Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Win32.Trojan.Yspy

Started by kelkay , Jun 10 2008 07:09 AM

  • This topic is locked This topic is locked

#226
kelkay
Posted 10 July 2008 - 09:23 AM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
C:\Program Files\Trend Micro\HijackThis\Kelly.exe moved successfully.
< %userprofile%\desktop\dss.exe >
C:\Documents and Settings\Kelly\desktop\dss.exe moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 07102008_102219
  • 0

Advertisements

#227
kelkay
Posted 10 July 2008 - 09:52 AM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
When DSS finished it only popped up the main.txt, and not the extra at all. I will have to see if I can find it.


Deckard's System Scanner v20071014.68
Run by Kelly on 2008-07-10 10:33:02
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Kelly.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:34:12, on 7/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Program Files\HostsMan\hm.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Documents and Settings\Kelly\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Kelly.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O3 - Toolbar: WebFerret - {A58686ED-FC46-44C3-95C6-4A812AB776F1} - C:\Program Files\FerretSoft\WebFerret\FerretBand.dll
O4 - HKLM\..\Run: [SmartDefrag] "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [HostsMan] "C:\Program Files\HostsMan\hm.exe" -s
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - S-1-5-18 Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\system32\wweb32.dll/lookup.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (file missing)
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative....030/CTSUEng.cab
O16 - DPF: {127CE7BA-AD89-4108-A913-C52EFC037C36} (OMN Player Support) - http://kdx.omn.org/s...ayerSupport.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewid...oOnlineScan.cab
O16 - DPF: {2776DDE9-D4B2-4BF7-9F98-ADC1A1B80AF5} (OMN Media Publisher) - http://kdx.omn.org/s...iaPublisher.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://www.shockwave...h2.1.0.0.67.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1165348971449
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative....15030/CTPID.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sansa Updater Service (SansaService) - Unknown owner - C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe

