Solved Restrictions [popups, etc - HJT log]

See if there is a file located at C:\rapport.txt and post it's contents please. Then post a fresh Deckard's log. I may need to collect some samples for testing.

 

this is the rapport.txt

SmitFraudFix v2.246

Scan done at 14:59:51.90, Thu 11/01/2007
Run from C:\Documents and Settings\tom\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{6D2D9398-037C-4BDD-95EA-A8EE5B4FD4E1}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{6D2D9398-037C-4BDD-95EA-A8EE5B4FD4E1}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{6D2D9398-037C-4BDD-95EA-A8EE5B4FD4E1}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1


»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System "=" "


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning





Deckard's System Scanner v20071014.68
Run by tom on 2007-11-01 19:11:14
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Percentage of Memory in Use: 85% (more than 75%).
Total Physical Memory: 126 MiB (512 MiB recommended).


-- HijackThis (run as tom.exe) -------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:11:36 PM, on 11/1/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\LxrJD31s.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\PROGRA~1\VIRTUA~1\SMARTB~1\SprintDSLAlert.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\tom\Desktop\dss.exe
C:\HJT\TRENDM~1\HIJACK~1\tom.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bright.net
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\printer.exe
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SprintModemUpdate] javaw.exe -cp "C:\Program Files\Motive\FirmwareUpdater\lib\SprintModemUpdate.jar" com.motive.firmwareUpdater.client.SprintModemUpdate
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VIRTUA~1\SMARTB~1\SprintDSLAlert.exe
O4 - HKLM\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe "
O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Block this popup - C:\Program Files\EMBARQ Online Security\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\EMBARQ Online Security\Anti-Spyware\ieshield.dll (file missing)
O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\EMBARQ Online Security\Anti-Spyware\ieshield.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.bright.net
O23 - Service: EMBARQ Online Security (BackWeb Plug-in - 7211241) - Unknown owner - C:\PROGRA~1\EMBARQ~2\backweb\7211241\Program\SERVIC~1.EXE (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Lexar JD31 (LxrJD31s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrJD31s.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

--
End of file - 5602 bytes

-- Files created between 2007-10-01 and 2007-11-01 -----------------------------

2007-11-01 11:28:27 1144 --a------ C:\WINDOWS\system32\tmp.reg
2007-11-01 11:25:45 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-11-01 11:25:45 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
2007-11-01 11:25:45 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-11-01 11:25:44 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2007-11-01 11:25:44 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified; http://www.beyondlogic.org; Command Line Process Utility>
2007-10-30 17:55:52 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sonic
2007-10-30 17:55:52 0 d---s---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2007-10-30 17:55:52 0 d-------- C:\Documents and Settings\Administrator\Application Data\Jasc Software Inc
2007-10-30 17:55:52 0 d-------- C:\Documents and Settings\Administrator\Application Data\Identities
2007-10-30 17:55:52 0 d-------- C:\Documents and Settings\Administrator\Application Data\Gtek
2007-10-30 17:55:51 0 d--h----- C:\Documents and Settings\Administrator\Templates
2007-10-30 17:55:51 0 dr------- C:\Documents and Settings\Administrator\Start Menu
2007-10-30 17:55:51 0 dr-h----- C:\Documents and Settings\Administrator\SendTo
2007-10-30 17:55:51 0 dr-h----- C:\Documents and Settings\Administrator\Recent
2007-10-30 17:55:51 0 d--h----- C:\Documents and Settings\Administrator\PrintHood
2007-10-30 17:55:51 0 d--h----- C:\Documents and Settings\Administrator\NetHood
2007-10-30 17:55:51 0 dr------- C:\Documents and Settings\Administrator\My Documents
2007-10-30 17:55:51 0 d--h----- C:\Documents and Settings\Administrator\Local Settings
2007-10-30 17:55:51 0 dr------- C:\Documents and Settings\Administrator\Favorites
2007-10-30 17:55:51 0 d-------- C:\Documents and Settings\Administrator\Desktop
2007-10-30 17:55:51 0 d---s---- C:\Documents and Settings\Administrator\Cookies
2007-10-30 17:55:51 0 dr-h----- C:\Documents and Settings\Administrator\Application Data
2007-10-30 17:55:51 0 d-------- C:\Documents and Settings\Administrator\Application Data\Symantec
2007-10-30 17:55:51 0 d-------- C:\Documents and Settings\Administrator\Application Data\Sun
2007-10-30 17:55:50 1048576 --ah----- C:\Documents and Settings\Administrator\NTUSER.DAT
2007-10-29 21:01:33 0 d-------- C:\Program Files\Registrar Registry Manager
2007-10-26 18:31:35 0 d-------- C:\HJT


-- Find3M Report ---------------------------------------------------------------

2007-10-27 08:57:48 0 d-------- C:\Program Files\Common Files
2007-10-03 18:51:36 0 d-------- C:\Program Files\Embarq TotalAccess
2007-10-03 18:51:36 0 d-------- C:\Documents and Settings\tom\Application Data\Earthlink


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task "= "C:\Program Files\QuickTime\qttask.exe" [06/09/2004 02:39 PM]
"IgfxTray "= "C:\WINDOWS\system32\igfxtray.exe" [10/19/2005 08:59 AM]
"HotKeysCmds "= "C:\WINDOWS\system32\hkcmd.exe" [10/19/2005 08:59 AM]
"SprintModemUpdate "= "javaw.exe" [06/09/2004 02:30 PM C:\WINDOWS\SYSTEM32\javaw.exe]
"Motive SmartBridge "= "C:\PROGRA~1\VIRTUA~1\SMARTB~1\SprintDSLAlert.exe" [10/03/2007 09:05 AM]
"WinAVX "= "C:\WINDOWS\system32\WinAvXX.exe" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS "= "C:\Program Files\Messenger\msmsgs.exe" [10/13/2004 12:24 PM]
"MoneyAgent "= "C:\Program Files\Microsoft Money\System\mnyexpr.exe" [06/18/2003 01:00 PM]
"WinAVX "= "C:\WINDOWS\system32\WinAvXX.exe" []

C:\Documents and Settings\tom\Start Menu\Programs\Startup\
DESKTOP.INI [9/3/2002 10:00:00 AM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [9/23/2005 11:05:26 PM]
DESKTOP.INI [9/3/2002 10:00:00 AM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools "=1 (0x1)
"DisableTaskMgr "=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools "=1 (0x1)
"DisableTaskMgr "=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoControlPanel "=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"Btn_Back "=0 (0x0)
"Btn_Forward "=0 (0x0)
"Btn_Stop "=0 (0x0)
"Btn_Refresh "=0 (0x0)
"Btn_Home "=0 (0x0)
"Btn_Search "=0 (0x0)
"Btn_History "=0 (0x0)
"Btn_Favorites "=0 (0x0)
"Btn_Folders "=0 (0x0)
"Btn_Fullscreen "=0 (0x0)
"Btn_Tools "=0 (0x0)
"Btn_MailNews "=0 (0x0)
"Btn_Size "=0 (0x0)
"Btn_Print "=0 (0x0)
"Btn_Edit "=0 (0x0)
"Btn_Discussions "=0 (0x0)
"Btn_Cut "=0 (0x0)
"Btn_Copy "=0 (0x0)
"Btn_Paste "=0 (0x0)
"Btn_Encoding "=0 (0x0)
"NoControlPanel "=1 (0x1)
"NoWindowsUpdate "=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Shell "= "Explorer.exe C:\WINDOWS\system32\printer.exe "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@= "Service "

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@= "Volume shadow copy "

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk
backup=C:\WINDOWS\pss\America Online 9.0 Tray Icon.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GStartup.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GStartup.lnk
backup=C:\WINDOWS\pss\GStartup.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Virtual Assistant.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Virtual Assistant.lnk
backup=C:\WINDOWS\pss\Virtual Assistant.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
C:\Program Files\AIM\aim.exe -cnetwait.odl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe "

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CXMon]
"C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe "

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
"C:\Program Files\Dell Support\DSAgnt.exe" /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
C:\WINDOWS\system32\dla\tfswctrl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EZNXP]
C:\PROGRA~1\EZN\EASYIN~1\eznorun.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\System32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\System32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelMeM]
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KAZAA]
C:\Program Files\Kazaa\kazaa.exe /SYSTRAY

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
"C:\Program Files\Dell\Media Experience\PCMService.exe "

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
"C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\URLLSTCK.exe]
C:\Program Files\Norton Internet Security\UrlLstCk.exe




-- End of Deckard's System Scanner: finished at 2007-11-01 19:12:10 ------------

 

It looks as though SmitfraudFix was able to successfully remove the files. Lets see if HijackThis can fix some of the registry related things now. Scan again with HijackThis and place a check next to the following entries, close all other windows then click Fix Checked.

F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\printer.exe
O4 - HKLM\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe
O4 - HKCU\..\Run: [WinAVX] C:\WINDOWS\system32\WinAvXX.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1


Close HijackThis and reboot.

Create a new HijackThis log and post it's contents.

 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:59:50 PM, on 11/1/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\LxrJD31s.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\PROGRA~1\VIRTUA~1\SMARTB~1\SprintDSLAlert.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bright.net
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SprintModemUpdate] javaw.exe -cp "C:\Program Files\Motive\FirmwareUpdater\lib\SprintModemUpdate.jar" com.motive.firmwareUpdater.client.SprintModemUpdate
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VIRTUA~1\SMARTB~1\SprintDSLAlert.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe "
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Block this popup - C:\Program Files\EMBARQ Online Security\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\EMBARQ Online Security\Anti-Spyware\ieshield.dll (file missing)
O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\EMBARQ Online Security\Anti-Spyware\ieshield.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.bright.net
O23 - Service: EMBARQ Online Security (BackWeb Plug-in - 7211241) - Unknown owner - C:\PROGRA~1\EMBARQ~2\backweb\7211241\Program\SERVIC~1.EXE (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Lexar JD31 (LxrJD31s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrJD31s.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

--
End of file - 5168 bytes

 

Great!

Highlight and copy the contents of the code box below and paste it into a blank notepad, then save it to your desktop as;

Filename: CFScript.txt
Save As Type: All Files (*.*)

Code:

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\[COLOR="Black"]currentversion[/COLOR]\policies\system]
 "DisableTaskMgr "=-
[HKEY_CURRENT_USER\software\microsoft\windows\[COLOR="black"]currentversion[/COLOR]\policies\system]
 "DisableTaskMgr "=-
[HKEY_LOCAL_MACHINE\software\microsoft\windows\[COLOR="black"]currentversion[/COLOR]\policies\explorer]
 "NoControlPanel "=-
[HKEY_CURRENT_USER\software\microsoft\windows\[COLOR="black"]currentversion[/COLOR]\policies\explorer]
 "NoControlPanel "=-
 "NoWindowsUpdate "=-

Close all other windows and programs. Now drag the CFScript.txt onto ComboFix.exe and drop it, using the left mouse button. Combofix should run and may reboot the computer when it's done. A log will open when it's complete. Post the contents of that log.

Please do not click on the ComboFix window while it is running a scan. This can cause it to stall.

 

ComboFix 07-10-23.2 - tom 2007-11-02 10:32:44.5 - NTFSx86
Script execution time was exceeded on script "C:\ComboFix\osid.vbs ".
Script execution was terminated.
Running from: C:\Documents and Settings\tom\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\tom\Desktop\CFScript.txt
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\system.exe

.
((((((((((((((((((((((((( Files Created from 2007-10-02 to 2007-11-02 )))))))))))))))))))))))))))))))
.

