Virus List: CWS Adware

Virus description: CWS
Category:Adware,BHO,Backdoor,Hijacker,Downloader
Another names:


[Kaspersky]Backdoor.Sinit.c,Trojan.VBS.StartPage.e,Trojan.Win32.Delf.ch,Trojan.Win32.Fasny,Trojan.Win32.Finitow,Trojan.Win32.Ideach.d,Trojan.Win32.Krepper.f,Trojan.Win32.Krepper.j,Trojan.Win32.Madise.a,Trojan.Win32.StartPage.ar,Trojan.Win32.StartPage.au,Trojan.Win32.StartPage.bk,Trojan.Win32.StartPage.bn,Trojan.Win32.StartPage.df,Trojan.Win32.StartPage.t,Trojan.Win32.StartPage.y,Trojan.Win32.Trilon.a,TrojanClicker.Win32.Quicken,TrojanDownloader.Win32.Esepor.e,TrojanDownloader.Win32.IstBar.ai,TrojanDownloader.Win32.IstBar.as,TrojanDownloader.Win32.IstBar.cp,TrojanDownloader.Win32.Tooncom.a,TrojanDownloader.Win32.Tooncom.l,TrojanDownloader.Win32.Turown.h,TrojanDropper.Win32.Small.dk,TrojanDropper.Win32.Small.dr;
[Eset]VBS/StartPage.U.gen trojan,Win32/StartPage.DF trojan,Win32/Trilon.C trojan;
[Panda]Adware/DNSErr,Adware/IEDriver,Adware/PurityScan,Adware/SearchAid,Adware/ShowSearch,Adware/Twocc,Spyware/ISTbar,Trj/Bookmark.B,Trj/Bookmark.C,Trj/Conspy.E,Trj/Downloader.BT,Trj/Downloader.FG,Trj/StartPage.AI,Trj/StartPage.AT,Trj/StartPage.CS,Trj/StartPage.E,Trj/StartPage.EF,Trj/StartPage.F,Trj/StartPage.gen,Trj/StartPage.O,Trj/StartPage.R,Trojan Horse;
[Computer Associates]JS.CSSPopup.B,JS.CSSPopup.D,JScript/CSSPopup.B!Trojan,VBS.Startpage.AP,VBS/Startpage!Trojan,Win32.DlSmall.K,Win32.Startpage.AL!downloader,Win32.Startpage.AO,Win32.Startpage.BZ,Win32.Startpage.D,Win32.Startpage.EP,Win32.Startpage.O,Win32.Startpage.P,Win32.Startpage.Y,Win32.Winshow.G,Win32/Conspy!Trojan,Win32/DlSmall.K!Trojan,Win32/FakeSvc.C!Trojan,Win32/Hostidel.A!Trojan,Win32/Madise.BrowserHelper!Troja,Win32/Nosearch.A!Trojan,Win32/StartPage.CtrlPan!Trojan,Win32/StartPage.IDG!Trojan,Win32/StartPage.Mtwirl!Trojan,Win32/Startpage.O!Trojan,Win32/StartPage.P!Trojan,Win32/StartPage.Rfind!Trojan,Win32/StartPage.t!Trojan,Win32/StartPage.WebCool!Trojan,Win32/Startpage.Y!Trojan,Win32/Winshow!Downloader,Win32/Winshow.G!Trojan

CWS Detection :