--
End of file - 9101 bytes

-- Files created between 2008-06-10 and 2008-07-10 -----------------------------

2008-07-09 19:58:38 135168 --a------ C:\zip.exe
2008-07-09 19:58:38 19286 --a------ C:\cleanup.exe
2008-07-09 19:58:38 574 --a------ C:\cleanup.bat
2008-07-09 18:45:48 0 d-------- C:\Documents and Settings\Kelly\Application Data\OnlineArmor
2008-07-09 18:45:48 0 d-------- C:\Documents and Settings\All Users\Application Data\OnlineArmor
2008-07-09 18:45:34 28872 --a------ C:\WINDOWS\system32\drivers\oanet.sys
2008-07-09 18:45:34 25600 --a------ C:\WINDOWS\system32\drivers\OAmon.sys
2008-07-09 18:45:34 75776 --a------ C:\WINDOWS\system32\drivers\OADriver.sys
2008-07-09 18:45:34 0 d-------- C:\Program Files\Tall Emu
2008-07-05 11:07:34 449462 --a------ C:\HaxFix.exe <Not Verified; Marckie; >
2008-07-04 14:02:02 0 d-------- C:\Documents and Settings\Kelly\Application Data\abelhadigital.com
2008-07-04 14:02:02 0 d-------- C:\Documents and Settings\All Users\Application Data\abelhadigital.com
2008-07-04 14:02:01 0 d-------- C:\Program Files\HostsMan
2008-07-04 11:27:13 0 d--hs---- C:\found.000
2008-07-03 22:34:18 0 d-------- C:\Program Files\HD Tune
2008-07-01 01:15:01 0 d-------- C:\WINDOWS\Prefetch
2008-07-01 01:04:25 0 d-------- C:\WINDOWS\system32\scripting
2008-07-01 01:04:24 0 d-------- C:\WINDOWS\system32\en
2008-07-01 01:04:24 0 d-------- C:\WINDOWS\l2schemas
2008-07-01 01:04:23 0 d-------- C:\WINDOWS\system32\bits
2008-07-01 01:02:31 0 d-------- C:\WINDOWS\ServicePackFiles
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\winupie.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\winmuschi.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\updatewinlocator.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\zp.dll
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\zeropopupbar.dll
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\winwsl.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\wintft.dll
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\wintbpx.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\wintbp.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\winshow.dll
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\winsb.dll
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\winrvl.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\winpup32.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\winpup.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\winlocatorhelper.dll
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\winlocator.dll
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\winksl.exe
2008-06-28 16:49:35 0 d-------- C:\WINDOWS\system32\update.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\systemout.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\sysdll32.dll
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\servises.exe
2008-06-28 16:49:35 0 d-------- C:\WINDOWS\system32\rx.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\regperf.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\pup.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\pnp.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\per.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\nvctrl.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\norton update.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\mssearchnet.exe
2008-06-28 16:49:35 0 d-------- C:\WINDOWS\system32\msmsgs.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\mscornet.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\issearch.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\isnotify.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\ismon.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\ishost.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\dfrgsrv.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\df_kme.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\dcomcfg.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\csm.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\botzor.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\axconfig.dll
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\4ccc3cea.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\pnpasn32.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\hpsv.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\cdproxyserv.exe
2008-06-28 16:49:35 230 -r-h----- C:\Program Files\zsearch
2008-06-28 16:49:35 240 -r-h----- C:\Program Files\zeropopupbar
2008-06-28 16:49:35 226 -r-h----- C:\Program Files\zangoclient
2008-06-28 16:49:35 226 -r-h----- C:\Program Files\zango games
2008-06-28 16:49:35 228 -r-h----- C:\Program Files\xsoftware
2008-06-28 16:49:35 228 -r-h----- C:\Program Files\xpcspy
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\windowsupd4.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\windowsupd2.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\windowsupd1.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\vx2.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\t2serv.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\t2serv.dll
2008-06-28 16:49:34 0 d-------- C:\WINDOWS\system32\zlbw.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\wshtlprh.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\wshnseri.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\winntcreate.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\winftsap.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\winftsap.dll
2008-06-28 16:49:34 0 d-------- C:\WINDOWS\system32\wincom32.sys
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\w3sskbda.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\vx2.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\vwix32.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\vsxmpgpc.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\vnetsmme.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\vb5dmspo.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\v4pbpt51.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\uninmyad.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\trafracp.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\tps108.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\tisa.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\tips.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\tippcls.dat
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\tipp.dat
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\timesrv.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\ticont.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\ticads.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\tconini.dat
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\sysmonnt.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\spwgoc.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\snmpmssw.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\slbrmqtr.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\slbipsch.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\slbipsch.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\shfoxpob.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\secumsje.exe
2008-06-28 16:49:34 0 d-------- C:\WINDOWS\system32\se.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\sd16win.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\scp3jgaw.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\rvreg.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\rulesak.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\rdpwmsjt.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\rcbdwmpd.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\qdvtscf.dll
2008-06-28 16:49:34 0 d-------- C:\WINDOWS\system32\ppl.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\oebdfc.dll
2008-06-28 16:49:34 0 d-------- C:\WINDOWS\system32\nordsys.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\myad.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\msview.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\msnavc32.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\messenger.lib.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\lut.dat
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\lspak.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\localnrd.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\lcch.dat
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\ladchkr.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\host.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\hook2.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\hook1.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\google.png.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\gdu.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\game3.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\game2.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\game1.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\dad.bat
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\cidrules.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\bridge.dll
2008-06-28 16:49:34 0 d-------- C:\WINDOWS\system32\alsys.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\adchkr.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\a.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\6fo4svc.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\sserrvv.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\serrv.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\reggserv.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\psapi.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\msupdtwiz.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\kernellos.dll
2008-06-28 16:49:34 222 -r-h----- C:\WINDOWS\isrvs
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\iehelper.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\cserv32.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\cleanhistories.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\ccsserv.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\ads.js
2008-06-28 16:49:34 234 -r-h----- C:\temp_kl
2008-06-28 16:49:34 232 -r-h----- C:\Program Files\winfixer 2005
2008-06-28 16:49:34 240 -r-h----- C:\Program Files\winfavorites
2008-06-28 16:49:34 246 -r-h----- C:\Program Files\windows adtools
2008-06-28 16:49:34 250 -r-h----- C:\Program Files\windows adcontrol
2008-06-28 16:49:34 230 -r-h----- C:\Program Files\win comm
2008-06-28 16:49:34 226 -r-h----- C:\Program Files\whenu
2008-06-28 16:49:34 236 -r-h----- C:\Program Files\web_rebates
2008-06-28 16:49:34 236 -r-h----- C:\Program Files\web_cpr
2008-06-28 16:49:34 224 -r-h----- C:\Program Files\vvsn
2008-06-28 16:49:34 226 -r-h----- C:\Program Files\vvsdl
2008-06-28 16:49:34 226 -r-h----- C:\Program Files\vomba
2008-06-28 16:49:34 238 -r-h----- C:\Program Files\vmntoolbar
2008-06-28 16:49:34 232 -r-h----- C:\Program Files\ts trial
2008-06-28 16:49:34 232 -r-h----- C:\Program Files\topmoxie
2008-06-28 16:49:34 244 -r-h----- C:\Program Files\sys detective+
2008-06-28 16:49:34 240 -r-h----- C:\Program Files\surfsidekick
2008-06-28 16:49:34 240 -r-h----- C:\Program Files\surfsidekick 2
2008-06-28 16:49:34 232 -r-h----- C:\Program Files\superbar
2008-06-28 16:49:34 232 -r-h----- C:\Program Files\netmeting
2008-06-28 16:49:34 222 -r-h----- C:\Program Files\hpdll
2008-06-28 16:49:34 232 -r-h----- C:\Program Files\Common Files\winsoftware
2008-06-28 16:49:34 226 -r-h----- C:\Program Files\Common Files\ucontrol
2008-06-28 16:49:34 222 -r-h----- C:\Program Files\autoupdate
2008-06-28 16:49:34 234 -r-h----- C:\archivos de programa
2008-06-28 16:49:33 236 -r-h----- C:\WINDOWS\winsecurity
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\waladhpr.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\xkrdk.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\wzhelper.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\wiatwain.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\webalize.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\unsocul.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\somatic.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\sodahk.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\socul.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\smdnn05.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\servehost.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\seqsb.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\searchupdate33.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\searchupdate31.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\searchsquire33.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\searchsquire3.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\searchsquire2.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\searchsquire.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\seantb.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\s4helper.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\replmap.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\reg2.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\pqhelper.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\mygeek.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\msstersv.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\msqsb.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\msnsxole.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\msnsxole.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\mslspcg.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\mslsicwd.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\msexcred.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\msafiasn.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\mqoacdmo.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\mqadscp3.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\mgmtmtxc.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\mgeekremove.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\mcd3mscm.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\lmrtatkc.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\kbdpkbdr.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\kbdfwshe.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\jgsdrpcn.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\jgsdrpcn.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\jgdwadsn.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\jgdwadsn.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\iuennwcf.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\ir32racp.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\ipxwshel.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\ipxrmfc4.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\imesrdch.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\ifsomatic.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\ifhelper.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\iebrw.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\icmpdx3j.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\iaspdpus.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\i4n27vl.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\hotlink.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\homepage.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\hmepge.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\higehsg.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\hhselz32.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\gsim.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\fltlauto.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\fileserv.dll
2008-06-28 16:49:33 0 d-------- C:\WINDOWS\system32\e1.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\dsseds32.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\dsseds32.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\dpugmswe.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\dnsrxpob.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\deskmcd3.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\ddemdmco.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\davctool.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\davctool.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\confbrw.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\comrkbdd.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\comploader.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\chkmfdep.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\camodpnm.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\brwstat.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\brwprf32.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\brwperf.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\brwmgr32.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\brwconf.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\barbho.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\avifipxr.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\admeiolo.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\actidmoc.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\svrmgr.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\ssmsgr.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\ssls.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\ssdgt.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\sscrg.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\gsim.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\cssswd.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\csssupd.exe
2008-06-28 16:49:33 236 -r-h----- C:\WINDOWS\connectionstatus
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\adrsb.exe
2008-06-28 16:49:33 234 -r-h----- C:\spedia
2008-06-28 16:49:33 232 -r-h----- C:\Program Files\valintines day card
2008-06-28 16:49:33 244 -r-h----- C:\Program Files\swagent
2008-06-28 16:49:33 244 -r-h----- C:\Program Files\stealthwatcher200
2008-06-28 16:49:33 230 -r-h----- C:\Program Files\spytech software
2008-06-28 16:49:33 234 -r-h----- C:\Program Files\spyonthis
2008-06-28 16:49:33 232 -r-h----- C:\Program Files\spyblast
2008-06-28 16:49:33 234 -r-h----- C:\Program Files\softomate
2008-06-28 16:49:33 248 -r-h----- C:\Program Files\selectrebates
2008-06-28 16:49:33 234 -r-h----- C:\Program Files\searchnet
2008-06-28 16:49:33 240 -r-h----- C:\Program Files\searchlocate
2008-06-28 16:49:33 236 -r-h----- C:\Program Files\screenview
2008-06-28 16:49:33 226 -r-h----- C:\Program Files\p4p
2008-06-28 16:49:33 234 -r-h----- C:\Program Files\ietoolbar
2008-06-28 16:49:33 242 -r-h----- C:\Program Files\dynamic toolbar