2007-11-01 11:28 1,144 --a------ C:\WINDOWS\SYSTEM32\tmp.reg
2007-11-01 11:25 289,144 --a------ C:\WINDOWS\SYSTEM32\VCCLSID.exe
2007-11-01 11:25 288,417 --a------ C:\WINDOWS\SYSTEM32\SrchSTS.exe
2007-11-01 11:25 53,248 --a------ C:\WINDOWS\SYSTEM32\Process.exe
2007-11-01 11:25 51,200 --a------ C:\WINDOWS\SYSTEM32\dumphive.exe
2007-11-01 11:25 25,600 --a------ C:\WINDOWS\SYSTEM32\WS2Fix.exe
2007-10-30 17:55 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Symantec
2007-10-30 17:55 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Sonic
2007-10-30 17:55 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Jasc Software Inc
2007-10-30 17:55 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Gtek
2007-10-29 21:01 <DIR> d-------- C:\Program Files\Registrar Registry Manager
2007-10-29 21:01 31,024 --a------ C:\WINDOWS\SYSTEM32\rrMon.sys
2007-10-29 12:32 <DIR> d-------- C:\Deckard
2007-10-27 08:50 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-26 18:31 <DIR> d-------- C:\HJT
2007-10-11 10:50 584,192 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\rpcrt4.dll
2007-10-03 17:15 24,064 --a------ C:\WINDOWS\SYSTEM32\msxml3a.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-03 22:51 --------- d-----w C:\Program Files\Embarq TotalAccess
2007-10-03 22:51 --------- d-----w C:\Documents and Settings\tom\Application Data\Earthlink
2007-10-03 22:46 --------- d-----w C:\Documents and Settings\Owner\Application Data\EarthLink
2007-09-19 23:05 28,256 ----a-w C:\WINDOWS\system32\drivers\MxlW2k.sys
2005-03-08 00:26 457 ----a-w C:\Program Files\INSTALL.LOG
2004-08-04 07:56:46 50,688 --sh--w C:\WINDOWS\twain_32.dll
2004-08-04 07:56:42 1,028,096 --sha-w C:\WINDOWS\SYSTEM32\mfc42.dll
2004-08-04 07:56:43 54,784 --sh--w C:\WINDOWS\SYSTEM32\msvcirt.dll
2004-08-04 07:56:43 413,696 --sha-w C:\WINDOWS\SYSTEM32\msvcp60.dll
2004-08-04 07:56:43 343,040 --sha-w C:\WINDOWS\SYSTEM32\msvcrt.dll
2007-05-17 11:28:05 549,376 --sh--w C:\WINDOWS\SYSTEM32\oleaut32.dll
2004-08-04 07:56:44 83,456 --sha-w C:\WINDOWS\SYSTEM32\olepro32.dll
2004-08-04 07:56:55 11,776 --sh--w C:\WINDOWS\SYSTEM32\regsvr32.exe
.

((((((((((((((((((((((((((((( snapshot@2007-10-27_ 9.05.46.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2003-03-21 18:41:54 112,640 ----a-w C:\WINDOWS\SYSTEM32\rrsec.dll
+ 2007-07-18 22:50:20 97,240 ----a-w C:\WINDOWS\SYSTEM32\rrsec2k.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task "= "C:\Program Files\QuickTime\qttask.exe" [2004-06-09 14:39]
"IgfxTray "= "C:\WINDOWS\system32\igfxtray.exe" [2005-10-19 08:59]
"HotKeysCmds "= "C:\WINDOWS\system32\hkcmd.exe" [2005-10-19 08:59]
"SprintModemUpdate "= "javaw.exe" [2004-06-09 14:30 C:\WINDOWS\SYSTEM32\javaw.exe]
"Motive SmartBridge "= "C:\PROGRA~1\VIRTUA~1\SMARTB~1\SprintDSLAlert.exe" [2007-10-03 09:05]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS "= "C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 12:24]
"MoneyAgent "= "C:\Program Files\Microsoft Money\System\mnyexpr.exe" [2003-06-18 13:00]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"Btn_Back "=0 (0x0)
"Btn_Forward "=0 (0x0)
"Btn_Stop "=0 (0x0)
"Btn_Refresh "=0 (0x0)
"Btn_Home "=0 (0x0)
"Btn_Search "=0 (0x0)
"Btn_History "=0 (0x0)
"Btn_Favorites "=0 (0x0)
"Btn_Folders "=0 (0x0)
"Btn_Fullscreen "=0 (0x0)
"Btn_Tools "=0 (0x0)
"Btn_MailNews "=0 (0x0)
"Btn_Size "=0 (0x0)
"Btn_Print "=0 (0x0)
"Btn_Edit "=0 (0x0)
"Btn_Discussions "=0 (0x0)
"Btn_Cut "=0 (0x0)
"Btn_Copy "=0 (0x0)
"Btn_Paste "=0 (0x0)
"Btn_Encoding "=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk
backup=C:\WINDOWS\pss\America Online 9.0 Tray Icon.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GStartup.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GStartup.lnk
backup=C:\WINDOWS\pss\GStartup.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Virtual Assistant.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Virtual Assistant.lnk
backup=C:\WINDOWS\pss\Virtual Assistant.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
C:\Program Files\AIM\aim.exe -cnetwait.odl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe "

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CXMon]
"C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe "

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
"C:\Program Files\Dell Support\DSAgnt.exe" /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
C:\WINDOWS\system32\dla\tfswctrl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EZNXP]
C:\PROGRA~1\EZN\EASYIN~1\eznorun.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\System32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\System32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelMeM]
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KAZAA]
C:\Program Files\Kazaa\kazaa.exe /SYSTRAY

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
"C:\Program Files\Dell\Media Experience\PCMService.exe "

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
"C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\URLLSTCK.exe]
C:\Program Files\Norton Internet Security\UrlLstCk.exe


.
Contents of the 'Scheduled Tasks' folder
"2007-10-06 03:05:17 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer.job "
"2007-11-02 14:37:03 C:\WINDOWS\Tasks\Symantec NetDetect.job "
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
.
**************************************************************************

catchme 0.3.1232 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-02 10:38:07
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-02 10:39:57
C:\ComboFix2.txt ... 2007-10-28 15:57
C:\ComboFix3.txt ... 2007-10-28 15:39
C:\Combofix4.txt ... 2007-10-28 15:58
.
--- E O F ---

 

Looks good. Are your Control Panel, Task Manager and Windows Update now available and working? Any other problems?

I want to check out one more file that looks a bit out of place.

C:\WINDOWS\SYSTEM32\DLLCACHE\rpcrt4.dll

Please go to VirusTotal and upload it, then wait for the analysis. Copy the results and post them back here please.


Now, lets run an online scan to see if we've missed anything. Please do an online scan with Kaspersky WebScanner

Click on Kaspersky Online Scanner

You will be promted to install an ActiveX component from Kaspersky, Click Yes.

• The program will launch and then begin downloading the latest definition files:
• Once the files have been downloaded click on NEXT
  
• Now click on Scan Settings
• In the scan settings make that the following are selected:
  • Scan using the following Anti-Virus database:
  • Extended (if available otherwise Standard)
  • Scan Options:
  • Scan Archives
    Scan Mail Bases
• Click OK
• Now under select a target to scan:
  • Select My Computer
• This will program will start and scan your system.
• The scan will take a while so be patient and let it run.
• Once the scan is complete it will display if your system has been infected.
  • Now click on the Save as Text button:
• Save the file to your desktop.

Post the Kaspersky log and one more fresh HijackThis log.

 

File rpcrt4.dll received on 11.05.2007 14:27:34 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED


Result: 0/32 (0%)
Loading server information...
Your file is queued in position: 6.
Estimated start time is between 61 and 87 seconds.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:


Antivirus Version Last Update Result
AhnLab-V3 2007.11.6.0 2007.11.05 -
AntiVir 7.6.0.30 2007.11.05 -
Authentium 4.93.8 2007.11.03 -
Avast 4.7.1074.0 2007.11.04 -
AVG 7.5.0.503 2007.11.05 -
BitDefender 7.2 2007.11.05 -
CAT-QuickHeal 9.00 2007.11.03 -
ClamAV 0.91.2 2007.11.05 -
DrWeb 4.44.0.09170 2007.11.05 -
eSafe 7.0.15.0 2007.10.28 -
eTrust-Vet 31.2.5264 2007.11.02 -
Ewido 4.0 2007.11.05 -
FileAdvisor 1 2007.11.05 -
Fortinet 3.11.0.0 2007.10.19 -
F-Prot 4.4.2.54 2007.11.05 -
F-Secure 6.70.13030.0 2007.11.05 -
Ikarus T3.1.1.12 2007.11.05 -
Kaspersky 7.0.0.125 2007.11.05 -
McAfee 5155 2007.11.02 -
Microsoft 1.2908 2007.11.05 -
NOD32v2 2637 2007.11.05 -
Norman 5.80.02 2007.11.05 -
Panda 9.0.0.4 2007.11.04 -
Prevx1 V2 2007.11.05 -
Rising 20.17.01.00 2007.11.05 -
Sophos 4.23.0 2007.11.05 -
Sunbelt 2.2.907.0 2007.11.02 -
Symantec 10 2007.11.05 -
TheHacker 6.2.9.110 2007.10.27 -
VBA32 3.12.2.4 2007.11.03 -
VirusBuster 4.3.26:9 2007.11.04 -
Webwasher-Gateway 6.6.1 2007.11.05 -
Additional information
File size: 584192 bytes
MD5: b49dccd4dcf1d52bfccc44677e56cfb4
SHA1: 9fe85074fc1bfd1d4db8b0dcb84bd2ba37e22b58

 

Did you run the Kaspersky scan?

 

-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Monday, November 05, 2007 10:52:39 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 5/11/2007
Kaspersky Anti-Virus database records: 451806
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true

Scan Target - My Computer:
A:\
C:\
D:\
E:\

Scan Statistics:
Total number of scanned objects: 57108
Number of viruses found: 45
Number of infected objects: 421
Number of suspicious objects: 0
Duration of the scan process: 01:00:33