Files:
[%COMMON_FAVORITES%]\Download Free Spyware Remover.url
[%COMMON_FAVORITES%]\NEW VIAGRA at Half Price!.url
[%COMMON_FAVORITES%]\Online Chat With Nude Girls.url
[%COMMON_FAVORITES%]\Order CIALIS online without leaving home..url
[%COMMON_FAVORITES%]\PC protection in under 2 minutes!.url
[%COMMON_FAVORITES%]\SEX Dating - Real Girls For Real SEX.url
[%COMMON_FAVORITES%]\Stop PopUps On Your Computer.url
[%COMMON_FAVORITES%]\VIAGRA at incredible low price. Bonus Pills!.url
[%COMMON_FAVORITES%]\View ADULT photos of REAL GIRLS!.url
[%FAVORITES%]\Download Free Spyware Remover.url
[%FAVORITES%]\NEW VIAGRA at Half Price!.url
[%FAVORITES%]\Online Chat With Nude Girls.url
[%FAVORITES%]\Online Pharmacy\CHEAPEST VIAGRA ONLINE.url
[%FAVORITES%]\Online Pharmacy\Cialis at HALF PRICE!.url
[%FAVORITES%]\Online Pharmacy\Fast Way To Loose Your Weight!.url
[%FAVORITES%]\Online Pharmacy\Guaranteed low price at Pills..url
[%FAVORITES%]\Online Pharmacy\SOMA at Special LOW PRICE.url
[%FAVORITES%]\Online Pharmacy\Tramadol Special Offer!.url
[%FAVORITES%]\Online Pharmacy\Try New VIAGRA! Works Faster and Longer!.url
[%FAVORITES%]\Order CIALIS online without leaving home..url
[%FAVORITES%]\PC protection in under 2 minutes!.url
[%FAVORITES%]\Sex and Dating\Meet Girls Who Want To Get Laid!.url
[%FAVORITES%]\Sex and Dating\Meet Horny Girls In Your Area!.url
[%FAVORITES%]\Sex and Dating\Read profiles and Chat With Nude Girls!.url
[%FAVORITES%]\Sex and Dating\SEX Dating - people looking for SEX.url
[%FAVORITES%]\Sex and Dating\View XXX photos of Real Sexy Girls..url
[%FAVORITES%]\SEX Dating - Real Girls For Real SEX.url
[%FAVORITES%]\Spyware Uninstall\Easy Detect and Uninstall Spyware..url
[%FAVORITES%]\Spyware Uninstall\Free Spyware Scanner..url
[%FAVORITES%]\Spyware Uninstall\Search & Destroy Annoying Adware..url
[%FAVORITES%]\Spyware Uninstall\Stop PopUps on your PC..url
[%FAVORITES%]\Stop PopUps On Your Computer.url
[%FAVORITES%]\VIAGRA at incredible low price. Bonus Pills!.url
[%FAVORITES%]\View ADULT photos of REAL GIRLS!.url
[%SYSTEM%]\cidft.dll
[%SYSTEM%]\cidpoq32.dll
[%SYSTEM%]\gln.dll
[%SYSTEM%]\gupd.dll
[%SYSTEM%]\icqrt.dll
[%SYSTEM%]\icvbr.dll
[%SYSTEM%]\mtwcnl32.dll
[%SYSTEM%]\sdfup.dll
[%SYSTEM%]\search.hta
[%SYSTEM%]\toolband.dll
[%SYSTEM%]\wecxg32.dll
[%SYSTEM%]\xcwer32.dll
[%SYSTEM%]\zxmsn.dll
[%WINDOWS%]\olehelp.exe
[%APPDATA%]\vtoufrezpr.dll
[%DESKTOP%]\digital detective\tempfiles\iehost.exe
[%PROFILE%]\desktop\hijackthis\backup-20040406-234439-493.dll
[%PROFILE%]\desktop\hijackthis\backup-20040409-002521-543.dll