2008-06-28 16:49:33 226 -r-h----- C:\Program Files\Common Files\sogou pxp
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\wserver.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\winlogon.scr
2008-06-28 16:49:32 0 d-------- C:\WINDOWS\winlogon.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\visualguard.exe
2008-06-28 16:49:32 0 d-------- C:\WINDOWS\userconfig9x.dll
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\xpfirewall.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\wpwmgrs.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\winvnc.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\wintasker.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\winsyscfg.exe
2008-06-28 16:49:32 0 d-------- C:\WINDOWS\system32\winsys32.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\winsys.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\winsvc32.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\winstart.pif
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\winnt.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\wininfo.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\winhlpapi.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\wingmt32.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\winds.exe
2008-06-28 16:49:32 0 d-------- C:\WINDOWS\system32\windowz.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\windowsfirewall.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\windasz-updote.exe
2008-06-28 16:49:32 0 d-------- C:\WINDOWS\system32\win32.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\win24.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\wid32.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\wfdmgr.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\wfdgmr.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\wdns33.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\w32ntupdt.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\w1nt5k.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\vlcx052.dll
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\twunk_65.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\timemanager.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\taskgmr32.exe
2008-06-28 16:49:32 0 d-------- C:\WINDOWS\system32\taskgmr.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\taskgamr.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\tagmr.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\sysconf.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\sword.exe
2008-06-28 16:49:32 0 d-------- C:\WINDOWS\system32\svshost.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\stagmr.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\speeder.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\sp2winfix.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\sp2fx.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\slpube03.dll
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\shnlog.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\rlvknlg.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\rkinstaller.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\rk.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\optserve.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\optserve.dll
2008-06-28 16:49:32 0 d-------- C:\WINDOWS\system32\mstc.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\msplus4.dll
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\msplus3.dll
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\msplus2.dll
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\msplus1.dll
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\msplus.dll
2008-06-28 16:49:32 0 d-------- C:\WINDOWS\system32\msclt.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\mrkscr.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\lp.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\lp.dll
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\intmon.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\auole4.dll
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\sysmonxp.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\symav.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\switpb.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\switpa.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\skynetave.exe
2008-06-28 16:49:32 0 d-------- C:\WINDOWS\services.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\rundil32.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\rundil.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\phantom.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\pandaavengine.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\netmedia.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\napatch.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\msnmsgrs.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\maja.exe
2008-06-28 16:49:32 0 d-------- C:\WINDOWS\lsasss.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\lansas.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\kasperskyaveng.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\jammer2nd.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\infodll.dll
2008-06-28 16:49:32 0 d-------- C:\WINDOWS\fvprotect.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\fooding.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\firewallsvr.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\easyav.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\diskmonitor.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\comp.cpl
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\cfg32s.dll
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\cfg32r.dll
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\cfg32o.dll
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\cfg32.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\avserve3.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\avserve2.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\avprotect9x.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\avprotect.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\avpguard.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\avguard.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\avbgle.exe
2008-06-28 16:49:32 234 -r-h----- C:\Program Files\startup mechanic
2008-06-28 16:49:32 230 -r-h----- C:\Program Files\savenow
2008-06-28 16:49:32 234 -r-h----- C:\Program Files\rxtoolbar
2008-06-28 16:49:32 250 -r-h----- C:\Program Files\relevantknowledge
2008-06-28 16:49:32 234 -r-h----- C:\Program Files\rax search helper
2008-06-28 16:49:32 228 -r-h----- C:\Program Files\psupport
2008-06-28 16:49:32 234 -r-h----- C:\Program Files\need2find
2008-06-28 16:49:32 226 -r-h----- C:\Program Files\ncase
2008-06-28 16:49:32 232 -r-h----- C:\Program Files\navexcel
2008-06-28 16:49:32 232 -r-h----- C:\Program Files\navexcel search toolbar
2008-06-28 16:49:32 238 -r-h----- C:\Program Files\mywebsearch
2008-06-28 16:49:32 230 -r-h----- C:\Program Files\ezthemes_whenusavenow_installer
2008-06-28 16:49:32 228 -r-h----- C:\Program Files\exolon
2008-06-28 16:49:32 234 -r-h----- C:\Program Files\ddr
2008-06-28 16:49:32 236 -r-h----- C:\Program Files\Common Files\nsis
2008-06-28 16:49:32 234 -r-h----- C:\Program Files\arcade!
2008-06-28 16:49:31 0 dr-hs---- C:\winssystem.exe
2008-06-28 16:49:31 240 -r-h----- C:\WINDOWS\wintrim
2008-06-28 16:49:31 240 -r-h----- C:\WINDOWS\winmgts
2008-06-28 16:49:31 240 -r-h----- C:\WINDOWS\wincomp
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\unstall.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\winnb60.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\winnb58.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\winnb57.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\winnb56.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\winnb52.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\winnb51.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\winnb42.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\winnb41.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\winnb40.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\windmy.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\winats.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\vtlbar1.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\tubby.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\tbc.dll
2008-06-28 16:49:31 0 d-------- C:\WINDOWS\system32\sys.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\skybot.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\shell.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\service5.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\sd.exe
2008-06-28 16:49:31 0 d-------- C:\WINDOWS\system32\scvhost32.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\scrigz.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\scalpe91.exe
2008-06-28 16:49:31 0 d-------- C:\WINDOWS\system32\rundll.exe
2008-06-28 16:49:31 0 d-------- C:\WINDOWS\system32\remote.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\protection.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\plugnplay32.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\picx.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\phantom.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\patch31345.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\osalogbe.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\nn_bar31.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\nn_bar22.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\nn_bar21.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\nn_bar.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\netcog.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\nas.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\myaccess.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\mtrnqs.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\mtc.dll
2008-06-28 16:49:31 0 d-------- C:\WINDOWS\system32\mswins.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\mssck.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\msplus32.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\msnl.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\msmgrxp.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\msklive.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\msgmr.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\msegcompid.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\msdev32.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\msapasrc.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\msa64chk.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\mouse.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\microupdate.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\microsystem.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\memloader.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\mcscn.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\mapisvc32.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\mailinfo.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\madise.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\logitechwls.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\logic.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\lienvdk.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\lienvandekelder.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\lientjeuh.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\lien vd kelder.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\lien vande kelder.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\lien Van de kelderrr.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\lien van de kelder.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\lcd32.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\jusched32.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\itunegui.exe
2008-06-28 16:49:31 0 d-------- C:\WINDOWS\system32\internet.exe
2008-06-28 16:49:31 0 d-------- C:\WINDOWS\system32\iexplorer.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\hostdrvxp.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\hbmail.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\gothica.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\fixupdattr.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\evil.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\ds.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\dll.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\dcomuser.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\coolbot.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\ccsrs.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\avpr.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\adv.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\abs.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\666.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\1hellbot.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\0.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\patch31345.exe
2008-06-28 16:49:31 240 -r-h----- C:\WINDOWS\navpmc
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\msnarrator.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\mrhop.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\mpgcom.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\mmups.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\mm63.ocx
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\mm21.ocx
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\mm20.ocx
2008-06-28 16:49:31 240 -r-h----- C:\WINDOWS\mc
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\imgurla.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\iempg2.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\iempg.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\a64sddd.exe
2008-06-28 16:49:31 236 -r-h----- C:\Program Files\support software
2008-06-28 16:49:31 236 -r-h----- C:\Program Files\network essentials
2008-06-28 16:49:31 236 -r-h----- C:\Program Files\medialoads
2008-06-28 16:49:31 236 -r-h----- C:\Program Files\medialoads enhanced
2008-06-28 16:49:31 242 -r-h----- C:\Program Files\media gateway
2008-06-28 16:49:31 232 -r-h----- C:\Program Files\md
2008-06-28 16:49:31 0 dr-hs---- C:\hellmsn.exe
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\xwrm.exe
2008-06-28 16:49:30 232 -r-h----- C:\WINDOWS\wqzq
2008-06-28 16:49:30 0 d-------- C:\WINDOWS\winserv.exe
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\winobject.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\wdskctl.exe
2008-06-28 16:49:30 232 -r-h----- C:\WINDOWS\wcby
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\ts.exe
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\zopenssl.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\yvsvga.sys
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\yvsvga.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\yvprgb.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\yvpp02.sys
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\xcdmfree.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\wndtx1.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\winstart001.exe
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\winstart.exe
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\winsrm32.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\winenc32.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\windowsie.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\windec32.dll
2008-06-28 16:49:30 0 d-------- C:\WINDOWS\system32\wgavm.exe
2008-06-28 16:49:30 0 d-------- C:\WINDOWS\system32\wgareg.exe
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\waeb.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\version.exe
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\updtscheduler.exe
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\update_rsp.DLL
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\update_removeold.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\update_hosts.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\update_com.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\update_bho.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\toolbar.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\tcpwrk.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\tcpgdc.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\tcpg4t.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\sksdll.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\sks2drvr.sys
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\se633mxx.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\se500mdm.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\sdcard98.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\sbus.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\satmmc.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\satdll.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\satau320.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\rsp001.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\rsp.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\rsdapi.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\rdrvr2.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\msxml4r.exe
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\mseggrpid.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\mscache.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\keyhost.exe
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\keyactivex.ocx
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\jeired.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\install_all.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\ineb.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\iexplorr29.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\iexplorr27.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\iexplorr26.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\iexplorr25.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\iexplorr24.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\iexplorr23.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\iexplorr22.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\iexplorr11.dll
2008-06-28 16:49:30 0 d-------- C:\WINDOWS\system32\iexplore.exe
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\iemsg.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\ia.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\gws.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\gcasctrl.exe
2008
  • 0