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Confid.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Content.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Privacy.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\Restrict.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\settings.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Symantec\Common Client\WebHist.log Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\tom\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Dummy.class-4af8e2d9-1a552a6c.class Infected: Trojan.Java.ClassLoader.Dummy.d skipped
C:\Documents and Settings\tom\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Dummy.class-4ffef27c-29cb4814.class Infected: Trojan.Java.ClassLoader.Dummy.d skipped
C:\Documents and Settings\tom\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\ok.class-48f902ef-35b16773.class Infected: Trojan.Java.Nocheat skipped
C:\Documents and Settings\tom\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\omfge.class-2b3d7713-199e0a7a.class Infected: Trojan-Downloader.Java.OpenStream.y skipped
C:\Documents and Settings\tom\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\omfge.class-53cc9798-74318e7c.class Infected: Trojan-Downloader.Java.OpenStream.y skipped
C:\Documents and Settings\tom\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-1600bfec-72b20524.zip/BlackBox.class Infected: Trojan.Java.ClassLoader.z skipped
C:\Documents and Settings\tom\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-1600bfec-72b20524.zip/VB.class Infected: Trojan.Java.ClassLoader.ak skipped
C:\Documents and Settings\tom\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-1600bfec-72b20524.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Documents and Settings\tom\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-1600bfec-72b20524.zip ZIP: infected - 3 skipped
C:\Documents and Settings\tom\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-75279b3d-73be2610.zip/BlackBox.class Infected: Trojan.Java.ClassLoader.z skipped
C:\Documents and Settings\tom\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-75279b3d-73be2610.zip/VB.class Infected: Trojan.Java.ClassLoader.ak skipped
C:\Documents and Settings\tom\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-75279b3d-73be2610.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Documents and Settings\tom\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-75279b3d-73be2610.zip ZIP: infected - 3 skipped
C:\Documents and Settings\tom\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-21d0c2ae-655e07a9.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\tom\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-21d0c2ae-655e07a9.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Documents and Settings\tom\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-21d0c2ae-655e07a9.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenConnection.aa skipped
C:\Documents and Settings\tom\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-21d0c2ae-655e07a9.zip ZIP: infected - 3 skipped
C:\Documents and Settings\tom\Application Data\WINANTIVIRUSPRO2006FREEINSTALL[1].0XE Infected: Trojan-Downloader.Win32.Agent.alr skipped
C:\Documents and Settings\tom\BKEBYWEI.0XE Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\Documents and Settings\tom\BPROXAED.0XE Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\Documents and Settings\tom\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\tom\Desktop\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\tom\Desktop\SmitfraudFix.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\tom\Desktop\SmitfraudFix.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\tom\Desktop\SmitfraudFix.exe RarSFX: infected - 2 skipped
C:\Documents and Settings\tom\EZEWZFLJ.0XE Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\Documents and Settings\tom\LKAUCHZA.0XE Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\Documents and Settings\tom\LOADED.0XE Infected: Trojan-Downloader.Win32.Small.ecy skipped
C:\Documents and Settings\tom\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\tom\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\tom\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\tom\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\tom\NJVJIQVG.0XE Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\Documents and Settings\tom\ntuser.dat Object is locked skipped
C:\Documents and Settings\tom\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\tom\OHADHQAI.0XE Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\Documents and Settings\tom\PGFFLKAL.0XE Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\Documents and Settings\tom\PXPBLCTU.0XE Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\Documents and Settings\tom\VNBXDAEX.0XE Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\Downloads\busdriver_setup-dm[1].exe Infected: not-a-virus:AdWare.Win32.Trymedia.b skipped
C:\HJT\Trend Micro\HijackThis\backups\backup-20071028-151712-244-system.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\HJT\Trend Micro\HijackThis\backups\backup-20071029-122518-624-system.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\HJT\Trend Micro\HijackThis\backups\backup-20071029-122518-817-autorun.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\HJT\Trend Micro\HijackThis\backups\backup-20071029-211703-535-autorun.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\HJT\Trend Micro\HijackThis\backups\backup-20071029-211703-631-system.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\Program Files\Common Files\CMEII\CMEIIAPI.dll Infected: not-a-virus:AdWare.Win32.Gator.6051 skipped
C:\Program Files\Common Files\CMEII\CMESys.exe Infected: not-a-virus:AdWare.Win32.Gator.6034 skipped
C:\Program Files\Common Files\CMEII\GAppMgr.dll Infected: not-a-virus:AdWare.Win32.Gator.6051 skipped
C:\Program Files\Common Files\CMEII\GController.dll Infected: not-a-virus:AdWare.Win32.Gator.6051 skipped
C:\Program Files\Common Files\CMEII\GDwldEng.dll Infected: not-a-virus:AdWare.Win32.Gator.3124 skipped
C:\Program Files\Common Files\CMEII\GIocl.dll Infected: not-a-virus:AdWare.Win32.Gator.6051 skipped
C:\Program Files\Common Files\CMEII\GIoclClient.dll Infected: not-a-virus:AdWare.Win32.Gator.6051 skipped
C:\Program Files\Common Files\CMEII\GMTProxy.dll Infected: not-a-virus:AdWare.Win32.Gator.6051 skipped
C:\Program Files\Common Files\CMEII\GObjs.dll Infected: not-a-virus:AdWare.Win32.Gator.6051 skipped
C:\Program Files\Common Files\CMEII\GStore.dll Infected: not-a-virus:AdWare.Win32.Gator.6051 skipped
C:\Program Files\Common Files\CMEII\GStoreServer.dll Infected: not-a-virus:AdWare.Win32.Gator.6051 skipped
C:\Program Files\Common Files\CMEII\Gtools.dll Infected: not-a-virus:AdWare.Win32.Gator.6051 skipped
C:\Program Files\Common Files\cprnpptc\cjlrhbpaph\hbfharbln.exe Infected: not-a-virus:AdWare.Win32.Gator.a skipped
C:\Program Files\Common Files\cprnpptc\erdrjjpe\pdfjajdp.exe Infected: not-a-virus:AdWare.Win32.Gator.a skipped
C:\Program Files\Common Files\GMT\EGGCEngine.dll Infected: not-a-virus:AdWare.Win32.Gator.6051 skipped
C:\Program Files\Common Files\GMT\egIEEngine.dll Infected: not-a-virus:AdWare.Win32.Gator.5017 skipped
C:\Program Files\Common Files\GMT\EGIEProcess.dll Infected: not-a-virus:AdWare.Win32.Gator.6041 skipped
C:\Program Files\Common Files\GMT\EGNSEngine.dll Infected: not-a-virus:AdWare.Win32.Gator.5017 skipped
C:\Program Files\Common Files\GMT\GatorRes.dll Infected: not-a-virus:AdWare.Win32.Gator.6041 skipped
C:\Program Files\Common Files\GMT\GatorStubSetup.exe Infected: not-a-virus:AdWare.Win32.Gator.6034 skipped
C:\Program Files\Common Files\GMT\GMT.exe Infected: not-a-virus:AdWare.Win32.Gator.6051 skipped
C:\Program Files\Common Files\GMT\gtrawbm.fil Infected: not-a-virus:AdWare.Win32.Gator.a skipped
C:\Program Files\Common Files\GMT\GUninstaller.exe Infected: not-a-virus:AdWare.Win32.Gator.6053 skipped
C:\Program Files\Common Files\Symantec Shared\Antispam\Log\Spam.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDALRT.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDCON.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDDBG.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDFW.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDIDS.log Object is locked skipped
C:\Program Files\Common Files\Symantec Shared\SNDSYS.log Object is locked skipped
C:\Program Files\INSTAFINK\InstaFinderK_inst.exe/stream Infected: not-a-virus:AdWare.Win32.404Search.h skipped
C:\Program Files\INSTAFINK\InstaFinderK_inst.exe NSIS: infected - 1 skipped
C:\Program Files\INSTAFINK\instafink.dll Infected: not-a-virus:AdWare.Win32.404Search.h skipped
C:\Program Files\MyWay\myBar\1.bin\MY2NS.EXE Infected: not-a-virus:AdWare.Win32.MyWay.b skipped
C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL Infected: not-a-virus:AdWare.Win32.MyWay.g skipped
C:\Program Files\MyWay\myBar\1.bin\NPMYWAY.DLL Infected: not-a-virus:AdWare.Win32.MyWay.f skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVApp.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVError.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\AVVirus.log Object is locked skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\08916398.zip/Counter.class Infected: Trojan.Java.Femad skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\08916398.zip/VerifierBug.class Infected: Trojan.Java.Femad skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\08916398.zip/web.exe Infected: Trojan.Win32.LowZones.cp skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\08916398.zip/Worker.class Infected: Trojan.Java.Femad skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\08916398.zip/Xeyond.class Infected: Trojan.Java.Femad skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\08916398.zip ZIP: infected - 5 skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\08916398.zip CryptFF: infected - 5 skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0BEE5226.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0C4C21BE.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\0CED221E.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\112B2717.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\149E69CD.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\191A253A.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1C2F7176.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\1F647020.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\20C65E5E.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\21AF319F.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\21B25B9C.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\21B25B9C.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\21B25B9C.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\21B25B9C.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\21B25B9C.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\21B25B9C.zip ZIP: infected - 4 skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\21B25B9C.zip CryptFF: infected - 4 skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\266621EF.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\271556D7.class Infected: Trojan.Java.Nocheat skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\2CEE52EF.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\2F8E1F7B.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\35764762.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3917477F.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3A2B7392.zip/Counter.class Infected: Trojan.Java.Femad skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3A2B7392.zip/VerifierBug.class Infected: Trojan.Java.Femad skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3A2B7392.zip/web.exe Infected: Trojan.Win32.LowZones.cp skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3A2B7392.zip/Worker.class Infected: Trojan.Java.Femad skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3A2B7392.zip/Xeyond.class Infected: Trojan.Java.Femad skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3A2B7392.zip ZIP: infected - 5 skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3A2B7392.zip CryptFF: infected - 5 skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\41060361.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\429F6497.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\43F62043.0TM Infected: Exploit.HTML.Mht skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\43F94A40.zip/BlackBox.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\43F94A40.zip/VerifierBug.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\43F94A40.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.d skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\43F94A40.zip/Beyond.class Infected: Trojan-Downloader.Java.OpenStream.d skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\43F94A40.zip ZIP: infected - 4 skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\43F94A40.zip CryptFF: infected - 4 skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4A040AB7.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4A040AB7.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4A040AB7.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4A040AB7.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4A040AB7.zip ZIP: infected - 4 skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4A040AB7.zip CryptFF: infected - 4 skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4B6E6A2A.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4BCB05F4.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4C5F05C8.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4C6E3A22.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4E766631.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4E903614.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4E903614.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4E903614.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4E903614.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4E903614.zip ZIP: infected - 4 skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4E903614.zip CryptFF: infected - 4 skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4E936011.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\4EB13146.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\50D83BF1.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\54C01F0E.class Infected: Trojan.Java.ClassLoader.f skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\54C3490A.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\54C3490A.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\54C3490A.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\54C3490A.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\54C3490A.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\54C3490A.zip ZIP: infected - 4 skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\54C3490A.zip CryptFF: infected - 4 skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\54CA1D03.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\54D070FC.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\5BE5319C.class Infected: Trojan.Java.Nocheat skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\627C6124.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\627F0B20.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6282351D.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\62865F19.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\62890916.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6E3A7653.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6FAE6963.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\730A79CE.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7362676D.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\74B76096.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\751C21EB.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\751F4BE7.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\751F4BE7.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\751F4BE7.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\751F4BE7.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\751F4BE7.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\751F4BE7.zip ZIP: infected - 4 skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\751F4BE7.zip CryptFF: infected - 4 skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\76FB409C.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\781D4A4E.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\78347035.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\78347035.zip/GetAccess.class Infected: Trojan.Java.ClassLoader.c skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\78347035.zip/InsecureClassLoader.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\78347035.zip/Dummy.class Infected: Trojan.Java.ClassLoader.Dummy.a skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\78347035.zip/Installer.class Infected: Trojan-Downloader.Java.OpenConnection.v skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\78347035.zip ZIP: infected - 4 skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\78347035.zip CryptFF: infected - 4 skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\783B442E.class Infected: Exploit.Java.ByteVerify skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7A287836.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7B3E2561.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7E1C1298.0 Infected: Trojan-Downloader.Win32.Obfuscated.n skipped
C:\Program Files\Virtual Assistant\SmartBridge\AlertFilter.log Object is locked skipped
C:\Program Files\Virtual Assistant\SmartBridge\log\httpclient.log Object is locked skipped
C:\Program Files\Virtual Assistant\SmartBridge\SmartBridge.log Object is locked skipped
C:\qoobox\Quarantine\C\Documents and Settings\Administrator\Start Menu\Programs\Startup\system.exe.vir Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\qoobox\Quarantine\C\Documents and Settings\tom\Application Data\install_en[1].exe.vir Infected: not-a-virusownloader.Win32.WinFixer.z skipped
C:\qoobox\Quarantine\C\Documents and Settings\tom\Start Menu\Programs\Startup\system.exe.vir Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\qoobox\Quarantine\C\Program Files\Common Files\AVSystemCare\uga6pcw.exe.bak.bak.vir Infected: not-a-virus:FraudTool.Win32.BestSeller.a skipped
C:\qoobox\Quarantine\C\Program Files\Ultimate Cleaner\app.exe.vir Infected: not-a-virus:FraudTool.Win32.UltimateDefender.d skipped
C:\qoobox\Quarantine\C\Program Files\Ultimate Cleaner\IeSafe.exe.vir Infected: not-a-virus:FraudTool.Win32.UltimateDefender.36042 skipped
C:\qoobox\Quarantine\C\Program Files\Ultimate Cleaner\Uninstall.exe.vir Infected: not-a-virus:FraudTool.Win32.UltimateDefender.f skipped
C:\qoobox\Quarantine\C\WINDOWS\SYSTEM32\DRIVERS\FMTR.sys.vir Infected: not-a-virus:FraudTool.Win32.BestSeller.a skipped
C:\qoobox\Quarantine\C\WINDOWS\SYSTEM32\printer.exe.vir Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\qoobox\Quarantine\C\WINDOWS\SYSTEM32\vtr.dll.vir Infected: not-virus:Hoax.Win32.Renos.lq skipped
C:\qoobox\Quarantine\C\WINDOWS\SYSTEM32\WinAvXX.exe.vir Infected: not-virus:Hoax.Win32.Renos.ll skipped

