCommBand)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{AD9A7B03-BE12-11D4-B493-00D0B77F0A6D}

Hotbar: Interface( (IHbToolbarCtl)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{A80347DF-F757-11D4-A466-00508B5BA2DF}

Hotbar: Interface( (_IHbToolbarEvents)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{46417AFD-7A15-4ED1-B764-CB72CD4D904F}

Hotbar: Interface( (IHbStats)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{17719B54-FAD1-11D4-A466-00508B5BA2DF}

Hotbar: Interface( (IHbHttpClient)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{DA603411-0593-11D5-A46B-00508B5BA2DF}

Hotbar: Interface( (IHbSkinsManager)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{17719B53-FAD1-11D4-A466-00508B5BA2DF}

Hotbar: Interface( (IHbMapiAddrBook)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{F64B26C1-07DE-11D5-B50D-00D0B77F0A6D}

Hotbar: Interface( (IHbXip)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{7E33BC81-0818-11D5-B50D-00D0B77F0A6D}

Hotbar: Interface( (IHbBho)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{B195B3B2-8A05-11D3-97A4-0004ACA6948E}

Hotbar: Interface( (IHbMain)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{6A6EBAE8-8C66-4675-B423-95B3BA530940}

Hotbar: Interface( (IHbInstObj)) (Registry key)
HKEY_CLASSES_ROOT\Interface\{8F59F897-6923-4B3B-8156-4E55D19DE99A}

Hotbar: Program directory (Directory)
C:\Program Files\Hotbar

Hotbar: Typelib (Registry key)
HKEY_CLASSES_ROOT\Typelib\{94BEB7A2-36B7-46DC-8AD1-81A8332409C0}

Hotbar: Typelib (Registry key)
HKEY_CLASSES_ROOT\Typelib\{B701A704-F828-11D4-A466-00508B5BA2DF}

Hotbar: Typelib (Registry key)
HKEY_CLASSES_ROOT\Typelib\{A80347D3-F757-11D4-A466-00508B5BA2DF}

Hotbar: Typelib (Registry key)
HKEY_CLASSES_ROOT\Typelib\{60F63095-41EC-11D5-B558-00D0B77F0A6D}

Hotbar: Typelib (Registry key)
HKEY_CLASSES_ROOT\Typelib\{B195B3A5-8A05-11D3-97A4-0004ACA6948E}

Hotbar: User settings (Registry key)
HKEY_CURRENT_USER\Software\Hotbar

Hotbar: User settings (Registry key)
HKEY_USERS\.DEFAULT\Software\Hotbar

Internet Explorer: Data source object exploit (Registry change)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\01004=W=3

MS Media Player: Client ID (Registry change)
HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Player\Settings\Client ID=

SaveNow: Autorun settings (Registry value)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SaveNow

SaveNow: Global settings (Registry key)
HKEY_LOCAL_MACHINE\SOFTWARE\whenu

SaveNow: Program directory (Directory)
C:\Program Files\SaveNow

SaveNow: Settings (Registry key)
HKEY_CLASSES_ROOT\wusn.1

SaveNow: Uninstall settings (Registry key)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaveNow

ValueClick: Tracking cookie or cookie of tracking site (File)
[email protected][1].txt

Web3000: ? (File)
w3knet2.num

Web3000: ? (File)
W3KNet.w3k

Web3000: Library (File)
w3knet.dll

Xupiter: Autorun settings (Registry value)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\XupiterToolbarUninstaller

Xupiter: Code store database (Registry key)
HKEY_LOCAL_MACHINE\Software\Microsoft\Code Store Database\Distribution Units\{280168BC-76BF-4CD0-B835-3D686EFA8DDC}

Ahead Nero Burning Rom: Browser directory (Registry change)
HKEY_CURRENT_USER\Software\Ahead\Nero - Burning Rom\Settings\BrowserDir=

Ahead Nero Burning Rom: Compilation directory (Registry change)
HKEY_CURRENT_USER\Software\Ahead\Nero - Burning Rom\Settings\NeroCompilation=

Ahead Nero Burning Rom: Compilation directory (Registry change)
HKEY_LOCAL_MACHINE\Software\Ahead\Nero - Burning Rom\Settings\NeroCompilation=

Ahead Nero Burning Rom: Recent file list( (1 files)) (Registry key)
HKEY_CURRENT_USER\Software\Ahead\Nero - Burning Rom\Recent file list

Ahead Nero Burning Rom: Working directory (Registry change)
HKEY_CURRENT_USER\Software\Ahead\Nero - Burning Rom\Settings\WorkingDir=

Common Dialogs: History( (73 files)) (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU

Internet Explorer: Cookies( (41 cookies)) (Directory)
C:\WINDOWS\Cookies

Internet Explorer: Download directory (Registry change)
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download Directory=

Internet Explorer: Temporary internet files( (1766 entries)) (Empty cache)

Internet Explorer: URL history #1( (25 files)) (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs

Internet Explorer: User agent (Registry change)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent=Mozilla/4.0 (compatible; MSIE; Win32)

Log: Activity: OEWABLog.txt (Backup file)
C:\WINDOWS\OEWABLog.txt

Log: IE: brndlog.txt (Backup file)
C:\WINDOWS\brndlog.txt

Log: Install: Active Setup Log.txt (Backup file)
C:\WINDOWS\Active Setup Log.txt

Log: Install: Directx.log (Backup file)
C:\WINDOWS\Directx.log

Log: Install: setupapi.log (Backup file)
C:\WINDOWS\setupapi.log

Log: Install: wmsetup.log (Backup file)
C:\WINDOWS\wmsetup.log

Log: Shutdown: System\wbem\logs\mofcomp.log (Backup file)
C:\WINDOWS\System\wbem\logs\mofcomp.log

Log: Shutdown: System\wbem\logs\wbemcore.log (Backup file)
C:\WINDOWS\System\wbem\logs\wbemcore.log

Log: Shutdown: System\wbem\logs\wbemess.log (Backup file)
C:\WINDOWS\System\wbem\logs\wbemess.log

Log: Shutdown: System\wbem\logs\winmgmt.log (Backup file)
C:\WINDOWS\System\wbem\logs\winmgmt.log

Mozilla: browser cache( (Jen)) (Directory)
C:\WINDOWS\Application Data\Mozilla\Profiles\Jen\u03qo26c.slt\Cache

Mozilla: browser cache( (Mike)) (Directory)
C:\WINDOWS\Application Data\Mozilla\Profiles\Mike\5a167lhi.slt\Cache

Mozilla: browser cache( (default)) (Directory)
C:\WINDOWS\Application Data\Mozilla\Profiles\default\mtz7s8dz.slt\Cache

Mozilla: Browser history( (Jen)) (File)
history.dat

Mozilla: Browser history( (Mike)) (File)
history.dat

Mozilla: Browser history( (default)) (File)
history.dat

Mozilla: Cookies( (Mike)) (Change file)
cookies.txt

Mozilla: Cookies( (Jen)) (Change file)
cookies.txt

Mozilla: Cookies( (default)) (Change file)
cookies.txt

Mozilla: Download history( (Jen)) (File)
downloads.rdf

Mozilla: Download history( (default)) (File)
downloads.rdf

MS Direct3D: Most recent application (Registry change)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name=

MS DirectDraw: Most recent application (Registry change)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name=

MS DirectInput: Most recent application (Registry change)
HKEY_CURRENT_USER\Software\Microsoft\DirectInput\MostRecentApplication\Name=

MS DirectInput: Most recent application ID (Registry change)
HKEY_CURRENT_USER\Software\Microsoft\DirectInput\MostRecentApplication\Id=

MS Media Player: Application data file( ()) (File)
Microsoft\Media Index\wmplibrary_v_0_12.db

MS Media Player: Recent file list( (5 files)) (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Player\RecentFileList

MS Media Player: Recent open directory (Registry change)
HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Player\Settings\OpenDir=

MS Media Player: Recent URL list( (1 files)) (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Player\RecentURLList

MS Office 9.0 (Word): Recently used file list (Registry value)
HKEY_CURRENT_USER\Software\Microsoft\Office\9.0\Word\Data\Settings

MS Office 9.0: Internet history (Registry value)
HKEY_CURRENT_USER\Software\Microsoft\Office\9.0\Common\Internet\UseRWHlinkNavigation

MS Office 9.0: Recently used files( (19 files)) (Directory)
C:\WINDOWS\Application Data\Microsoft\Office\Recent\

MS Paint: Recent file list( (4 files)) (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Paint\Recent File List

MS Regedit: Recent open key (Registry change)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Regedit\LastKey=

MS Wordpad: Recent file list( (4 files)) (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Applets\Wordpad\Recent File List

Windows Explorer: File search history( (25 files)) (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{C4EE31F3-4768-11D2-BE5C-00A0C9A83DA1}\FilesNamedMRU

Windows Explorer: Last visited history( (15 files)) (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU

Windows Explorer: Printing history( (2 files)) (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\PrnPortsMRU

Windows Explorer: Recent file global history (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs

Windows Explorer: Recently opened files( (114 links)) (Directory)
C:\WINDOWS\Recent