#228
kelkay
Posted 10 July 2008 - 10:07 AM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
I reran the program and only the main.txt came up again. I went to the Deckard System folder and it showed only main.txt, not a folder for extra...which is very strange. I thought maybe it could of been attached...but only the main.txt could. I put this on here, and attached. I see you want the file attached for some reason....forgot to do that before.

Deckard's System Scanner v20071014.68
Run by Kelly on 2008-07-10 10:56:17
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Kelly.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:57:11, on 7/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Program Files\HostsMan\hm.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Documents and Settings\Kelly\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Kelly.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O3 - Toolbar: WebFerret - {A58686ED-FC46-44C3-95C6-4A812AB776F1} - C:\Program Files\FerretSoft\WebFerret\FerretBand.dll
O4 - HKLM\..\Run: [SmartDefrag] "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [HostsMan] "C:\Program Files\HostsMan\hm.exe" -s
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - S-1-5-18 Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\system32\wweb32.dll/lookup.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (file missing)
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative....030/CTSUEng.cab
O16 - DPF: {127CE7BA-AD89-4108-A913-C52EFC037C36} (OMN Player Support) - http://kdx.omn.org/s...ayerSupport.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewid...oOnlineScan.cab
O16 - DPF: {2776DDE9-D4B2-4BF7-9F98-ADC1A1B80AF5} (OMN Media Publisher) - http://kdx.omn.org/s...iaPublisher.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://www.shockwave...h2.1.0.0.67.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1165348971449
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative....15030/CTPID.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sansa Updater Service (SansaService) - Unknown owner - C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe

--
End of file - 9184 bytes

-- Files created between 2008-06-10 and 2008-07-10 -----------------------------

2008-07-09 19:58:38 135168 --a------ C:\zip.exe
2008-07-09 19:58:38 19286 --a------ C:\cleanup.exe
2008-07-09 19:58:38 574 --a------ C:\cleanup.bat
2008-07-09 18:45:48 0 d-------- C:\Documents and Settings\Kelly\Application Data\OnlineArmor
2008-07-09 18:45:48 0 d-------- C:\Documents and Settings\All Users\Application Data\OnlineArmor
2008-07-09 18:45:34 28872 --a------ C:\WINDOWS\system32\drivers\oanet.sys
2008-07-09 18:45:34 25600 --a------ C:\WINDOWS\system32\drivers\OAmon.sys
2008-07-09 18:45:34 75776 --a------ C:\WINDOWS\system32\drivers\OADriver.sys
2008-07-09 18:45:34 0 d-------- C:\Program Files\Tall Emu
2008-07-05 11:07:34 449462 --a------ C:\HaxFix.exe <Not Verified; Marckie; >
2008-07-04 14:02:02 0 d-------- C:\Documents and Settings\Kelly\Application Data\abelhadigital.com
2008-07-04 14:02:02 0 d-------- C:\Documents and Settings\All Users\Application Data\abelhadigital.com
2008-07-04 14:02:01 0 d-------- C:\Program Files\HostsMan
2008-07-04 11:27:13 0 d--hs---- C:\found.000
2008-07-03 22:34:18 0 d-------- C:\Program Files\HD Tune
2008-07-01 01:15:01 0 d-------- C:\WINDOWS\Prefetch
2008-07-01 01:04:25 0 d-------- C:\WINDOWS\system32\scripting
2008-07-01 01:04:24 0 d-------- C:\WINDOWS\system32\en
2008-07-01 01:04:24 0 d-------- C:\WINDOWS\l2schemas
2008-07-01 01:04:23 0 d-------- C:\WINDOWS\system32\bits
2008-07-01 01:02:31 0 d-------- C:\WINDOWS\ServicePackFiles
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\winupie.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\winmuschi.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\updatewinlocator.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\zp.dll
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\zeropopupbar.dll
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\winwsl.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\wintft.dll
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\wintbpx.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\wintbp.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\winshow.dll
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\winsb.dll
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\winrvl.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\winpup32.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\winpup.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\winlocatorhelper.dll
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\winlocator.dll
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\winksl.exe
2008-06-28 16:49:35 0 d-------- C:\WINDOWS\system32\update.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\systemout.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\sysdll32.dll
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\servises.exe
2008-06-28 16:49:35 0 d-------- C:\WINDOWS\system32\rx.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\regperf.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\pup.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\pnp.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\per.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\nvctrl.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\norton update.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\mssearchnet.exe
2008-06-28 16:49:35 0 d-------- C:\WINDOWS\system32\msmsgs.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\mscornet.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\issearch.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\isnotify.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\ismon.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\ishost.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\dfrgsrv.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\df_kme.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\dcomcfg.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\csm.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\botzor.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\axconfig.dll
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\system32\4ccc3cea.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\pnpasn32.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\hpsv.exe
2008-06-28 16:49:35 0 dr-hs---- C:\WINDOWS\cdproxyserv.exe
2008-06-28 16:49:35 230 -r-h----- C:\Program Files\zsearch
2008-06-28 16:49:35 240 -r-h----- C:\Program Files\zeropopupbar
2008-06-28 16:49:35 226 -r-h----- C:\Program Files\zangoclient
2008-06-28 16:49:35 226 -r-h----- C:\Program Files\zango games
2008-06-28 16:49:35 228 -r-h----- C:\Program Files\xsoftware
2008-06-28 16:49:35 228 -r-h----- C:\Program Files\xpcspy
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\windowsupd4.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\windowsupd2.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\windowsupd1.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\vx2.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\t2serv.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\t2serv.dll
2008-06-28 16:49:34 0 d-------- C:\WINDOWS\system32\zlbw.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\wshtlprh.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\wshnseri.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\winntcreate.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\winftsap.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\winftsap.dll
2008-06-28 16:49:34 0 d-------- C:\WINDOWS\system32\wincom32.sys
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\w3sskbda.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\vx2.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\vwix32.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\vsxmpgpc.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\vnetsmme.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\vb5dmspo.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\v4pbpt51.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\uninmyad.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\trafracp.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\tps108.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\tisa.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\tips.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\tippcls.dat
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\tipp.dat
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\timesrv.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\ticont.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\ticads.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\tconini.dat
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\sysmonnt.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\spwgoc.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\snmpmssw.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\slbrmqtr.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\slbipsch.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\slbipsch.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\shfoxpob.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\secumsje.exe
2008-06-28 16:49:34 0 d-------- C:\WINDOWS\system32\se.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\sd16win.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\scp3jgaw.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\rvreg.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\rulesak.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\rdpwmsjt.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\rcbdwmpd.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\qdvtscf.dll
2008-06-28 16:49:34 0 d-------- C:\WINDOWS\system32\ppl.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\oebdfc.dll
2008-06-28 16:49:34 0 d-------- C:\WINDOWS\system32\nordsys.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\myad.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\msview.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\msnavc32.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\messenger.lib.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\lut.dat
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\lspak.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\localnrd.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\lcch.dat
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\ladchkr.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\host.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\hook2.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\hook1.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\google.png.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\gdu.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\game3.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\game2.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\game1.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\dad.bat
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\cidrules.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\bridge.dll
2008-06-28 16:49:34 0 d-------- C:\WINDOWS\system32\alsys.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\adchkr.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\a.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\system32\6fo4svc.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\sserrvv.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\serrv.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\reggserv.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\psapi.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\msupdtwiz.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\kernellos.dll
2008-06-28 16:49:34 222 -r-h----- C:\WINDOWS\isrvs
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\iehelper.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\cserv32.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\cleanhistories.dll
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\ccsserv.exe
2008-06-28 16:49:34 0 dr-hs---- C:\WINDOWS\ads.js
2008-06-28 16:49:34 234 -r-h----- C:\temp_kl
2008-06-28 16:49:34 232 -r-h----- C:\Program Files\winfixer 2005
2008-06-28 16:49:34 240 -r-h----- C:\Program Files\winfavorites
2008-06-28 16:49:34 246 -r-h----- C:\Program Files\windows adtools
2008-06-28 16:49:34 250 -r-h----- C:\Program Files\windows adcontrol
2008-06-28 16:49:34 230 -r-h----- C:\Program Files\win comm
2008-06-28 16:49:34 226 -r-h----- C:\Program Files\whenu
2008-06-28 16:49:34 236 -r-h----- C:\Program Files\web_rebates
2008-06-28 16:49:34 236 -r-h----- C:\Program Files\web_cpr
2008-06-28 16:49:34 224 -r-h----- C:\Program Files\vvsn
2008-06-28 16:49:34 226 -r-h----- C:\Program Files\vvsdl
2008-06-28 16:49:34 226 -r-h----- C:\Program Files\vomba
2008-06-28 16:49:34 238 -r-h----- C:\Program Files\vmntoolbar
2008-06-28 16:49:34 232 -r-h----- C:\Program Files\ts trial
2008-06-28 16:49:34 232 -r-h----- C:\Program Files\topmoxie
2008-06-28 16:49:34 244 -r-h----- C:\Program Files\sys detective+
2008-06-28 16:49:34 240 -r-h----- C:\Program Files\surfsidekick
2008-06-28 16:49:34 240 -r-h----- C:\Program Files\surfsidekick 2
2008-06-28 16:49:34 232 -r-h----- C:\Program Files\superbar
2008-06-28 16:49:34 232 -r-h----- C:\Program Files\netmeting
2008-06-28 16:49:34 222 -r-h----- C:\Program Files\hpdll
2008-06-28 16:49:34 232 -r-h----- C:\Program Files\Common Files\winsoftware
2008-06-28 16:49:34 226 -r-h----- C:\Program Files\Common Files\ucontrol
2008-06-28 16:49:34 222 -r-h----- C:\Program Files\autoupdate
2008-06-28 16:49:34 234 -r-h----- C:\archivos de programa
2008-06-28 16:49:33 236 -r-h----- C:\WINDOWS\winsecurity