 

C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP312\A0020776.exe Infected: not-virus:Hoax.Win32.Renos.mx skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP312\A0020780.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP312\A0020782.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP312\A0020783.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP312\A0021075.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP312\A0021076.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP312\A0021077.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0021119.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0021121.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0021122.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0022114.0NI Infected: Trojan.Win32.Qhost.my skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0022120.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0022121.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0022122.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0023125.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0023126.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0023127.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024123.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024124.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024125.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024257.exe Infected: not-a-virus:FraudTool.Win32.BestSeller.a skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024258.dll Infected: not-a-virus:FraudTool.Win32.BestSeller.a skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024259.exe Infected: not-a-virus:FraudTool.Win32.BestSeller.a skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024261.exe Infected: not-a-virus:FraudTool.Win32.BestSeller.a skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024289.sys Infected: not-a-virus:FraudTool.Win32.BestSeller.a skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024297.dll Infected: not-a-virus:FraudTool.Win32.BestSeller.a skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024318.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024319.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024320.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024416.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024417.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024418.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024433.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024434.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024435.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024443.0XE Infected: Trojan-Downloader.Win32.Agent.alr skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024444.exe Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024445.exe Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024446.exe Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024447.exe Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024448.exe Infected: Trojan-Downloader.Win32.Small.ecy skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024449.exe Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024450.exe Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024451.exe Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024452.exe Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP313\A0024453.exe Infected: Trojan-Downloader.Win32.Small.cpg skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP314\A0024455.dll Infected: Trojan.Win32.Obfuscated.ev skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP314\A0024456.dll Infected: Trojan-Downloader.Win32.Busky.s skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP314\A0024457.dll Infected: Trojan-Downloader.Win32.Busky.r skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP314\A0024458.dll Infected: Trojan.Win32.Obfuscated.ev skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP314\A0024459.hta Infected: Trojan-Downloader.VBS.Psyme.at skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP314\A0024471.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP314\A0024472.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP314\A0024473.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP314\A0024487.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP314\A0024488.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP314\A0024489.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP314\A0024507.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP314\A0024508.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP314\A0024509.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP314\A0024524.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP314\A0024526.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP314\A0024527.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP314\A0024542.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP314\A0024543.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP314\A0024544.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP314\A0024561.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP314\A0024562.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP314\A0024563.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP315\A0025564.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP315\A0025565.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP315\A0025566.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP315\A0025576.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP315\A0025577.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP315\A0025578.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP316\A0025660.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP316\A0025661.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP316\A0025662.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP316\A0025674.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP316\A0025675.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP316\A0025676.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP316\A0025693.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP316\A0025694.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP316\A0025695.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP316\A0025710.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP316\A0025711.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP316\A0025712.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP316\A0025724.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP316\A0025725.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP316\A0025726.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP316\A0025891.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP316\A0025917.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP316\A0025918.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP317\A0025928.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP317\A0025929.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP317\A0025930.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP317\A0026035.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP317\A0026272.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP317\A0026273.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP317\A0026274.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP317\A0026980.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP317\A0026981.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP317\A0026982.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP317\A0026988.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP317\A0026989.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP317\A0026990.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP317\A0026996.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP317\A0026997.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP317\A0026998.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP317\A0027004.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP317\A0027005.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP317\A0027006.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP317\A0027012.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP317\A0027013.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP317\A0027014.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP317\A0027019.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP317\A0027020.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP317\A0027021.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027029.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027030.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027031.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027038.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027039.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027040.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027046.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027047.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027048.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027054.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027055.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027056.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027062.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027063.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027064.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027070.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027071.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027072.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027077.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027078.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027079.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027092.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027093.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027094.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027101.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027102.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP318\A0027103.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP319\A0027105.exe Infected: not-a-virusownloader.Win32.WinFixer.z skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP319\A0027106.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP319\A0027109.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.d skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP319\A0027110.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.36042 skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP319\A0027111.exe Infected: not-a-virus:FraudTool.Win32.UltimateDefender.f skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP319\A0027113.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP319\A0027114.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP319\A0027115.dll Infected: not-virus:Hoax.Win32.Renos.lq skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP319\A0027116.sys Infected: not-a-virus:FraudTool.Win32.BestSeller.a skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP319\A0027128.exe Infected: not-a-virusownloader.Win32.WinFixer.z skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP319\A0027164.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP319\A0027165.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP319\A0027166.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP320\A0027175.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP320\A0027176.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP320\A0027177.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP320\A0027224.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP320\A0027225.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP320\A0027226.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP320\A0027232.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP320\A0027233.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP320\A0027234.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP320\A0027241.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP320\A0027242.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP320\A0027243.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP321\A0027252.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP321\A0027253.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP322\A0027300.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP322\A0027301.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP322\A0027302.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP322\A0027347.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP322\A0027348.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP322\A0027349.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027357.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027358.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027363.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027364.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027365.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027372.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027373.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027374.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027380.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027381.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027382.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027387.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027388.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027394.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027395.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027396.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027402.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027403.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027404.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027408.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027409.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027411.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027416.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027417.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027418.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027424.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027425.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027426.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027431.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027432.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027433.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027434.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP323\A0027440.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP324\A0027446.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP324\A0027447.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP324\A0027448.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP324\A0027453.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP324\A0027454.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP324\A0027455.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP324\A0027462.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP324\A0027463.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP324\A0027464.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP325\A0027469.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP325\A0027470.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP325\A0027471.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP325\A0027476.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP325\A0027477.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP325\A0027478.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP325\A0027479.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP326\A0027524.exe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP328\change.log Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\SYSTEM32\ANSFSRG.0LL Infected: Trojan.Win32.Obfuscated.ev skipped
C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG Object is locked skipped

 

C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS.0 Infected: Trojan.Win32.Qhost.my skipped
C:\WINDOWS\SYSTEM32\H323LOG.TXT Object is locked skipped
C:\WINDOWS\SYSTEM32\HRCOPUL.0LL Infected: Trojan-Downloader.Win32.Busky.s skipped
C:\WINDOWS\SYSTEM32\MXSUKXB.0LL Infected: Trojan-Downloader.Win32.Busky.r skipped
C:\WINDOWS\SYSTEM32\QFYQAKN.0LL Infected: Trojan.Win32.Obfuscated.ev skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WinAvXX.0xe Infected: not-virus:Hoax.Win32.Renos.ll skipped
C:\WINDOWS\TEST.0TA Infected: Trojan-Downloader.VBS.Psyme.at skipped
C:\WINDOWS\WIADEBUG.LOG Object is locked skipped
C:\WINDOWS\WIASERVC.LOG Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped

Scan process completed.

 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:12:06 PM, on 11/6/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\LxrJD31s.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\hkcmd.exe
C:\PROGRA~1\VIRTUA~1\SMARTB~1\SprintDSLAlert.exe
C:\Program Files\internet explorer\iexplore.exe
C:\HJT\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bright.net
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SprintModemUpdate] javaw.exe -cp "C:\Program Files\Motive\FirmwareUpdater\lib\SprintModemUpdate.jar" com.motive.firmwareUpdater.client.SprintModemUpdate
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VIRTUA~1\SMARTB~1\SprintDSLAlert.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe "
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Block this popup - C:\Program Files\EMBARQ Online Security\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\EMBARQ Online Security\Anti-Spyware\ieshield.dll (file missing)
O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\EMBARQ Online Security\Anti-Spyware\ieshield.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.bright.net
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O23 - Service: EMBARQ Online Security (BackWeb Plug-in - 7211241) - Unknown owner - C:\PROGRA~1\EMBARQ~2\backweb\7211241\Program\SERVIC~1.EXE (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Lexar JD31 (LxrJD31s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrJD31s.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

--
End of file - 5270 bytes

 

Open Add/Remove programs and uninstall any of the applications listed below, if present.

GMT or Gator or Gain
InstaFinder or INSTAFINK
MyWay

When done, delete the following folders.

C:\Program Files\Common Files\GMT
C:\Program Files\INSTAFINK
C:\Program Files\MyWay

Download and install AVG Anti-Spyware (AVG-AS)

• When installation completes, start AVG-AS then click the Update tab at the top. Under Manual Update click Start update.
• After the update finishes (the status bar at the bottom will display "Update successful "), close AVG-AS.

Open the Norton Antivirus interface and delete the Quarantined items.
Open HijackThis to the Misc Tools section. Click Backups, then remove them all. Close HijackThis.
Delete SmitfraudFix.exe and the SmitfraudFix folder from your desktop.

Download ATF Cleaner by Atribune and save it to your Desktop.

• Double click ATF-Cleaner.exe to run the program.
• Check the boxes to the left of:
  
  
  • Windows Temp
  • Current User Temp
  • All Users Temp
  • Temporary Internet Files
  • Prefetch
  • Java Cache
  • Recycle bin
  
  
• The rest are optional - if you want it to remove everything check "Select All ".
• Finally, click Empty Selected. When you get the "Done Cleaning" message, click OK.

Open My Computer then right click Local Disk C: and select Properties. Click Disk Cleanup then wait for it to finish calculating and open a diaolg box. Select the More Options tab, then click Clean up in the System Restore section. Click Yes to the confirmation popup, wait for several seconds for that to complete, then click Cancel to exit without running Disk Cleanup. Close out of the C: drive properties dialog and My Computer.

Please delete the ComboFix.exe file you currently have and download a fresh copy from here, saving it to your desktop.

Delete any renamed cfscript.txt files from your desktop. Highlight and copy the contents of the code box below and paste it into a blank notepad, then save it to your desktop as;

Filename: CFScript.txt
Save As Type: All Files (*.*)

Code:

File::
C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS.0
C:\WINDOWS\SYSTEM32\HRCOPUL.0LL
C:\WINDOWS\SYSTEM32\MXSUKXB.0LL
C:\WINDOWS\SYSTEM32\QFYQAKN.0LL
C:\WINDOWS\SYSTEM32\WinAvXX.0xe
C:\WINDOWS\TEST.0TA
C:\WINDOWS\SYSTEM32\ANSFSRG.0LL
C:\Documents and Settings\tom\Application Data\WINANTIVIRUSPRO2006FREEINSTALL[1].0XE
C:\Documents and Settings\tom\BKEBYWEI.0XE
C:\Documents and Settings\tom\BPROXAED.0XE
C:\Documents and Settings\tom\EZEWZFLJ.0XE
C:\Documents and Settings\tom\LKAUCHZA.0XE
C:\Documents and Settings\tom\LOADED.0XE
C:\Documents and Settings\tom\NJVJIQVG.0XE
C:\Documents and Settings\tom\OHADHQAI.0XE
C:\Documents and Settings\tom\PGFFLKAL.0XE
C:\Documents and Settings\tom\PXPBLCTU.0XE
C:\Documents and Settings\tom\VNBXDAEX.0XE
Folder::
C:\Program Files\Common Files\CMEII
C:\Program Files\Common Files\cprnpptc

Close all other windows and programs. Now drag the CFScript.txt onto ComboFix.exe and drop it, using the left mouse button. Combofix should run and may reboot the computer when it's done. A log will open when it's complete. Close it for now.

Please do not click on the ComboFix window while it is running a scan. This can cause it to stall.


Open AVG-AS.