[%PROFILE%]\desktop\hijackthis\backup-20040409-002521-581.dll
[%PROFILE%]\desktop\hijackthis\backup-20040409-002521-814.dll
[%PROFILE%]\desktop\hijackthis\backup-20040410-201416-150.dll
[%PROFILE%]\desktop\hijackthis\backup-20040411-194857-127.dll
[%PROFILE%]\desktop\hijackthis\backup-20040411-220816-602.dll
[%PROFILE%]\desktop\hijackthis\backup-20040412-154855-548.dll
[%PROFILE%]\desktop\hijackthis\backup-20040412-170335-416.dll
[%PROFILE%]\desktop\hijackthis\backup-20040415-200002-465.dll
[%PROFILE%]\desktop\hijackthis\backup-20040415-201903-397.dll
[%SYSTEM%]\1.00.07.dll
[%SYSTEM%]\bpln.dll
[%SYSTEM%]\coolwebsearch-info.dll
[%SYSTEM%]\crxa.exe
[%SYSTEM%]\delj.dll
[%SYSTEM%]\dnse.dll
[%SYSTEM%]\dnserr.dll
[%SYSTEM%]\dreplace.dll
[%SYSTEM%]\dxm8vb.dll
[%SYSTEM%]\excel10.dll
[%SYSTEM%]\famcff.dll
[%SYSTEM%]\gegnba.dll
[%SYSTEM%]\gejafa.dll
[%SYSTEM%]\googlems.dll
[%SYSTEM%]\hlmk.dll
[%SYSTEM%]\hst32.dll
[%SYSTEM%]\iefeatsl.dll
[%SYSTEM%]\iehost.exe
[%SYSTEM%]\iehost34.exe
[%SYSTEM%]\ietoolbar.dll
[%SYSTEM%]\jehmbyxrubdb.dll
[%SYSTEM%]\kha.dll
[%SYSTEM%]\kncjmlb.dll
[%SYSTEM%]\mid.dll
[%SYSTEM%]\mshelper.dll
[%SYSTEM%]\msiesh.dll
[%SYSTEM%]\mssearch.dll
[%SYSTEM%]\navext.dll
[%SYSTEM%]\oifhhio.dll
[%SYSTEM%]\oipa.dll
[%SYSTEM%]\opc.dll
[%SYSTEM%]\pnkeb.dll
[%SYSTEM%]\searchaddon.dll
[%SYSTEM%]\sqlbgb.dll
[%SYSTEM%]\submithook.dll
[%SYSTEM%]\sys_ext.dll
[%SYSTEM%]\wcadw.dll
[%SYSTEM%]\wcnl32.dll
[%SYSTEM%]\webinfo.dll
[%SYSTEM%]\wer1306.dll
[%SYSTEM%]\winlink.dll
[%SYSTEM%]\winres.dll
[%SYSTEM%]\wirl.dll
[%SYSTEM%]\word10.dll
[%WINDOWS%]\dpe.dll
[%WINDOWS%]\kk8pwxm634.exe
[%WINDOWS%]\navext.dll
[%WINDOWS%]\sys.reg
[%WINDOWS%]\system\1.00.07.dll
[%WINDOWS%]\system\autosearch.dll
[%WINDOWS%]\system\coolwebsearch-info.dll
[%WINDOWS%]\system\dnse.dll
[%WINDOWS%]\system\dnserr.dll
[%WINDOWS%]\system\dreplace.dll
[%WINDOWS%]\system\excel10.dll
[%WINDOWS%]\system\googlems.dll
[%WINDOWS%]\system\iefeatsl.dll
[%WINDOWS%]\system\ietoolbar.dll
[%WINDOWS%]\system\mgs_32.dll
[%WINDOWS%]\system\mshelper.dll
[%WINDOWS%]\system\msiesh.dll
[%WINDOWS%]\system\mssearch.dll
[%WINDOWS%]\system\navext.dll
[%WINDOWS%]\system\searchaddon.dll
[%WINDOWS%]\system\services.exe
[%WINDOWS%]\system\submithook.dll
[%WINDOWS%]\system\sys_ext.dll
[%WINDOWS%]\system\toolband.dll
[%WINDOWS%]\system\wcadw.dll
[%WINDOWS%]\system\webinfo.dll
[%WINDOWS%]\system\wer1306.dll
[%WINDOWS%]\system\winlink.dll
[%WINDOWS%]\system\winres.dll
[%WINDOWS%]\system\winspool.exe
[%WINDOWS%]\system\word10.dll
[%WINDOWS%]\web\tips.ini