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\waladhpr.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\xkrdk.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\wzhelper.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\wiatwain.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\webalize.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\unsocul.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\somatic.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\sodahk.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\socul.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\smdnn05.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\servehost.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\seqsb.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\searchupdate33.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\searchupdate31.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\searchsquire33.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\searchsquire3.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\searchsquire2.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\searchsquire.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\seantb.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\s4helper.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\replmap.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\reg2.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\pqhelper.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\mygeek.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\msstersv.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\msqsb.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\msnsxole.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\msnsxole.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\mslspcg.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\mslsicwd.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\msexcred.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\msafiasn.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\mqoacdmo.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\mqadscp3.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\mgmtmtxc.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\mgeekremove.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\mcd3mscm.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\lmrtatkc.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\kbdpkbdr.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\kbdfwshe.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\jgsdrpcn.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\jgsdrpcn.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\jgdwadsn.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\jgdwadsn.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\iuennwcf.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\ir32racp.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\ipxwshel.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\ipxrmfc4.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\imesrdch.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\ifsomatic.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\ifhelper.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\iebrw.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\icmpdx3j.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\iaspdpus.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\i4n27vl.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\hotlink.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\homepage.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\hmepge.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\higehsg.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\hhselz32.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\gsim.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\fltlauto.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\fileserv.dll
2008-06-28 16:49:33 0 d-------- C:\WINDOWS\system32\e1.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\dsseds32.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\dsseds32.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\dpugmswe.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\dnsrxpob.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\deskmcd3.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\ddemdmco.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\davctool.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\davctool.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\confbrw.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\comrkbdd.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\comploader.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\chkmfdep.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\camodpnm.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\brwstat.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\brwprf32.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\brwperf.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\brwmgr32.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\brwconf.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\barbho.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\avifipxr.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\admeiolo.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\system32\actidmoc.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\svrmgr.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\ssmsgr.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\ssls.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\ssdgt.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\sscrg.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\gsim.dll
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\cssswd.exe
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\csssupd.exe
2008-06-28 16:49:33 236 -r-h----- C:\WINDOWS\connectionstatus
2008-06-28 16:49:33 0 dr-hs---- C:\WINDOWS\adrsb.exe
2008-06-28 16:49:33 234 -r-h----- C:\spedia
2008-06-28 16:49:33 232 -r-h----- C:\Program Files\valintines day card
2008-06-28 16:49:33 244 -r-h----- C:\Program Files\swagent
2008-06-28 16:49:33 244 -r-h----- C:\Program Files\stealthwatcher200
2008-06-28 16:49:33 230 -r-h----- C:\Program Files\spytech software
2008-06-28 16:49:33 234 -r-h----- C:\Program Files\spyonthis
2008-06-28 16:49:33 232 -r-h----- C:\Program Files\spyblast
2008-06-28 16:49:33 234 -r-h----- C:\Program Files\softomate
2008-06-28 16:49:33 248 -r-h----- C:\Program Files\selectrebates
2008-06-28 16:49:33 234 -r-h----- C:\Program Files\searchnet
2008-06-28 16:49:33 240 -r-h----- C:\Program Files\searchlocate
2008-06-28 16:49:33 236 -r-h----- C:\Program Files\screenview
2008-06-28 16:49:33 226 -r-h----- C:\Program Files\p4p
2008-06-28 16:49:33 234 -r-h----- C:\Program Files\ietoolbar
2008-06-28 16:49:33 242 -r-h----- C:\Program Files\dynamic toolbar
2008-06-28 16:49:33 226 -r-h----- C:\Program Files\Common Files\sogou pxp
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\wserver.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\winlogon.scr
2008-06-28 16:49:32 0 d-------- C:\WINDOWS\winlogon.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\visualguard.exe
2008-06-28 16:49:32 0 d-------- C:\WINDOWS\userconfig9x.dll
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\xpfirewall.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\wpwmgrs.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\winvnc.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\wintasker.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\winsyscfg.exe
2008-06-28 16:49:32 0 d-------- C:\WINDOWS\system32\winsys32.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\winsys.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\winsvc32.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\winstart.pif
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\winnt.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\wininfo.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\winhlpapi.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\wingmt32.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\winds.exe
2008-06-28 16:49:32 0 d-------- C:\WINDOWS\system32\windowz.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\windowsfirewall.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\windasz-updote.exe
2008-06-28 16:49:32 0 d-------- C:\WINDOWS\system32\win32.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\win24.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\wid32.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\wfdmgr.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\wfdgmr.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\wdns33.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\w32ntupdt.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\w1nt5k.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\vlcx052.dll
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\twunk_65.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\timemanager.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\taskgmr32.exe
2008-06-28 16:49:32 0 d-------- C:\WINDOWS\system32\taskgmr.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\taskgamr.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\tagmr.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\sysconf.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\sword.exe
2008-06-28 16:49:32 0 d-------- C:\WINDOWS\system32\svshost.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\stagmr.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\speeder.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\sp2winfix.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\sp2fx.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\slpube03.dll
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\shnlog.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\rlvknlg.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\rkinstaller.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\rk.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\optserve.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\optserve.dll
2008-06-28 16:49:32 0 d-------- C:\WINDOWS\system32\mstc.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\msplus4.dll
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\msplus3.dll
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\msplus2.dll
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\msplus1.dll
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\msplus.dll
2008-06-28 16:49:32 0 d-------- C:\WINDOWS\system32\msclt.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\mrkscr.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\lp.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\lp.dll
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\intmon.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\system32\auole4.dll
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\sysmonxp.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\symav.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\switpb.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\switpa.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\skynetave.exe
2008-06-28 16:49:32 0 d-------- C:\WINDOWS\services.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\rundil32.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\rundil.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\phantom.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\pandaavengine.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\netmedia.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\napatch.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\msnmsgrs.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\maja.exe
2008-06-28 16:49:32 0 d-------- C:\WINDOWS\lsasss.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\lansas.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\kasperskyaveng.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\jammer2nd.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\infodll.dll
2008-06-28 16:49:32 0 d-------- C:\WINDOWS\fvprotect.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\fooding.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\firewallsvr.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\easyav.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\diskmonitor.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\comp.cpl
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\cfg32s.dll
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\cfg32r.dll
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\cfg32o.dll
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\cfg32.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\avserve3.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\avserve2.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\avprotect9x.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\avprotect.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\avpguard.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\avguard.exe