• Click on the Scanner tab at the top.
• Click the "Settings" tab and change the recommended action to Quarantine.
• Select Do Not Automatically Generate a Report after Every Scan.
• Go back to the "Scan" tab and click "Complete System Scan ". This scan can take quite a while to run, so sit back and wait.
• AVG-AS will list any infections found on the left hand side. When the scan has finished, it will automatically set the recommended action.
• Click the Apply all actions button. AVG-AS will display "All actions have been applied" on the right hand side.
• Click on "Save Report ", then "Save Report As ". Save the report where you know you can find it again (like on the Desktop) and take note of the name.
• Close AVG-AS and reboot.

Please post the contents of C:\ComboFix.txt, a new HiJackThis log and the AVG-AS report.

 

ComboFix 07-11-08.1 - tom 2007-11-08 14:16:02.6 - NTFSx86
Running from: C:\Documents and Settings\tom\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\tom\Desktop\CFScript.txt
* Created a new restore point

FILE
C:\Documents and Settings\tom\Application Data\WINANTIVIRUSPRO2006FREEINSTALL[1].0XE
C:\Documents and Settings\tom\BKEBYWEI.0XE
C:\Documents and Settings\tom\BPROXAED.0XE
C:\Documents and Settings\tom\EZEWZFLJ.0XE
C:\Documents and Settings\tom\LKAUCHZA.0XE
C:\Documents and Settings\tom\LOADED.0XE
C:\Documents and Settings\tom\NJVJIQVG.0XE
C:\Documents and Settings\tom\OHADHQAI.0XE
C:\Documents and Settings\tom\PGFFLKAL.0XE
C:\Documents and Settings\tom\PXPBLCTU.0XE
C:\Documents and Settings\tom\VNBXDAEX.0XE
C:\WINDOWS\SYSTEM32\ANSFSRG.0LL
C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS.0
C:\WINDOWS\SYSTEM32\HRCOPUL.0LL
C:\WINDOWS\SYSTEM32\MXSUKXB.0LL
C:\WINDOWS\SYSTEM32\QFYQAKN.0LL
C:\WINDOWS\SYSTEM32\WinAvXX.0xe
C:\WINDOWS\TEST.0TA
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\tom\Application Data\WINANTIVIRUSPRO2006FREEINSTALL[1].0XE
C:\Documents and Settings\tom\BKEBYWEI.0XE
C:\Documents and Settings\tom\BPROXAED.0XE
C:\Documents and Settings\tom\EZEWZFLJ.0XE
C:\Documents and Settings\tom\LKAUCHZA.0XE
C:\Documents and Settings\tom\LOADED.0XE
C:\Documents and Settings\tom\NJVJIQVG.0XE
C:\Documents and Settings\tom\OHADHQAI.0XE
C:\Documents and Settings\tom\PGFFLKAL.0XE
C:\Documents and Settings\tom\PXPBLCTU.0XE
C:\Documents and Settings\tom\VNBXDAEX.0XE
C:\Program Files\Common Files\CMEII
C:\Program Files\Common Files\CMEII\CMEDiagnostics.log
C:\Program Files\Common Files\CMEII\CMEIIAPI.dll
C:\Program Files\Common Files\CMEII\CMESys.exe
C:\Program Files\Common Files\CMEII\GAppMgr.dll
C:\Program Files\Common Files\CMEII\GatorSupportInfo.txt
C:\Program Files\Common Files\CMEII\GController.dll
C:\Program Files\Common Files\CMEII\GDwldEng.dll
C:\Program Files\Common Files\CMEII\GIocl.dll
C:\Program Files\Common Files\CMEII\GIoclClient.dll
C:\Program Files\Common Files\CMEII\GMTProxy.dll
C:\Program Files\Common Files\CMEII\GObjs.dll
C:\Program Files\Common Files\CMEII\gOps.bac
C:\Program Files\Common Files\CMEII\gReg.reg
C:\Program Files\Common Files\CMEII\GStore.dll
C:\Program Files\Common Files\CMEII\GStoreServer.dll
C:\Program Files\Common Files\CMEII\Gtools.dll
C:\Program Files\Common Files\CMEII\store\core\appllist
C:\Program Files\Common Files\CMEII\store\core\appmgr.cfg
C:\Program Files\Common Files\CMEII\store\core\appmgrgui.zip
C:\Program Files\Common Files\CMEII\store\core\col
C:\Program Files\Common Files\CMEII\store\core\hfixcfg
C:\Program Files\Common Files\CMEII\store\core\locappllist
C:\Program Files\Common Files\CMEII\store\core\odm.cfg
C:\Program Files\Common Files\CMEII\store\core\svclist
C:\Program Files\Common Files\CMEII\store\core\syscfg
C:\Program Files\Common Files\cprnpptc
C:\Program Files\Common Files\cprnpptc\cjlrhbpaph\anallltdjr.prd
C:\Program Files\Common Files\cprnpptc\cjlrhbpaph\hbfharbln.exe
C:\Program Files\Common Files\cprnpptc\erdrjjpe\paanlpdpd.par
C:\Program Files\Common Files\cprnpptc\erdrjjpe\pdfjajdp.exe
C:\WINDOWS\SYSTEM32\ANSFSRG.0LL
C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS.0
C:\WINDOWS\SYSTEM32\HRCOPUL.0LL
C:\WINDOWS\SYSTEM32\MXSUKXB.0LL
C:\WINDOWS\SYSTEM32\QFYQAKN.0LL
C:\WINDOWS\SYSTEM32\WinAvXX.0xe
C:\WINDOWS\TEST.0TA

.
((((((((((((((((((((((((( Files Created from 2007-10-08 to 2007-11-08 )))))))))))))))))))))))))))))))
.

2007-11-08 13:51 <DIR> d-------- C:\Documents and Settings\tom\Application Data\Grisoft
2007-11-08 13:50 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-11-08 13:50 10,872 --a------ C:\WINDOWS\SYSTEM32\DRIVERS\AvgAsCln.sys
2007-11-05 09:20 <DIR> d-------- C:\WINDOWS\SYSTEM32\Kaspersky Lab
2007-11-05 09:20 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-11-04 14:05 <DIR> d-------- C:\Program Files\VirusTotalUploader
2007-11-01 10:28 1,144 --a------ C:\WINDOWS\SYSTEM32\tmp.reg
2007-11-01 10:25 289,144 --a------ C:\WINDOWS\SYSTEM32\VCCLSID.exe
2007-11-01 10:25 288,417 --a------ C:\WINDOWS\SYSTEM32\SrchSTS.exe
2007-11-01 10:25 53,248 --a------ C:\WINDOWS\SYSTEM32\Process.exe
2007-11-01 10:25 51,200 --a------ C:\WINDOWS\SYSTEM32\dumphive.exe
2007-11-01 10:25 25,600 --a------ C:\WINDOWS\SYSTEM32\WS2Fix.exe
2007-10-30 16:55 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Symantec
2007-10-30 16:55 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Sonic
2007-10-30 16:55 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Jasc Software Inc
2007-10-30 16:55 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Gtek
2007-10-29 20:01 <DIR> d-------- C:\Program Files\Registrar Registry Manager
2007-10-29 20:01 31,024 --a------ C:\WINDOWS\SYSTEM32\rrMon.sys
2007-10-29 11:32 <DIR> d-------- C:\Deckard
2007-10-27 07:50 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-26 17:31 <DIR> d-------- C:\HJT
2007-10-11 09:50 584,192 --------- C:\WINDOWS\SYSTEM32\DLLCACHE\rpcrt4.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-03 22:51 --------- d-----w C:\Program Files\Embarq TotalAccess
2007-10-03 22:51 --------- d-----w C:\Documents and Settings\tom\Application Data\Earthlink
2007-10-03 22:46 --------- d-----w C:\Documents and Settings\Owner\Application Data\EarthLink
2007-09-19 23:05 28,256 ----a-w C:\WINDOWS\system32\drivers\MxlW2k.sys
2005-03-08 00:26 457 ----a-w C:\Program Files\INSTALL.LOG
2004-08-04 07:56:46 50,688 --sh--w C:\WINDOWS\twain_32.dll
2004-08-04 07:56:42 1,028,096 --sha-w C:\WINDOWS\SYSTEM32\mfc42.dll
2004-08-04 07:56:43 54,784 --sh--w C:\WINDOWS\SYSTEM32\msvcirt.dll
2004-08-04 07:56:43 413,696 --sha-w C:\WINDOWS\SYSTEM32\msvcp60.dll
2004-08-04 07:56:43 343,040 --sha-w C:\WINDOWS\SYSTEM32\msvcrt.dll
2007-05-17 11:28:05 549,376 --sh--w C:\WINDOWS\SYSTEM32\oleaut32.dll
2004-08-04 07:56:44 83,456 --sha-w C:\WINDOWS\SYSTEM32\olepro32.dll
2004-08-04 07:56:55 11,776 --sh--w C:\WINDOWS\SYSTEM32\regsvr32.exe
.

((((((((((((((((((((((((((((( snapshot@2007-10-27_ 9.05.46.29 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-10-20 10:03:30 136,192 ----a-w C:\WINDOWS\catchme.exe
+ 2007-10-29 23:56:19 136,192 ----a-w C:\WINDOWS\catchme.exe
+ 2005-05-24 17:27:16 213,048 ----a-w C:\WINDOWS\SYSTEM32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2007-08-29 20:47:20 94,208 ----a-w C:\WINDOWS\SYSTEM32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2007-08-29 20:49:54 950,272 ----a-w C:\WINDOWS\SYSTEM32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
- 2007-03-12 03:41:21 53,436 ----a-w C:\WINDOWS\SYSTEM32\PERFC009.DAT
+ 2007-11-04 13:56:10 53,436 ----a-w C:\WINDOWS\SYSTEM32\PERFC009.DAT
- 2007-03-12 03:41:21 381,692 ----a-w C:\WINDOWS\SYSTEM32\PERFH009.DAT
+ 2007-11-04 13:56:10 381,692 ----a-w C:\WINDOWS\SYSTEM32\PERFH009.DAT
+ 2003-03-21 18:41:54 112,640 ----a-w C:\WINDOWS\SYSTEM32\rrsec.dll
+ 2007-07-18 22:50:20 97,240 ----a-w C:\WINDOWS\SYSTEM32\rrsec2k.exe
- 2007-04-02 18:21:27 139,776 ----a-w C:\WINDOWS\SYSTEM32\swreg.exe
+ 2007-07-22 23:39:27 279,552 ----a-w C:\WINDOWS\SYSTEM32\swreg.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task "= "C:\Program Files\QuickTime\qttask.exe" [2004-06-09 13:39]
"IgfxTray "= "C:\WINDOWS\system32\igfxtray.exe" [2005-10-19 07:59]
"HotKeysCmds "= "C:\WINDOWS\system32\hkcmd.exe" [2005-10-19 07:59]
"SprintModemUpdate "= "javaw.exe" [2004-06-09 13:30 C:\WINDOWS\SYSTEM32\javaw.exe]
"Motive SmartBridge "= "C:\PROGRA~1\VIRTUA~1\SMARTB~1\SprintDSLAlert.exe" [2007-10-03 08:05]
"!AVG Anti-Spyware "= "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 04:25]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS "= "C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 11:24]
"MoneyAgent "= "C:\Program Files\Microsoft Money\System\mnyexpr.exe" [2003-06-18 12:00]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools "=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"Btn_Back "=0 (0x0)
"Btn_Forward "=0 (0x0)
"Btn_Stop "=0 (0x0)
"Btn_Refresh "=0 (0x0)
"Btn_Home "=0 (0x0)
"Btn_Search "=0 (0x0)
"Btn_History "=0 (0x0)
"Btn_Favorites "=0 (0x0)
"Btn_Folders "=0 (0x0)
"Btn_Fullscreen "=0 (0x0)
"Btn_Tools "=0 (0x0)
"Btn_MailNews "=0 (0x0)
"Btn_Size "=0 (0x0)
"Btn_Print "=0 (0x0)
"Btn_Edit "=0 (0x0)
"Btn_Discussions "=0 (0x0)
"Btn_Cut "=0 (0x0)
"Btn_Copy "=0 (0x0)
"Btn_Paste "=0 (0x0)
"Btn_Encoding "=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^America Online 9.0 Tray Icon.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\America Online 9.0 Tray Icon.lnk
backup=C:\WINDOWS\pss\America Online 9.0 Tray Icon.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^GStartup.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\GStartup.lnk
backup=C:\WINDOWS\pss\GStartup.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Virtual Assistant.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Virtual Assistant.lnk
backup=C:\WINDOWS\pss\Virtual Assistant.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
C:\Program Files\AIM\aim.exe -cnetwait.odl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
"C:\Program Files\Common Files\Symantec Shared\ccApp.exe "