[%COMMON_FAVORITES%]\Download Free Spyware Remover.url
[%COMMON_FAVORITES%]\NEW VIAGRA at Half Price!.url
[%COMMON_FAVORITES%]\Online Chat With Nude Girls.url
[%COMMON_FAVORITES%]\Order CIALIS online without leaving home..url
[%COMMON_FAVORITES%]\PC protection in under 2 minutes!.url
[%COMMON_FAVORITES%]\SEX Dating - Real Girls For Real SEX.url
[%COMMON_FAVORITES%]\Stop PopUps On Your Computer.url
[%COMMON_FAVORITES%]\VIAGRA at incredible low price. Bonus Pills!.url
[%COMMON_FAVORITES%]\View ADULT photos of REAL GIRLS!.url
[%FAVORITES%]\Download Free Spyware Remover.url
[%FAVORITES%]\NEW VIAGRA at Half Price!.url
[%FAVORITES%]\Online Chat With Nude Girls.url
[%FAVORITES%]\Online Pharmacy\CHEAPEST VIAGRA ONLINE.url
[%FAVORITES%]\Online Pharmacy\Cialis at HALF PRICE!.url
[%FAVORITES%]\Online Pharmacy\Fast Way To Loose Your Weight!.url
[%FAVORITES%]\Online Pharmacy\Guaranteed low price at Pills..url
[%FAVORITES%]\Online Pharmacy\SOMA at Special LOW PRICE.url
[%FAVORITES%]\Online Pharmacy\Tramadol Special Offer!.url
[%FAVORITES%]\Online Pharmacy\Try New VIAGRA! Works Faster and Longer!.url
[%FAVORITES%]\Order CIALIS online without leaving home..url
[%FAVORITES%]\PC protection in under 2 minutes!.url
[%FAVORITES%]\Sex and Dating\Meet Girls Who Want To Get Laid!.url
[%FAVORITES%]\Sex and Dating\Meet Horny Girls In Your Area!.url
[%FAVORITES%]\Sex and Dating\Read profiles and Chat With Nude Girls!.url
[%FAVORITES%]\Sex and Dating\SEX Dating - people looking for SEX.url
[%FAVORITES%]\Sex and Dating\View XXX photos of Real Sexy Girls..url
[%FAVORITES%]\SEX Dating - Real Girls For Real SEX.url
[%FAVORITES%]\Spyware Uninstall\Easy Detect and Uninstall Spyware..url
[%FAVORITES%]\Spyware Uninstall\Free Spyware Scanner..url
[%FAVORITES%]\Spyware Uninstall\Search & Destroy Annoying Adware..url
[%FAVORITES%]\Spyware Uninstall\Stop PopUps on your PC..url
[%FAVORITES%]\Stop PopUps On Your Computer.url
[%FAVORITES%]\VIAGRA at incredible low price. Bonus Pills!.url
[%FAVORITES%]\View ADULT photos of REAL GIRLS!.url
[%SYSTEM%]\cidft.dll
[%SYSTEM%]\cidpoq32.dll
[%SYSTEM%]\gln.dll
[%SYSTEM%]\gupd.dll
[%SYSTEM%]\icqrt.dll
[%SYSTEM%]\icvbr.dll
[%SYSTEM%]\mtwcnl32.dll
[%SYSTEM%]\sdfup.dll
[%SYSTEM%]\search.hta
[%SYSTEM%]\toolband.dll
[%SYSTEM%]\wecxg32.dll
[%SYSTEM%]\xcwer32.dll
[%SYSTEM%]\zxmsn.dll
[%WINDOWS%]\olehelp.exe
[%APPDATA%]\vtoufrezpr.dll
[%DESKTOP%]\digital detective\tempfiles\iehost.exe
[%PROFILE%]\desktop\hijackthis\backup-20040406-234439-493.dll
[%PROFILE%]\desktop\hijackthis\backup-20040409-002521-543.dll