2008-06-28 16:49:32 0 dr-hs---- C:\WINDOWS\avbgle.exe
2008-06-28 16:49:32 234 -r-h----- C:\Program Files\startup mechanic
2008-06-28 16:49:32 230 -r-h----- C:\Program Files\savenow
2008-06-28 16:49:32 234 -r-h----- C:\Program Files\rxtoolbar
2008-06-28 16:49:32 250 -r-h----- C:\Program Files\relevantknowledge
2008-06-28 16:49:32 234 -r-h----- C:\Program Files\rax search helper
2008-06-28 16:49:32 228 -r-h----- C:\Program Files\psupport
2008-06-28 16:49:32 234 -r-h----- C:\Program Files\need2find
2008-06-28 16:49:32 226 -r-h----- C:\Program Files\ncase
2008-06-28 16:49:32 232 -r-h----- C:\Program Files\navexcel
2008-06-28 16:49:32 232 -r-h----- C:\Program Files\navexcel search toolbar
2008-06-28 16:49:32 238 -r-h----- C:\Program Files\mywebsearch
2008-06-28 16:49:32 230 -r-h----- C:\Program Files\ezthemes_whenusavenow_installer
2008-06-28 16:49:32 228 -r-h----- C:\Program Files\exolon
2008-06-28 16:49:32 234 -r-h----- C:\Program Files\ddr
2008-06-28 16:49:32 236 -r-h----- C:\Program Files\Common Files\nsis
2008-06-28 16:49:32 234 -r-h----- C:\Program Files\arcade!
2008-06-28 16:49:31 0 dr-hs---- C:\winssystem.exe
2008-06-28 16:49:31 240 -r-h----- C:\WINDOWS\wintrim
2008-06-28 16:49:31 240 -r-h----- C:\WINDOWS\winmgts
2008-06-28 16:49:31 240 -r-h----- C:\WINDOWS\wincomp
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\unstall.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\winnb60.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\winnb58.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\winnb57.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\winnb56.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\winnb52.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\winnb51.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\winnb42.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\winnb41.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\winnb40.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\windmy.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\winats.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\vtlbar1.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\tubby.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\tbc.dll
2008-06-28 16:49:31 0 d-------- C:\WINDOWS\system32\sys.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\skybot.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\shell.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\service5.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\sd.exe
2008-06-28 16:49:31 0 d-------- C:\WINDOWS\system32\scvhost32.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\scrigz.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\scalpe91.exe
2008-06-28 16:49:31 0 d-------- C:\WINDOWS\system32\rundll.exe
2008-06-28 16:49:31 0 d-------- C:\WINDOWS\system32\remote.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\protection.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\plugnplay32.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\picx.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\phantom.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\patch31345.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\osalogbe.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\nn_bar31.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\nn_bar22.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\nn_bar21.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\nn_bar.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\netcog.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\nas.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\myaccess.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\mtrnqs.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\mtc.dll
2008-06-28 16:49:31 0 d-------- C:\WINDOWS\system32\mswins.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\mssck.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\msplus32.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\msnl.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\msmgrxp.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\msklive.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\msgmr.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\msegcompid.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\msdev32.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\msapasrc.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\msa64chk.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\mouse.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\microupdate.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\microsystem.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\memloader.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\mcscn.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\mapisvc32.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\mailinfo.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\madise.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\logitechwls.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\logic.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\lienvdk.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\lienvandekelder.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\lientjeuh.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\lien vd kelder.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\lien vande kelder.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\lien Van de kelderrr.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\lien van de kelder.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\lcd32.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\jusched32.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\itunegui.exe
2008-06-28 16:49:31 0 d-------- C:\WINDOWS\system32\internet.exe
2008-06-28 16:49:31 0 d-------- C:\WINDOWS\system32\iexplorer.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\hostdrvxp.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\hbmail.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\gothica.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\fixupdattr.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\evil.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\ds.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\dll.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\dcomuser.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\coolbot.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\ccsrs.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\avpr.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\adv.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\abs.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\666.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\1hellbot.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\system32\0.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\patch31345.exe
2008-06-28 16:49:31 240 -r-h----- C:\WINDOWS\navpmc
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\msnarrator.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\mrhop.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\mpgcom.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\mmups.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\mm63.ocx
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\mm21.ocx
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\mm20.ocx
2008-06-28 16:49:31 240 -r-h----- C:\WINDOWS\mc
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\imgurla.exe
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\iempg2.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\iempg.dll
2008-06-28 16:49:31 0 dr-hs---- C:\WINDOWS\a64sddd.exe
2008-06-28 16:49:31 236 -r-h----- C:\Program Files\support software
2008-06-28 16:49:31 236 -r-h----- C:\Program Files\network essentials
2008-06-28 16:49:31 236 -r-h----- C:\Program Files\medialoads
2008-06-28 16:49:31 236 -r-h----- C:\Program Files\medialoads enhanced
2008-06-28 16:49:31 242 -r-h----- C:\Program Files\media gateway
2008-06-28 16:49:31 232 -r-h----- C:\Program Files\md
2008-06-28 16:49:31 0 dr-hs---- C:\hellmsn.exe
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\xwrm.exe
2008-06-28 16:49:30 232 -r-h----- C:\WINDOWS\wqzq
2008-06-28 16:49:30 0 d-------- C:\WINDOWS\winserv.exe
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\winobject.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\wdskctl.exe
2008-06-28 16:49:30 232 -r-h----- C:\WINDOWS\wcby
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\ts.exe
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\zopenssl.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\yvsvga.sys
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\yvsvga.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\yvprgb.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\yvpp02.sys
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\xcdmfree.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\wndtx1.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\winstart001.exe
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\winstart.exe
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\winsrm32.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\winenc32.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\windowsie.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\windec32.dll
2008-06-28 16:49:30 0 d-------- C:\WINDOWS\system32\wgavm.exe
2008-06-28 16:49:30 0 d-------- C:\WINDOWS\system32\wgareg.exe
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\waeb.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\version.exe
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\updtscheduler.exe
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\update_rsp.DLL
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\update_removeold.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\update_hosts.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\update_com.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\update_bho.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\toolbar.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\tcpwrk.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\tcpgdc.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\tcpg4t.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\sksdll.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\sks2drvr.sys
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\se633mxx.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\se500mdm.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\sdcard98.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\sbus.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\satmmc.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\satdll.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\satau320.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\rsp001.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\rsp.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\rsdapi.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\rdrvr2.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\msxml4r.exe
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\mseggrpid.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\mscache.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\keyhost.exe
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\keyactivex.ocx
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\jeired.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\install_all.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\ineb.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\iexplorr29.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\iexplorr27.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\iexplorr26.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\iexplorr25.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\iexplorr24.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\iexplorr23.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\iexplorr22.dll
2008-06-28 16:49:30 0 dr-hs---- C:\WINDOWS\system32\iexplorr11.dll
2008-06-28 16:49:30 0 d-------- C:\WINDOWS\system32\iexplore.exe
20