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CXMon]
"C:\Program Files\Hewlett-Packard\PhotoSmart\Photo Imaging\Hpi_Monitor.exe "

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
"C:\Program Files\Dell Support\DSAgnt.exe" /startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
C:\WINDOWS\system32\dla\tfswctrl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EZNXP]
C:\PROGRA~1\EZN\EASYIN~1\eznorun.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\System32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\System32\igfxtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelMeM]
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KAZAA]
C:\Program Files\Kazaa\kazaa.exe /SYSTRAY

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
"C:\Program Files\Dell\Media Experience\PCMService.exe "

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
C:\PROGRA~1\SYMNET~1\SNDMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
"C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\URLLSTCK.exe]
C:\Program Files\Norton Internet Security\UrlLstCk.exe


*Newly Created Service* - AVGASCLN
.
Contents of the 'Scheduled Tasks' folder
"2007-11-03 00:00:39 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer.job "
- C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe
"2007-11-08 19:24:06 C:\WINDOWS\Tasks\Symantec NetDetect.job "
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
.
**************************************************************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-08 14:25:50
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-08 14:38:10 - machine was rebooted
C:\ComboFix2.txt ... 2007-11-02 09:40
C:\ComboFix3.txt ... 2007-10-28 14:57
C:\Combofix4.txt ... 2007-10-28 14:58
.
--- E O F ---

 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:53:03 PM, on 11/8/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\LxrJD31s.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\hkcmd.exe
C:\PROGRA~1\VIRTUA~1\SMARTB~1\SprintDSLAlert.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HJT\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bright.net
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SprintModemUpdate] javaw.exe -cp "C:\Program Files\Motive\FirmwareUpdater\lib\SprintModemUpdate.jar" com.motive.firmwareUpdater.client.SprintModemUpdate
O4 - HKLM\..\Run: [Motive SmartBridge] C:\PROGRA~1\VIRTUA~1\SMARTB~1\SprintDSLAlert.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe "
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Block this popup - C:\Program Files\EMBARQ Online Security\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &Viewpoint Search - res://C:\Program Files\Viewpoint\Viewpoint Toolbar\ViewBar.dll/CXTSEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\EMBARQ Online Security\Anti-Spyware\ieshield.dll (file missing)
O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\EMBARQ Online Security\Anti-Spyware\ieshield.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.bright.net
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: EMBARQ Online Security (BackWeb Plug-in - 7211241) - Unknown owner - C:\PROGRA~1\EMBARQ~2\backweb\7211241\Program\SERVIC~1.EXE (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Lexar JD31 (LxrJD31s) - Unknown owner - C:\WINDOWS\SYSTEM32\LxrJD31s.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

--
End of file - 5621 bytes

 

---------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 4:41:45 PM 11/8/2007

+ Scan result:



C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP330\A0027735.exe -> Adware.404Search : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP330\A0027736.dll -> Adware.404Search : Cleaned with backup (quarantined).
C:\Program Files\Altnet -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.ivd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.rvd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cevakrnl.xmd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cran.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cran.cvd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\cran.ivd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\emalware.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\emalware.cvd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\emalware.ivd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\java.cvd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\mdx_97.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\mdx_97.ivd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\plugins.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\plugins.cab.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\plugins.cab.cab (incomplete) -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\rup.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\rup.cvd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\sdx.ivd.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\update.cab -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\Altnet\My Altnet Shares\Bullguard Protection\update.txt.cab -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ADM25.ADM25 -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ADM25.ADM25.1 -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ADM25.ADM25\CurVer -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ADM4.ADM4 -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ADM4.ADM4.1 -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\ADM4.ADM4\CurVer -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\TopSearch.TSLink -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\TopSearch.TSLink.1 -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\TopSearch.TSLink\CLSID -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\TopSearch.TSLink\CurVer -> Adware.Altnet : Cleaned with backup (quarantined).
C:\Program Files\AWS\WeatherBug\MiniBugTransporter.dll -> Adware.Aws : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP330\A0027667.exe -> Adware.Gator : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP330\A0027691.dll -> Adware.Gator : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP330\A0027692.dll -> Adware.Gator : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP330\A0027693.dll -> Adware.Gator : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP330\A0027694.dll -> Adware.Gator : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP330\A0027695.dll -> Adware.Gator : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP330\A0027696.exe -> Adware.Gator : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP330\A0027697.exe -> Adware.Gator : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP331\A0027748.dll -> Adware.Gator : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP331\A0027749.exe -> Adware.Gator : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP331\A0027750.dll -> Adware.Gator : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP331\A0027751.dll -> Adware.Gator : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP331\A0027752.dll -> Adware.Gator : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP331\A0027753.dll -> Adware.Gator : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP331\A0027754.dll -> Adware.Gator : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP331\A0027755.dll -> Adware.Gator : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP331\A0027756.dll -> Adware.Gator : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP331\A0027758.dll -> Adware.Gator : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP331\A0027759.dll -> Adware.Gator : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP331\A0027760.dll -> Adware.Gator : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP331\A0027763.exe -> Adware.Gator : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP331\A0027764.exe -> Adware.Gator : Cleaned with backup (quarantined).
C:\qoobox\Quarantine\C\Program Files\Common Files\CMEII\CMEIIAPI.dll.vir -> Adware.Gator : Cleaned with backup (quarantined).
C:\qoobox\Quarantine\C\Program Files\Common Files\CMEII\CMESys.exe.vir -> Adware.Gator : Cleaned with backup (quarantined).
C:\qoobox\Quarantine\C\Program Files\Common Files\CMEII\GAppMgr.dll.vir -> Adware.Gator : Cleaned with backup (quarantined).
C:\qoobox\Quarantine\C\Program Files\Common Files\CMEII\GController.dll.vir -> Adware.Gator : Cleaned with backup (quarantined).
C:\qoobox\Quarantine\C\Program Files\Common Files\CMEII\GDwldEng.dll.vir -> Adware.Gator : Cleaned with backup (quarantined).
C:\qoobox\Quarantine\C\Program Files\Common Files\CMEII\GIocl.dll.vir -> Adware.Gator : Cleaned with backup (quarantined).
C:\qoobox\Quarantine\C\Program Files\Common Files\CMEII\GIoclClient.dll.vir -> Adware.Gator : Cleaned with backup (quarantined).
C:\qoobox\Quarantine\C\Program Files\Common Files\CMEII\GMTProxy.dll.vir -> Adware.Gator : Cleaned with backup (quarantined).
C:\qoobox\Quarantine\C\Program Files\Common Files\CMEII\GObjs.dll.vir -> Adware.Gator : Cleaned with backup (quarantined).
C:\qoobox\Quarantine\C\Program Files\Common Files\CMEII\GStore.dll.vir -> Adware.Gator : Cleaned with backup (quarantined).
C:\qoobox\Quarantine\C\Program Files\Common Files\CMEII\GStoreServer.dll.vir -> Adware.Gator : Cleaned with backup (quarantined).
C:\qoobox\Quarantine\C\Program Files\Common Files\CMEII\Gtools.dll.vir -> Adware.Gator : Cleaned with backup (quarantined).
C:\qoobox\Quarantine\C\Program Files\Common Files\cprnpptc\cjlrhbpaph\hbfharbln.exe.vir -> Adware.Gator : Cleaned with backup (quarantined).
C:\qoobox\Quarantine\C\Program Files\Common Files\cprnpptc\erdrjjpe\pdfjajdp.exe.vir -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\AppInfo -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\AppInfo\CME -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\AppInfo\GMT -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\CMEII -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\CMEII\GSNInstalled -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\GInternet -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\GInternet\Proxy -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\AutoUpdate -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\BK -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\BannerManager -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\CmeS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\EventLog -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\EventLog\Msgs -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\BD -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\EL -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\GBL -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_bc2 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_bg2 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_gatorcme -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_gbs -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_gi -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_gs -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_gt -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_regserver -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_rs -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_search -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_ss -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_trickle -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_ts -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GCH\_updateserver -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GUS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\GUS\HOL -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\SD -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\ScriptLoader -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\dyn\Settings -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\10647 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\11277 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\11278 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\11283 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\11287 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\11299 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\11300 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\11351 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\11364 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\11387 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\11388 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\11466 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\11469 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\11490 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\11510 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\11795 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12062 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12064 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12066 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12067 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12076 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12503 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12509 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12519 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12526 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12527 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12528 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12532 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12549 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12577 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12579 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12580 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12722 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12724 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12730 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12734 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12735 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12736 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12740 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12742 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12761 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12766 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12776 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12891 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12906 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12928 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12930 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12933 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12958 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12959 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12968 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\12972 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\13164 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\13165 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\13172 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\13273 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\13276 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\13337 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\13343 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\13536 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\13625 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\13626 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\13781 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\14370 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\14568 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\14579 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\14610 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\14612 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\14614 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\14616 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\14617 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\14673 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\14946 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\15033 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\15155 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\15283 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\15318 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\15443 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\15564 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\15578 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\15604 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\15624 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\15646 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\15823 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\15851 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\15853 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\15859 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\15898 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\15925 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\15963 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\15997 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\16696 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\16745 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\16794 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\16799 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\16802 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\16803 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\16814 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\16817 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\16846 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\16870 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\16876 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\16882 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\16887 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\16899 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\16906 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\16947 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\16953 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\16967 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\17051 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\17071 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\17481 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\17486 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\17821 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\17892 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\18128 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\18207 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\18804 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\19807 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\19911 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\19960 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\19994 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\20055 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\20069 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\20070 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\20186 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\20300 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\20363 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\20372 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\20682 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\21044 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\21366 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\21400 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\21401 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\21410 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\21651 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\21766 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\21938 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\21939 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\21940 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\21941 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\21942 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\21943 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\21944 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\21977 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\22008 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\22212 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\22255 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\22316 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\22326 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\22380 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\22397 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\22411 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\22470 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\22486 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\22518 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\22607 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\22841 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\22850 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\22860 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\22861 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\22869 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\22878 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\22886 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\22913 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23071 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23076 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23082 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23093 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23100 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23104 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23106 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23200 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23306 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23331 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23337 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23355 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23357 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23453 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23456 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23457 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23524 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23525 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23546 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23549 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23586 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23608 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23609 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23728 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23859 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23940 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23950 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23951 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23952 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\23980 -> Adware.Gator : Cleaned with backup (quarantined).