[%PROFILE%]\desktop\hijackthis\backup-20040409-002521-581.dll
[%PROFILE%]\desktop\hijackthis\backup-20040409-002521-814.dll
[%PROFILE%]\desktop\hijackthis\backup-20040410-201416-150.dll
[%PROFILE%]\desktop\hijackthis\backup-20040411-194857-127.dll
[%PROFILE%]\desktop\hijackthis\backup-20040411-220816-602.dll
[%PROFILE%]\desktop\hijackthis\backup-20040412-154855-548.dll
[%PROFILE%]\desktop\hijackthis\backup-20040412-170335-416.dll
[%PROFILE%]\desktop\hijackthis\backup-20040415-200002-465.dll
[%PROFILE%]\desktop\hijackthis\backup-20040415-201903-397.dll
[%SYSTEM%]\1.00.07.dll
[%SYSTEM%]\bpln.dll
[%SYSTEM%]\coolwebsearch-info.dll
[%SYSTEM%]\crxa.exe
[%SYSTEM%]\delj.dll
[%SYSTEM%]\dnse.dll
[%SYSTEM%]\dnserr.dll
[%SYSTEM%]\dreplace.dll
[%SYSTEM%]\dxm8vb.dll
[%SYSTEM%]\excel10.dll
[%SYSTEM%]\famcff.dll
[%SYSTEM%]\gegnba.dll
[%SYSTEM%]\gejafa.dll
[%SYSTEM%]\googlems.dll
[%SYSTEM%]\hlmk.dll
[%SYSTEM%]\hst32.dll
[%SYSTEM%]\iefeatsl.dll
[%SYSTEM%]\iehost.exe
[%SYSTEM%]\iehost34.exe
[%SYSTEM%]\ietoolbar.dll
[%SYSTEM%]\jehmbyxrubdb.dll
[%SYSTEM%]\kha.dll
[%SYSTEM%]\kncjmlb.dll
[%SYSTEM%]\mid.dll
[%SYSTEM%]\mshelper.dll
[%SYSTEM%]\msiesh.dll
[%SYSTEM%]\mssearch.dll
[%SYSTEM%]\navext.dll
[%SYSTEM%]\oifhhio.dll
[%SYSTEM%]\oipa.dll
[%SYSTEM%]\opc.dll
[%SYSTEM%]\pnkeb.dll
[%SYSTEM%]\searchaddon.dll
[%SYSTEM%]\sqlbgb.dll
[%SYSTEM%]\submithook.dll
[%SYSTEM%]\sys_ext.dll
[%SYSTEM%]\wcadw.dll
[%SYSTEM%]\wcnl32.dll
[%SYSTEM%]\webinfo.dll
[%SYSTEM%]\wer1306.dll
[%SYSTEM%]\winlink.dll
[%SYSTEM%]\winres.dll
[%SYSTEM%]\wirl.dll
[%SYSTEM%]\word10.dll
[%WINDOWS%]\dpe.dll
[%WINDOWS%]\kk8pwxm634.exe
[%WINDOWS%]\navext.dll
[%WINDOWS%]\sys.reg
[%WINDOWS%]\system\1.00.07.dll
[%WINDOWS%]\system\autosearch.dll
[%WINDOWS%]\system\coolwebsearch-info.dll
[%WINDOWS%]\system\dnse.dll
[%WINDOWS%]\system\dnserr.dll
[%WINDOWS%]\system\dreplace.dll
[%WINDOWS%]\system\excel10.dll
[%WINDOWS%]\system\googlems.dll
[%WINDOWS%]\system\iefeatsl.dll
[%WINDOWS%]\system\ietoolbar.dll
[%WINDOWS%]\system\mgs_32.dll
[%WINDOWS%]\system\mshelper.dll
[%WINDOWS%]\system\msiesh.dll
[%WINDOWS%]\system\mssearch.dll
[%WINDOWS%]\system\navext.dll
[%WINDOWS%]\system\searchaddon.dll
[%WINDOWS%]\system\services.exe
[%WINDOWS%]\system\submithook.dll
[%WINDOWS%]\system\sys_ext.dll
[%WINDOWS%]\system\toolband.dll
[%WINDOWS%]\system\wcadw.dll
[%WINDOWS%]\system\webinfo.dll
[%WINDOWS%]\system\wer1306.dll
[%WINDOWS%]\system\winlink.dll
[%WINDOWS%]\system\winres.dll
[%WINDOWS%]\system\winspool.exe
[%WINDOWS%]\system\word10.dll
[%WINDOWS%]\web\tips.ini