Windows Explorer: Stream history( (126 files)) (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\StreamMRU

Windows Explorer: User Assistant history files( (368 files)) (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count

Windows Explorer: User Assistant history IE( (21 files)) (Registry key)
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count

Windows: Install locations( (6 files)) (Registry key)
HKEY_CURRENT_USER\InstallLocationsMRU

WinZip: Add files directory (Registry change)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\directories\gzAddDir=

WinZip: Add files directory (Registry change)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\directories\AddDir=

WinZip: Default directory (Registry change)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\directories\zDefDir=

WinZip: Default directory (Registry change)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\directories\DefDir=

WinZip: Destination directory (Registry change)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\directories\gzExtractTo=

WinZip: Destination directory (Registry change)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\directories\ExtractTo=

WinZip: Number of times run (Registry change)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\rrs\Opened=

WinZip: Recent created file list( (14 files)) (Registry key)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\filemenu

WinZip: Recent extracted file list( (5 files)) (Registry key)
HKEY_CURRENT_USER\Software\Nico Mak Computing\WinZip\extract


--- Spybot-S&D version: 1.1 rel 4 ---
2003-01-08 Includes\Dialer.sbi
2003-01-08 Includes\plugin-ignore.ini
2003-01-08 Includes\Cookies.sbi
2003-01-11 Includes\Hijackers.sbi
2003-01-09 Includes\Keyloggers.sbi
2003-01-08 Includes\Malware.sbi
2003-01-08 Includes\Security.sbi
2003-01-09 Includes\Spybots.sbi
2003-01-08 Includes\Tracks.uti
2003-01-08 Includes\Trojans.sbi

355 total
 
Joined
Jul 21, 2002
Messages
1,226
Another thank-you from here as well.

Have read many threads in different forums in reference to which one is best. Guess the question has finally been answered.
 

brendandonhu

Thread Starter
Joined
Jul 8, 2002
Messages
14,681
Thats mainly why I did this test, I was trying to decide which was best for myself instead of listening to other people.

The cleanup job was far from perfect. The files are not removed from your startup some of the time, which produces an error, and it didnt remove SaveNow completely.
 
Joined
Aug 9, 2001
Messages
1,440
brendandonhu
Dern it now I have to fix my startups, getting a bunch of errors
:
Were u able to get them fixed, & if so, how difficult is it to repair them, and which program, out of curiosity, messed them up?
 

brendandonhu

Thread Starter
Joined
Jul 8, 2002
Messages
14,681
Yes it was easy. I just unchecked them in MSconfig.

I used spybot to clean the spyware out. The spyware was gone, but the reference to it in the startups was not deleted, thus creating an error that the file could not be found.
 
Joined
Aug 9, 2001
Messages
1,440
Oh, ok. Just curious.
:
Posted a couple questions on the SpyBot board--no answers after 4 or 5 days, so I posted a "Help? Anyone? :) -- type followup; will check it this weekend & see what happens
:
:
Oops, almost forgot to ask.
If the item u unchecked in MsConfig was for a program you use regularly, what did you do to get it to run at startup again--uncheck it, restart computer, then recheck the prog. or what :confused:
 

brendandonhu

Thread Starter
Joined
Jul 8, 2002
Messages
14,681
I recognized which ones to uncheck because there filenames are listed in the error message.
 

pyritechips

Jim
Gone but Never Forgotten
Joined
Jun 2, 2002
Messages
26,907
Hiya Brat!

You definately have too much time on your hands!

But seriously, thx for the supreme effort and posting the results.

If you are still getting references to the nuked items, serch them out in the registry.
 
Joined
Aug 9, 2001
Messages
1,440
brendandonhu
I recognized which ones to uncheck because there filenames are listed in the error message
:
So then, in the unlikely event one of the "error" program's happened to be one I use regularly, then it could be rechecked in msconfig > startup like I mentioned in last post, & run normally--or am I overlooking something someplace???
:
: the Spybot questions.... Think basically it was about the DUN corruption that'd been referred to occasionally (which seems to have been cleared up in later version(s))?
What to look out for when doing the first run, and I *think* something re cookie corruption where u couldn't get back into sites that was referred to fairly recently on a TSG thread.....
 

bassetman

Moderator (deceased) - Gone but never forgotten
Joined
Jun 7, 2001
Messages
47,973
Bren

Are you entering the run for the IgNoble Awards!? :cool:

John
 
Status
This thread has been Locked and is not open to further replies. Please start a New Thread if you're having a similar issue. View our Welcome Guide to learn how to use this site.

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 807,865 other people just like you!

Latest posts

Top