 

HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24185 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24306 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24326 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24364 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24368 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24369 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24381 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24424 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24426 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24427 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24431 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24432 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24433 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24442 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24451 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24453 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24454 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24457 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24531 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24545 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24553 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24557 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24560 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24569 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24588 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24592 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24626 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24729 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24771 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24876 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24883 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24961 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\24963 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\25132 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\25136 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\25150 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\25153 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\25237 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\25262 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\25276 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\25391 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\25398 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\25790 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\25791 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\25792 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\25793 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\25955 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26116 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26247 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26296 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26309 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26328 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26330 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26332 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26368 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26464 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26470 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26472 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26497 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26499 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26500 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26507 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26508 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26538 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26539 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26540 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26567 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26568 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26570 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26578 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26579 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26581 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26582 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26583 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26585 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26586 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26587 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26592 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26597 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26601 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26631 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26632 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26684 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26691 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26696 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26724 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26730 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26734 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26736 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26737 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26785 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26786 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26974 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\26976 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\27048 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\27165 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\27166 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\27167 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\27249 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\27254 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\27259 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\27334 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\27489 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\27609 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\27616 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\27618 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\27674 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\27707 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\27714 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\27715 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\27730 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\27855 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\27894 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\27898 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\27900 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\27901 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\27902 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\27903 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\27904 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28018 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28035 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28048 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28051 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28082 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28087 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28125 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28248 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28249 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28251 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28259 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28268 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28278 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28359 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28495 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28600 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28605 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28656 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28682 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28683 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28700 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28722 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28965 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\28988 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29018 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29025 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29027 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29029 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29031 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29033 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29034 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29035 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29036 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29038 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29039 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29040 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29047 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29346 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29383 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29408 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29421 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29461 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29553 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29582 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29630 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29666 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29740 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29741 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29767 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29777 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29798 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29799 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29808 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29809 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29873 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\29878 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30005 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30068 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30089 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30103 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30123 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30128 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30160 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30170 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30199 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30227 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30260 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30270 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30298 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30299 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30301 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30367 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30421 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30423 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30428 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30455 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30484 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30494 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30507 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30522 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30647 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30650 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30652 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30654 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30656 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30657 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30662 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30666 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30667 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30668 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30669 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30671 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30672 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30717 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30815 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30818 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30829 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30840 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30864 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30866 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30912 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\30995 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31080 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31103 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31104 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31179 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31220 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31291 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31294 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31302 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31307 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31309 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31369 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31370 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31423 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31475 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31489 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31506 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31517 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31519 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31538 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31542 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31616 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31638 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31640 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31663 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31682 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31694 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31696 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31709 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31710 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31719 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31739 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31849 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31853 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31855 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31862 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31863 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31923 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31929 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31944 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31959 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31976 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\31980 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32025 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32027 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32067 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32071 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32141 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32175 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32232 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32241 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32244 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32266 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32285 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32296 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32309 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32313 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32401 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32432 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32508 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32509 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32515 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32517 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32518 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32535 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32553 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32560 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32564 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32565 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32571 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32572 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32573 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32574 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32621 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32647 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32665 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32678 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32689 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32709 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32730 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32742 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32761 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32765 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32766 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32767 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32770 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32775 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32778 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32781 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32783 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32824 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32836 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32865 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32912 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32918 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32922 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32935 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32949 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\32956 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\33005 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\33105 -> Adware.Gator : Cleaned with backup (quarantined).

 

HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\33140 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\33141 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\33142 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\33232 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\33251 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\33391 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\33420 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\33452 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\33493 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\33509 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\8913 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Banners\8921 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1048 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1063 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1063\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1063\ADS\2426 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1074 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1090 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1095 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1095\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1095\ADS\2681 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1117 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1131 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1134 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1136 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1145 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1151 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1151\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1151\ADS\3081 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1161 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1172 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1173 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1173\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1173\ADS\3191 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1191 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1197 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1197\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1197\ADS\3356 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\120 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1204 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1206 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\120\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\120\ADS\3821 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\121 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1219 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1244 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1251 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1254 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1344 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1344\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1344\ADS\6576 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1378 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1378\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1378\ADS\6746 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1381 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1382 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1388 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1400 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1433 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1435 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1456 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1464 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1469 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\149 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1534 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1542 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1542\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1542\ADS\7556 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1573 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1595 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1601 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1602 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1616 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1616\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1616\ADS\7926 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1630 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1645 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1646 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1647 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1648 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1649 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1655 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1661 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\167 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\167\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\167\ADS\1366 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1682 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1706 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1742 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1754 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1756 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1756\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1756\ADS\8626 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\177 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1778 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\177\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\177\ADS\1801 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1826 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1833 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1840 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1847 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1848 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1848\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1848\ADS\9086 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1852 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1897 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1913 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1915 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1915\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1915\ADS\9421 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1923 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1930 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1932 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1933 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1933\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1933\ADS\9511 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1936 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1936\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1936\ADS\9526 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\194 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1943 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1943\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1943\ADS\9561 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1948 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\194\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\194\ADS\4061 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1950 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1966 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1985 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\1\ADS\511 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\20 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2014 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\202 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2021 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2022 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2028 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2038 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2040 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2060 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2064 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2075 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2089 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2089\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2089\ADS\10291 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\20\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\20\ADS\196 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2106 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2107 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2131 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2142 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2170 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2190 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2190\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2190\ADS\10726 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2191 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2207 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\221 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2241 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\226 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\2316 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\25 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\257 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\281 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\282 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\282\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\282\ADS\2401 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\329 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\338 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\343 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\348 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\349 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\364 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\364\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\364\ADS\4671 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\392 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\42 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\429 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\430 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\440 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\440\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\440\ADS\4946 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\446 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\48 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\493 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\493\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\493\ADS\1541 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\522 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\540 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\549 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\551 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\552 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\563 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\574 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\574\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\574\ADS\96 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\613 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\613\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\613\ADS\2301 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\619 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\621 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\627 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\629 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\698 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\699 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\716 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\750 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\757 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\763 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\763\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\763\ADS\726 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\767 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\773 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\779 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\785 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\789 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\789\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\789\ADS\166 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\799 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\799\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\799\ADS\276 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\81 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\812 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\822 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\83 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\833 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\83\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\83\ADS\2306 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\852 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\870 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\888 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\889 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\912 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\917 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\918 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\919 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\921 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\927 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\933 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\933\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\933\ADS\1571 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\934 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\949 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\949\ADS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\949\ADS\1671 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\976 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\977 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\980 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GA\984 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Q+A6HBFQAAANXvmlJsFdvYr5bqMMpdhmXSHSlQIBpYcg== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Q+IgwiCwAAAFRc1RgJhUmsl9q95W4e9wE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Q0aXxeDwAAAEfVupCduUN4eJVFM3U-qW8=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Q2A-lcGQAAACAskWSXzHTM9mzTI+U7erPA4pEQQMLtASGdP+TaHF2h -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Q3mHAYCwAAAM-JqrbW3hzMfsN9Dg9OI+s=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Q4kWuWDQAAAINWH7s-Xl53sXvuB72oVW4=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Q6HcUYDQAAAJjI8p3jKiAZap+M3N59PRE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Q80AV3FQAAAGTBK70YMxOOg+oLfrGbbBTEGiR43t-X-Q== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Q88lBZEQAAAJ3i5MTQe+kUCDbP-88kBqkhnT-k2hxdoQ== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Q8YYmBDwAAABl5grP6CYb767PXsB-nG5M=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Q8Z16mDwAAAEMWkYg1b-KiihZzX5Fz-3U=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Q8sjGDCwAAADMtlKuMhnifl9q95W4e9wE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QFNe4kEAAAAJstWz9tSDl41+3VW71FEYM=== -> Adware.Gator : Cleaned with backup (quarantined).

 

HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QFRWWdEQAAAO3G3SBTKVyf4LlA5ZyeOm4hnT-k2hxdoQ== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QGlw6eDQAAAPsWzvDBcTOsZU-Qb-mBzW4=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QGxDYuCQAAAMxneEFzZCIvIZ0-5NocXaE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QJ8VgtDQAAAIKhohcakQGhqTRgmQ-zUNU=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QKuwEzDQAAAHzffacHtn586+d4UhhrlY8=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QMiyURCAAAAIDfo2uD5544 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QNSWCADgAAADRKqbsZPioUA1WY5EaJdAc=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QNgarwEAAAAAQYRCKhWR7xjW-p8kwmLvs=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QPyehGGQAAAHM+d2kJBAzi4GZc3jvEBrm3tAEvK+rVqCGdP+TaHF2h -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QQGKXfCQAAAIVlZ+lBsa0gIZ0-5NocXaE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QQjg8VDAAAAKTPvP7kdZNMYuLrinoGoVw=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QRiBtpDwAAAPmQZTxw1AwBkdOcl8RPo7o=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QUcwxiDwAAACWPEwesTElsqGsjmqDCb58=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QUdR8uEAAAALxGU2dq4roedzV0xjIPJhU=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QXV-YKEwAAAMkS1Y9fAJJ5ULMcMo9PKEKX2r3lbh73AQ== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QZPOy-DgAAAHVTZNkGZNzUpC-WOPNdLRs=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Qc35XBCgAAAHF5l6bZWJcPM879tp2bJJU=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QcawDiGAAAAAyqTsjBRRdm1DoY617OCZFD6SaVVP09sQ== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QeRlDiDwAAANSS25JEUYlhm9qR1zu-3Ck=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QfJZXkEQAAAGUEMfPryDiJIYJjHLfPXJQhnT-k2hxdoQ== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QggmrjCgAAAPXXYf+nGXDu-I8FsxCtGBE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Qi2jWjCAAAAFoOWiCJh4JC -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Qi6t9oEAAAANjwWE9rzlb4GG1LajS50kE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Qj6GivCwAAAOTaDQhQ-D3ll9q95W4e9wE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QkoxPHEgAAAMm5+v1RWTTZ-3LG67D70nP8jwWzEK0YEQ== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Qm3Q8OEgAAAIC99RQRRbB6wT1MqqDxWNf8jwWzEK0YEQ== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QndbJvFQAAAIPNPracVurK7KbjxO-pnT7UlDrRCJcnIw== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QnglCtCAAAAM7-fn2louSL -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0QoOvJeBgAAAAaWnWVwwcjn -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Qojc89FAAAAEfVupCduUN4qJQg7GCSK65AiXrho0tG5g== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0R0eyobDwAAAAdoxnPACF+hT9MTf-XJhsM=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0R1NdiTCQAAAAg5Eb1MkVgwGL8F0EDpuDI=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0R4-7AAEAAAAHk5nbMsBjiNS-Mkyo8Lrgk=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0R4PIY1DgAAAP4O5FZyOks56qgpaMGXjco=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0R4ma4EEQAAAAaLHW0jwNSH96QrlxAA2V0hnT-k2hxdoQ== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0R4uNZLDAAAAH2JdEP7BJ7AQIl64aNLRuY=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0R5voWMEwAAAOB4+yxD1FK2-u2ASyzwcXCX2r3lbh73AQ== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0R78AsVDAAAANjwWE9rzlb4QIl64aNLRuY=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0R80NVmCQAAAHI56GyTrejvIZ0-5NocXaE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0R93kSbCAAAAO7x6PmtwIlc -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0R9gnyrCgAAABlWKNV9Sq+z-I8FsxCtGBE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RBOR7GFAAAAPDwk5J8EzZUqJQg7GCSK65AiXrho0tG5g== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RD8gZgCAAAAPP3rrU7Y+iq -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RDQxdyDQAAAFTI-GnAN6kUZU-Qb-mBzW4=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RDp5DGDAAAABdWlLuzQjYpQIl64aNLRuY=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0REsIjlDgAAAPhpE4bdjBxRJNYAKDkNPG8=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RHYCjMCwAAADBt4lsf6yDyl9q95W4e9wE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RIOlu7DwAAAKvHZZXF-9kHTHxM9MH3t9Q=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RJ+svDDQAAAGFHYRnwg4r60h0pUCAaWHI=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RJ9cL1DAAAAOx3GYIZcSouQIl64aNLRuY=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RJvh4JCQAAAPIw8H-L39T2IZ0-5NocXaE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RKHqpmDwAAAFHgsJW1f5-xlEIIqcSjAWc=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RL0V--DAAAAK9wpRRnP1-OQIl64aNLRuY=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RLSktKCgAAAGcSkqkguqvF-I8FsxCtGBE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RMF8XHDQAAAGVYVjPowM7x0h0pUCAaWHI=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RNUJwaEAAAAJEDjlwIcBXSTbo6nacdwlU=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0ROCEGzDgAAAJ5sR7ZTDwVAE0zqjvntMxU=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RPTfEeBgAAAEj03LiJ5E4v -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RQ2JSYDQAAADMPDUd8si4uxBokeN7f1-0=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RR91DTDgAAAFZwaiTb8uEoMv1exA7x9do=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RRSUU+EAAAAMIa5y61iLMczT9tIsff7fo=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RSCd55CQAAAMAcnU13j6ORIZ0-5NocXaE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RUNj5zFQAAAJbnZ4Cge24r9O9sPJvKegXEGiR43t-X-Q== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RUuIk6DAAAAOaSa+PGNplrQIl64aNLRuY=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RZ+OExDgAAAJpABA8Plh-aoZwvRD3xaIo=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RZBq8lCQAAAJT7305rn-TrIZ0-5NocXaE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RZfhR2DQAAANR+1b6HyvfH4IBxGv3YqHA=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RaJsT6EQAAAJUmQLrmtWfx7WHbVaRKK+YhnT-k2hxdoQ== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RardKWDAAAAP+QaiEkHS8Lie2vCrDKZac=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Rf57IRBgAAAE07BuRz-Ddt -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Rg7-KCCQAAAI-8h-nuIxiTIZ0-5NocXaE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RgAv8CFQAAAOC51Pedcp4jPBzEPOhmDU4L+2zZ7PEvOg== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Rhp7woCQAAAD5kd62EbaVfIZ0-5NocXaE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RiT2N2DAAAAJmZBzWMjcWjQIl64aNLRuY=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RnK1wdCAAAAIsHR10D-0fJ -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RnhFJfCwAAALmVl9yT8-yyl9q95W4e9wE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Ro47vrEAAAAByYP-pxH-NmgxeQB4iEl7I=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RoKthhFgAAAPsWzvDBcTOs3-bt-wB72S0G33idpLw6pQ== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RpZSQuCgAAAIg68tus3u9oM879tp2bJJU=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RpccWgCgAAAPJvJHLbLIXYM879tp2bJJU=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Rr5GyXCwAAAGCrg6PL-VaJl9q95W4e9wE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RrLzfXCAAAAP6RvG72fF-e -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0RrR1qQDAAAAGzjjC3CMDtYQIl64aNLRuY=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Rt51bCDQAAAOwT7K-IkPck6+d4UhhrlY8=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Rtb3ZaDAAAAC+9kURj3swwQIl64aNLRuY=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0S+-1HzFwAAADTxkUwQdCyjQVwE7lPTHN78regFtzzTxA== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0S17iTqCgAAACogNQrJLReJ-I8FsxCtGBE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0S1JshPCwAAALeTRZkn8Wgfdsi1RuugYqc=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0S25TBGDwAAAKt4nWYSu5JGdutvAO2jYpU=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0S4dt+vDwAAAEE7wnlfGh5Iw6+8NP2ajZo=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0S8vtGwDQAAANtJI8FICAikpGrf7oCqV0k=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SAHS3iDQAAABAXFcDtkBYD2kRep6tbcxI=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SDV7XbCwAAAN6jCvtHjKdPl9q95W4e9wE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SEhQz6EAAAAKSaN+pArwqOLUQxbZTKWMA=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SFbk6eCwAAABq8gLXpjJgnl9q95W4e9wE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SH0U60DgAAALj3mmi6+8MIjnIQaMAW1Ko=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SHekJ-DQAAAEMCS+thQ9r5a6zPej44r78=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SJZrWtCwAAAGj1I+9ydttml9q95W4e9wE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SLBwNiDQAAAGwYy3liVJpzd5Jnwb+R-AE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SLyiIEDgAAAAoy2NQXf7lH2JNVo3w5lEM=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SNE9MkEQAAAMPKeqNLQ3aKvsKZyxhUS3ghnT-k2hxdoQ== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SP-9o2DAAAAIo2zD17ORc8QIl64aNLRuY=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SPDvuWCgAAAK9PuX8yX7qa-I8FsxCtGBE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SPNXlfDwAAAHAPRtDLLPnz67PXsB-nG5M=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SQ6fLgCgAAAI74+L0vKiUz2um5wNv+JpM=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SQBP36CgAAABnoPIHSR44V-I8FsxCtGBE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SRmvpPEQAAAPRpQP2C4ZMOSVdY37vqwhshnT-k2hxdoQ== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SSRQhDDAAAAAXZsB1MvaOvQIl64aNLRuY=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SSuaOBEgAAACL4Cob-qlKu4LXl4H++hEz8jwWzEK0YEQ== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SUD35HEwAAAE2FYlPY2J44c01A3INXmomX2r3lbh73AQ== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SUR+0LCwAAAPv6-w3KqnQml9q95W4e9wE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SUapu0EgAAAArUm-76nc+2w8htbDDiUjj8jwWzEK0YEQ== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SVTbagEQAAADlS29ro5g6uY4Vj9iRfASM9SDYui-Q2GQ== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SXQd-lDAAAACA6wHAJOMG2QIl64aNLRuY=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SY-mxJDwAAAEEcWMiVShwNw6+8NP2ajZo=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SboBl4DQAAAG0hurUXH7XaC-ts2ezxLzo=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0ScXNXuCgAAAEbXfkGH+zQN3bLqHLsc+YA=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Scs02BDgAAAFB33fSl8+jMCrCSTY8Boxs=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SdmDg5CAAAAPENU5kL06On -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Sf1Hr7CwAAAFYa-Stab+bVl9q95W4e9wE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SfPMjwCQAAAEIqQh1NWRzgIZ0-5NocXaE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SgDPHCEAAAAM10cmkQuHqQY71D+cmTN3A=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Sjxg7+DwAAABKhCSSrgJ2cOXvgae+Es6A=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Snvz9YDgAAAPoBjBvDQUorjUS4Pxmvqhk=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SvAzN8CAAAAHd90B7CeTeI -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Sw2YupCAAAAJiwG5igveyi -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0SwzwdRDAAAAFEJrLkK9NwtQIl64aNLRuY=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0T+UCmpDAAAAA1m2bC8YNo3QIl64aNLRuY=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0T-6jOMCwAAAJRTjB27knQcl9q95W4e9wE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0T1zx51CQAAAIiTp9-14PVfgyfG9EBpVVk=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0T29wCTBwAAAJyr+xCxlrxK -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0T2TOa6GAAAALLQfYhb9NiupwwO2F4MVyHI-vUuPbdcNw== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0T3oLULDwAAAAqKxQLLx036Xih-u1-Gp-0=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0T4DBWHDgAAAIW86HhH4SbPmyS0BDCJ7HA=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0T6BUkyFAAAAOZIdsGO9kG97cbdIFMpXJ9AiXrho0tG5g== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0T6SPvnCwAAAJe3gSvglh2Ql9q95W4e9wE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0T6rIpWCQAAALX3-XLT1Kb4IZ0-5NocXaE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0T8V2SMDAAAADAKHza8P2z6QIl64aNLRuY=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TASJbQBgAAALeq-toBgnpj -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TCQK3TDQAAAOJXrDJ8fXMUSAEBrFGys5M=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TCTB1VDQAAAJgPN5kSLMytZU-Qb-mBzW4=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TIIzl-EQAAAKAfD2PcnM07C3f5ImusqXwhnT-k2hxdoQ== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TIKlwPEQAAABPnstSQtWSxN4hhmfxsLI4hnT-k2hxdoQ== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TIUsbADQAAAMQLZbAIHk3YSHJyzgVXuoY=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TLIyviDwAAAAuvqzzjoFxyQq5HSVcCJg0=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TLWdBhFQAAAM6GCy6tWyAcJOWv41Kp13+Quvsm3rRtwA== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TMIB8oEAAAAEBPXPRvP8vne+iT3W3TQcA=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TMcJAnEQAAACw-VY62pGzkW+ndyIj8O74hnT-k2hxdoQ== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TMjVE2DQAAANrtW9cBmh6F-jR2rw2Qxw0=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TNBhMSCQAAAGU2K3ifU7P2IZ0-5NocXaE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TNFMYPDgAAAHxD5BR7ujOv5ddEq+IcyU0=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TPAX9zEAAAAFgd3H1GGYs5HTFYD+BWLno=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TQ+6FdCQAAABMjmCfF4Q4LIZ0-5NocXaE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TSttjLEAAAAH4Nfekic04mypFcUvsV4c0=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TTBBflFQAAAJCy9d0XEF+AI5Xjz1ds32P1EBFN1qx2Ag== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TUGKBsEAAAAIdWSehDTwntFQZS0MM755s=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TV7jiHEAAAAFHegwhbIyrtzelZXuOaH10=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TVSHcOEgAAAENYiNGuDTM2-i0hSnanZ4P8jwWzEK0YEQ== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TXCJJqCAAAAN1s6RqWQDHe -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TXVJwbDQAAAIx97hUE05Fed5Jnwb+R-AE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TXwBwBDAAAABVvqCPkrZHpQIl64aNLRuY=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TaLLLCDwAAAD1w+vJN-otvbM5C1zaaAHo=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Tafo3+DAAAAFLVaKz3RHYiQIl64aNLRuY=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Tcqfg6DQAAAH5lC5XOpUQWxBokeN7f1-0=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Tcr4uVDwAAABwNhiyruyD5w6+8NP2ajZo=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TdaECbCgAAAAVptRqZh+8z-I8FsxCtGBE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TgFHhZEQAAAMhIJaq63YxSFLk8jF3vnAQhnT-k2hxdoQ== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TgPCktDQAAAJMbxZoxw3xR0h0pUCAaWHI=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TgexXwCwAAAMiSlOFJhXj1C-nsdmZjkz0=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Tgfzn6CAAAAJ7wemcLHmWS -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TggsOYDgAAAO7+t5EnO9lymyS0BDCJ7HA=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Th4MbJEAAAAH0MOvaeWV+15S4Nlr0OIlI=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TiZJr5EAAAAEEj+OTQsjvGFDSUaixZLU0=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Tij+8mEAAAAIKYCE5Akimd00KOOU6Msag=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Tk+aFqCwAAAM10cmkQuHqQjLQs7A35Rx4=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TnYQQ9DAAAADFn03E9spY8QIl64aNLRuY=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0ToC1roEAAAABHUXWjOETPlFZxubRLN5AM=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Tpj-bJCgAAAOZzIEZzgQPp-I8FsxCtGBE=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Tr0xaeDgAAANjbCv6W0P-TmyS0BDCJ7HA=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Tr24BeEAAAAEereKsW--DpgpmLWy7PA6o=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TrzISuDwAAANyOgyi2i6p101iYXwTCqNM=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TsIvqnDQAAAH0UZdOeyBdX8jK1UGXqByg=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Tsg9MpDAAAAF8Z4q8VYKI3QIl64aNLRuY=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Tt0hozDgAAAEArPNFmknMLoK51vveLauc=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TtEilOCAAAAG7RjTsW9uK2 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TtFr9HDgAAAHxssZcnSIS-CrCSTY8Boxs=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Tw9-PGEQAAAJlEEhdMbk-Tm1YxbBKHhEghnT-k2hxdoQ== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Tx67nvCwAAABOm7UqwlfbQAg6IwbB+KWU=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0TxUey1DQAAAAoqejfQCcs5xBokeN7f1-0=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\GD\Q0Tzb+QgDQAAAF6MKkrJMMre0h0pUCAaWHI=== -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Groups -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Groups\1180 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Groups\1181 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Groups\1182 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Groups\1192 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Groups\1201 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Groups\1202 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Groups\1209 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Groups\1269 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Groups\1313 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Groups\1314 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Groups\1315 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Groups\1344 -> Adware.Gator : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Gator.com\Gator\stat\GMT\Groups\1347 -> Adware.Gator : Cleaned with backup (quarantined).