Folders:
[%COMMON_FAVORITES%]\Online Pharmacy
[%COMMON_FAVORITES%]\Sex and Dating
[%COMMON_FAVORITES%]\Spyware Uninstall
[%FAVORITES%]\Online Pharmacy
[%FAVORITES%]\Sex and Dating
[%FAVORITES%]\Spyware Uninstall
[%APPDATA%]\wingf
[%WINDOWS%]\sysbj
[%WINDOWS%]\winfj

Registry Keys:
HKEY_CLASSES_ROOT\clsid\{08825590-1efe-f0cd-6e7d-483b9b36e236}
HKEY_CLASSES_ROOT\CLSID\{2e9caff6-30c7-4208-8807-e79d4ec6f806}
HKEY_CLASSES_ROOT\clsid\{6cc1c91a-ae8b-4373-a5b4-28ba1851e39a}
HKEY_LOCAL_MACHINE\software\classes\clsid\{2e9caff6-30c7-4208-8807-e79d4ec6f806}
HKEY_LOCAL_MACHINE\software\classes\clsid\{6cc1c91a-ae8b-4373-a5b4-28ba1851e39a}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00110011-4b0b-44d5-9718-90c88817369b}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{086ae192-23a6-48d6-96ec-715f53797e85}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{150fa160-130d-451f-b863-b655061432ba}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb1}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb2}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2d38a51a-23c9-48a1-a33c-48675aa2b494}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E9CAFF6-30C7-4208-8807-E79D4EC6F806}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A9A674BF-771F-42E5-A440-D20DDA85A862}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CF021F40-3E14-23A5-CBA2-717765721306}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7AFFF2A-1B57-49C7-BF6B-E5123394C970}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ff1bf4c7-4e08-4a28-a43f-9d60a9f7a880}
HKEY_CLASSES_ROOT\clsid\{00110011-4b0b-44d5-9718-90c88817369b}
HKEY_CLASSES_ROOT\clsid\{086ae192-23a6-48d6-96ec-715f53797e85}
HKEY_CLASSES_ROOT\clsid\{150fa160-130d-451f-b863-b655061432ba}
HKEY_CLASSES_ROOT\clsid\{15fed902-5051-4d02-9b7a-4fbfd09d28d1}
HKEY_CLASSES_ROOT\clsid\{1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb1}
HKEY_CLASSES_ROOT\clsid\{1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb2}
HKEY_CLASSES_ROOT\clsid\{2118e38e-d3f9-4036-ba5f-befa51170042}
HKEY_CLASSES_ROOT\clsid\{2a532036-9174-4b3c-b301-7805e925cf8a}
HKEY_CLASSES_ROOT\clsid\{2e9caff6-30c7-4208-8807-e79d4ec6f806}
HKEY_CLASSES_ROOT\clsid\{30192f8d-0958-44e6-b54d-331fd39ac959}
HKEY_CLASSES_ROOT\clsid\{3566f990-36c0-4797-b74a-b2c6da46fb32}
HKEY_CLASSES_ROOT\clsid\{3b749197-9826-43d0-b8f6-a72971443c61}
HKEY_CLASSES_ROOT\clsid\{44e93f27-f60b-4352-9a7d-ee4a10214f55}
HKEY_CLASSES_ROOT\clsid\{4b607c1d-43b2-4f6f-b76e-96eb3233bded}
HKEY_CLASSES_ROOT\clsid\{5321e378-ffad-4999-8c62-03ca8155f0b3}
HKEY_CLASSES_ROOT\clsid\{587dbf2d-9145-4c9e-92c2-1f953da73773}
HKEY_CLASSES_ROOT\clsid\{5d70127d-73f6-4f1c-92f3-4088e968c5d6}
HKEY_CLASSES_ROOT\clsid\{664a5b8b-508e-4dd1-89ab-502c91655d2b}
HKEY_CLASSES_ROOT\clsid\{749cc722-9118-4ba6-b987-3c466886dcdb}
HKEY_CLASSES_ROOT\clsid\{79369d5c-2903-4b7a-ade2-d5e0dee14d24}
HKEY_CLASSES_ROOT\clsid\{799a370d-5993-4887-9df7-0a4756a77d00}
HKEY_CLASSES_ROOT\clsid\{7b32f6dc-2751-4251-a011-7ce9e88e984c}
HKEY_CLASSES_ROOT\clsid\{8003a1f9-de91-4eb2-b97c-fe3a37db0cab}
HKEY_CLASSES_ROOT\clsid\{806418df-4a40-43dc-bc15-31439276c045}
HKEY_CLASSES_ROOT\clsid\{834261e1-dd97-4177-853b-c907e5d5bd6e}
HKEY_CLASSES_ROOT\clsid\{91982485-9a26-4ce7-91cf-73867a319aaa}
HKEY_CLASSES_ROOT\clsid\{966c1208-4456-4da1-9934-9a59bd39b7a4}
HKEY_CLASSES_ROOT\clsid\{a55581dc-2cdb-4089-8878-71a080b22342}
HKEY_CLASSES_ROOT\clsid\{a9a674bf-771f-42e5-a440-d20dda85a862}
HKEY_CLASSES_ROOT\clsid\{ace9c626-f133-47f8-8c1a-e32f17cb9ed3}
HKEY_CLASSES_ROOT\clsid\{b81197b4-4e57-4db6-ae1d-23e49355bb2d}
HKEY_CLASSES_ROOT\clsid\{b847676d-72ac-4393-bfff-43a1eb979352}
HKEY_CLASSES_ROOT\clsid\{bc97b254-b2b9-4d40-971d-78e0978f5f26}
HKEY_CLASSES_ROOT\clsid\{c9b0d3dc-dc2b-4a17-8e34-02cd4c1e573f}
HKEY_CLASSES_ROOT\clsid\{ccd82dfe-6ca4-4aac-a82b-8c57a8d9ff24}
HKEY_CLASSES_ROOT\clsid\{cf021f40-3e14-23a5-cba2-717765721306}
HKEY_CLASSES_ROOT\clsid\{d3c4dbc7-bcd0-4864-88d3-7b93c73b515a}
HKEY_CLASSES_ROOT\clsid\{e3eebbe8-9cab-4c76-b26a-747e25ebb4c6}
HKEY_CLASSES_ROOT\clsid\{e7afff2a-1b57-49c7-bf6b-e5123394c970}
HKEY_CLASSES_ROOT\clsid\{ff1bf4c7-4e08-4a28-a43f-9d60a9f7a880}
HKEY_CLASSES_ROOT\getpostlog.getpostlog
HKEY_CLASSES_ROOT\getpostlog.getpostlog.1
HKEY_CLASSES_ROOT\interface\{7142c3e1-1fe1-4a2a-b882-681dc7db0d30}
HKEY_CLASSES_ROOT\ml.iehlprobj
HKEY_CLASSES_ROOT\ml.iehlprobj.1
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{00110011-4b0b-44d5-9718-90c88817369b}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{086ae192-23a6-48d6-96ec-715f53797e85}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{150fa160-130d-451f-b863-b655061432ba}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb1}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb2}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{2e9caff6-30c7-4208-8807-e79d4ec6f806}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{30192f8d-0958-44e6-b54d-331fd39ac959}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{587dbf2d-9145-4c9e-92c2-1f953da73773}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{6cc1c91a-ae8b-4373-a5b4-28ba1851e39a}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{79369d5c-2903-4b7a-ade2-d5e0dee14d24}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{799a370d-5993-4887-9df7-0a4756a77d00}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{a55581dc-2cdb-4089-8878-71a080b22342}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{b847676d-72ac-4393-bfff-43a1eb979352}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{cf021f40-3e14-23a5-cba2-717765721306}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{e2ddf680-9905-4dee-8c64-0a5de7fe133c}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{e7afff2a-1b57-49c7-bf6b-e5123394c970}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{fd9bc004-8331-4457-b830-4759ff704c22}
HKEY_CLASSES_ROOT\software\microsoft\windows\currentversion\explorer\browser helper objects\{ff1bf4c7-4e08-4a28-a43f-9d60a9f7a880}
HKEY_CLASSES_ROOT\typelib\{a65529dd-4833-4784-a594-205f4a50267a}
HKEY_CURRENT_USER\software\gs1
HKEY_LOCAL_MACHINE\software\classes\clsid\{00110011-4b0b-44d5-9718-90c88817369b}
HKEY_LOCAL_MACHINE\software\classes\clsid\{086ae192-23a6-48d6-96ec-715f53797e85}
HKEY_LOCAL_MACHINE\software\classes\clsid\{1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb1}
HKEY_LOCAL_MACHINE\software\classes\clsid\{1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb2}
HKEY_LOCAL_MACHINE\software\classes\clsid\{30192f8d-0958-44e6-b54d-331fd39ac959}
HKEY_LOCAL_MACHINE\software\classes\clsid\{44e93f27-f60b-4352-9a7d-ee4a10214f55}
HKEY_LOCAL_MACHINE\software\classes\clsid\{587dbf2d-9145-4c9e-92c2-1f953da73773}
HKEY_LOCAL_MACHINE\software\classes\clsid\{749cc722-9118-4ba6-b987-3c466886dcdb}
HKEY_LOCAL_MACHINE\software\classes\clsid\{79369d5c-2903-4b7a-ade2-d5e0dee14d24}
HKEY_LOCAL_MACHINE\software\classes\clsid\{834261e1-dd97-4177-853b-c907e5d5bd6e}
HKEY_LOCAL_MACHINE\software\classes\clsid\{91982485-9a26-4ce7-91cf-73867a319aaa}
HKEY_LOCAL_MACHINE\software\classes\clsid\{b847676d-72ac-4393-bfff-43a1eb979352}
HKEY_LOCAL_MACHINE\software\classes\clsid\{bc97b254-b2b9-4d40-971d-78e0978f5f26}
HKEY_LOCAL_MACHINE\software\classes\clsid\{cf021f40-3e14-23a5-cba2-717765721306}
HKEY_LOCAL_MACHINE\software\classes\clsid\{e2ddf680-9905-4dee-8c64-0a5de7fe133c}
HKEY_LOCAL_MACHINE\software\classes\clsid\{e3eebbe8-9cab-4c76-b26a-747e25ebb4c6}
HKEY_LOCAL_MACHINE\software\classes\clsid\{fd9bc004-8331-4457-b830-4759ff704c22}
HKEY_LOCAL_MACHINE\software\classes\clsid\{ff1bf4c7-4e08-4a28-a43f-9d60a9f7a880}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{00110011-4b0b-44d5-9718-90c88817369b}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{086ae192-23a6-48d6-96ec-715f53797e85}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{08825590-1efe-f0cd-6e7d-483b9b36e236}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{150fa160-130d-451f-b863-b655061432ba}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{15fed902-5051-4d02-9b7a-4fbfd09d28d1}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb1}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{1f48aa48-c53a-4e21-85e7-ac7cc6b5ffb2}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{2118e38e-d3f9-4036-ba5f-befa51170042}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{2e9caff6-30c7-4208-8807-e79d4ec6f806}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{30192f8d-0958-44e6-b54d-331fd39ac959}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{3b749197-9826-43d0-b8f6-a72971443c61}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{44e93f27-f60b-4352-9a7d-ee4a10214f55}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{4b607c1d-43b2-4f6f-b76e-96eb3233bded}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{587dbf2d-9145-4c9e-92c2-1f953da73773}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{5d70127d-73f6-4f1c-92f3-4088e968c5d6}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{664a5b8b-508e-4dd1-89ab-502c91655d2b}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{6cc1c91a-ae8b-4373-a5b4-28ba1851e39a}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{749cc722-9118-4ba6-b987-3c466886dcdb}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{79369d5c-2903-4b7a-ade2-d5e0dee14d24}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{7b32f6dc-2751-4251-a011-7ce9e88e984c}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{806418df-4a40-43dc-bc15-31439276c045}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{834261e1-dd97-4177-853b-c907e5d5bd6e}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{91982485-9a26-4ce7-91cf-73867a319aaa}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{a9a674bf-771f-42e5-a440-d20dda85a862}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{ace9c626-f133-47f8-8c1a-e32f17cb9ed3}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{b847676d-72ac-4393-bfff-43a1eb979352}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{c9b0d3dc-dc2b-4a17-8e34-02cd4c1e573f}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{ccd82dfe-6ca4-4aac-a82b-8c57a8d9ff24}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{cf021f40-3e14-23a5-cba2-717765721306}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{e7afff2a-1b57-49c7-bf6b-e5123394c970}
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\browser helper objects\{ff1bf4c7-4e08-4a28-a43f-9d60a9f7a880}

Registry Values:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\styles
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\toolbar
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\enex0h15g

Removing CWS:

you can run trial version of ExterminateIt, or remove CWS manually..

ExterminateIt effectively and automatically removes Trojan Horses, Rootkits, Backdoors, spyware, botnets, keystroke loggers, dialers and other malicious software(malware) from you computer.

Download ExterminateIt! to instantly get rid of CWS!

Also Be Aware of the Following Threats:
Ping.Alpha DoS Removal instruction
Remove Win32.Piaoyes DoS
W16.Vecna Trojan Removal instruction
Remove UDPFlood DoS
Removing Vxidl.AXS Trojan

Virus List

CWS Adware

CWS Detection :

Removing CWS:

Blog Archive

Followers

Virus List

CWS Adware

CWS Detection :

Removing CWS:

Blog Archive

Followers

Subscribe To