Attached Files

  • Attached File  main.txt   81.81KB   226 downloads

  • 0

#229
koko_crunch
Posted 10 July 2008 - 07:57 PM

koko_crunch

    Trusted Helper

  • Retired Staff
  • 1,751 posts
Ok, let's try this again.

1. Please download The Avenger by Swandog46 to your Desktop.
  • Right click on the Avenger.zip folder and select "Extract All..."
  • Follow the prompts and extract the avenger folder to your desktop
2. Copy all the text contained in the code box below to your Clipboard by highlighting it and pressing (Ctrl+C):


Files to delete:C:\Program Files\zsearch C:\Program Files\zeropopupbar C:\Program Files\zangoclient C:\Program Files\zango gamesC:\Program Files\xsoftware C:\Program Files\xpcspy C:\WINDOWS\isrvs  C:\temp_kl  C:\Program Files\winfixer 2005C:\Program Files\winfavorites C:\Program Files\windows adtoolsC:\Program Files\windows adcontrolC:\Program Files\win commC:\Program Files\whenu C:\Program Files\web_rebates C:\Program Files\web_cpr C:\Program Files\vvsn C:\Program Files\vvsdl C:\Program Files\vomba C:\Program Files\vmntoolbar C:\Program Files\ts trialC:\Program Files\topmoxie C:\Program Files\sys detective+C:\Program Files\surfsidekick C:\Program Files\surfsidekick 2C:\Program Files\superbar C:\Program Files\netmeting C:\Program Files\hpdll C:\Program Files\Common Files\winsoftwareC:\Program Files\Common Files\ucontrolC:\Program Files\autoupdate C:\archivos de programaC:\WINDOWS\winsecurity  C:\WINDOWS\connectionstatus  C:\spedia  C:\Program Files\valintines day cardC:\Program Files\swagent C:\Program Files\stealthwatcher200 C:\Program Files\spytech softwareC:\Program Files\spyonthis C:\Program Files\spyblast C:\Program Files\softomate C:\Program Files\selectrebates C:\Program Files\searchnet C:\Program Files\searchlocate C:\Program Files\screenview C:\Program Files\p4p C:\Program Files\ietoolbar C:\Program Files\dynamic toolbarC:\Program Files\Common Files\sogou pxpC:\Program Files\startup mechanicC:\Program Files\savenow C:\Program Files\rxtoolbar C:\Program Files\relevantknowledge C:\Program Files\rax search helperC:\Program Files\psupport C:\Program Files\need2find C:\Program Files\ncase C:\Program Files\navexcel C:\Program Files\navexcel search toolbarC:\Program Files\mywebsearch C:\Program Files\ezthemes_whenusavenow_installer C:\Program Files\exolon C:\Program Files\ddr C:\Program Files\Common Files\nsisC:\Program Files\arcade! C:\WINDOWS\wintrim  C:\WINDOWS\winmgts  C:\WINDOWS\wincomp  C:\WINDOWS\navpmc  C:\WINDOWS\mc  C:\Program Files\support softwareC:\Program Files\network essentialsC:\Program Files\medialoads C:\Program Files\medialoads enhancedC:\Program Files\media gatewayC:\Program Files\md C:\WINDOWS\wqzq  C:\WINDOWS\wcby  C:\WINDOWS\ilookup  C:\Program Files\powersearch C:\Program Files\perfectnav C:\Program Files\lstsvc C:\Program Files\kuaiso toolsbarC:\Program Files\kgb keyloggerC:\Program Files\invisible secrets toolbarC:\Program Files\instant buzzC:\Program Files\instant accessC:\Program Files\install providerC:\Program Files\instafink C:\Program Files\incredifind C:\Program Files\ebayshop C:\Program Files\Common Files\updmgrC:\Program Files\Common Files\updaterC:\Program Files\Common Files\keenvalueC:\Program Files\security iguardC:\Program Files\psguard C:\Program Files\malwaresweeper.com C:\Program Files\gator.com C:\Program Files\emedia codecC:\Program Files\data19 C:\Program Files\accoona C:\Program Files\pcprivacysoftware.com C:\Program Files\bulletproofsoft.com C:\Program Files\adwareremovergold.com C:\WINDOWS\system32\iedriver  C:\Program Files\system soap proC:\Program Files\search toolbarC:\Program Files\httper C:\Program Files\hotbar C:\Program Files\homekeylogger C:\Program Files\hbtools C:\Program Files\hbinst C:\Program Files\Common Files\wqzqC:\Program Files\Common Files\msietsC:\Program Files\Common Files\btlinkC:\Program Files\xmod C:\Program Files\xml C:\Program Files\vcom C:\Program Files\sync manager demoC:\Program Files\scom C:\Program Files\reg2 C:\Program Files\pvm C:\Program Files\primesoft C:\Program Files\paymentone C:\Program Files\gsr C:\Program Files\gsoft C:\Program Files\gmsoft C:\Program Files\globe7 C:\Program Files\globaldialer C:\Program Files\fwn toolbarC:\Program Files\ftk C:\Program Files\ftapp C:\Program Files\fsw C:\Program Files\flt C:\Program Files\fln C:\Program Files\flcp C:\Program Files\fla C:\Program Files\filesubmit C:\Program Files\fen C:\Program Files\dialers C:\Program Files\browserenh C:\windowsupdate  C:\WINDOWS\system32\fcyberalert  C:\WINDOWS\system32\f0r0r  C:\WINDOWS\system32\ctf  C:\WINDOWS\elitetoolbar  C:\WINDOWS\elitesidebar  C:\WINDOWS\elitebar  C:\Program Files\websearch C:\Program Files\webrebates C:\Program Files\fastseeker C:\Program Files\ezurl C:\Program Files\exploreanywhere C:\Program Files\exact C:\Program Files\ebatesmoemoneymaker C:\Program Files\ebates_moemoneymaker C:\Program Files\comsoft C:\WINDOWS\system32\adcache  C:\WINDOWS\roodyc  C:\WINDOWS\explorer  C:\Program Files\real-tens C:\Program Files\popcorn.net C:\Program Files\movienetworks C:\Program Files\mlh C:\Program Files\medch C:\Program Files\kfh C:\Program Files\keylog C:\Program Files\e2give C:\Program Files\drivecleaner freeC:\Program Files\downloadware C:\Program Files\downloadware engineC:\Program Files\dealio C:\Program Files\dealhelper C:\Program Files\dateregon C:\Program Files\date managerC:\Program Files\commonname C:\Program Files\Common Files\eaccelerationC:\Program Files\Common Files\drivecleaner freeC:\Program Files\Common Files\cpushC:\e2g  C:\WINDOWS\winfj  C:\WINDOWS\syspi  C:\WINDOWS\sysbj  C:\WINDOWS\msew  C:\WINDOWS\ieoo  C:\WINDOWS\system32\services  C:\WINDOWS\configsys  C:\WINDOWS\coder  C:\Program Files\colej_uk design toolbarC:\Program Files\clocksync C:\Program Files\clipgenie C:\WINDOWS\ctb3_shared  C:\Program Files\windowssa C:\Program Files\tvs C:\Program Files\rvp C:\Program Files\lycos C:\Program Files\letssearch C:\Program Files\csbb C:\Program Files\Common Files\psd toolsC:\Program Files\Common Files\gmtC:\Program Files\Common Files\cmeiiC:\Program Files\cntrc C:\Program Files\clientman C:\Program Files\buddylinks.net C:\Program Files\btv C:\Program Files\brp C:\Program Files\browser palC:\Program Files\bpt C:\Program Files\bpc_search C:\Program Files\bonzibuddy C:\Program Files\bcpc C:\WINDOWS\bde  C:\Program Files\funcade C:\Program Files\cashback C:\Program Files\cardcrazy C:\Program Files\bde C:\Program Files\bargain buddyC:\bde  C:\WINDOWS\system32\exefld  C:\Program Files\mediaring talkC:\Program Files\backweb C:\WINDOWS\system32\win type C:\WINDOWS\system32\ide  C:\WINDOWS\system32\feeds  C:\WINDOWS\system32\dhcp32  C:\Program Files\the guardC:\Program Files\sysal C:\Program Files\netturbotrial C:\Program Files\fs C:\Program Files\cxtpls C:\Program Files\Common Files\betterinternetC:\Program Files\arcaderockstar C:\Program Files\aproposclient C:\Program Files\altnet C:\Program Files\adstatus serviceC:\Program Files\acetoolbar C:\Program Files\abetterinternet C:\Program Files\2search C:\Program Files\securemypc C:\Program Files\scanspyware v3.8.0.4C:\Program Files\scan & repair utilities 2007C:\Program Files\prvdef4.0 C:\Program Files\privacy crusader demoC:\Program Files\privacy championC:\Program Files\pestbot C:\Program Files\perfectcleaner C:\Program Files\pcsecurityshield C:\Program Files\pal spyremC:\Program Files\neospace C:\Program Files\malwarewipers C:\Program Files\killspy.net C:\Program Files\btppdv2.2 C:\Program Files\winferno C:\Program Files\softwaredoctor C:\Program Files\secure pc solutionsC:\Program Files\scorpio softwareC:\Program Files\kazaap C:\Program Files\guardbar C:\Program Files\goodbye spyC:\Program Files\froggie scan demoC:\Program Files\flobo spyware cleanC:\Program Files\fix my registryC:\Program Files\expertantivirus C:\Program Files\easy erase spyware removerC:\Program Files\curepcsolution C:\Program Files\codeclean2007 C:\Program Files\cleanx2007 C:\Program Files\bps removerC:\Program Files\beclean C:\Program Files\antivirusgoldenpro C:\Program Files\antivirus solutionC:\Program Files\antispyzone 5.0C:\Program Files\allume systemsC:\Program Files\adwareX eliminatorC:\Program Files\adware spyWare removalC:\Program Files\adware removerC:\Program Files\adware agentC:\Program Files\ads adware removerC:\Program Files\ad armorC:\Program Files\1stantivirus C:\Program Files\#1spywarekillerv2.1 C:\Program Files\dealhelper.com incC:\Program Files\websnitch v3.0C:\Documents and Settings\Kelly\Application Data\wklnhst.datFolders to delete:C:\Documents and Settings\Kelly\Application Data\abelhadigital.comC:\Documents and Settings\All Users\Application Data\abelhadigital.comC:\found.000  C:\WINDOWS\winupie.exe  C:\WINDOWS\winmuschi.exe  C:\WINDOWS\updatewinlocator.exe  C:\WINDOWS\system32\zp.dll  C:\WINDOWS\system32\zeropopupbar.dll  C:\WINDOWS\system32\winwsl.exe  C:\WINDOWS\system32\wintft.dll  C:\WINDOWS\system32\wintbpx.exe  C:\WINDOWS\system32\wintbp.exe  C:\WINDOWS\system32\winshow.dll  C:\WINDOWS\system32\winsb.dll  C:\WINDOWS\system32\winrvl.exe  C:\WINDOWS\system32\winpup32.exe  C:\WINDOWS\system32\winpup.exe  C:\WINDOWS\system32\winlocatorhelper.dll  C:\WINDOWS\system32\winlocator.dll  C:\WINDOWS\system32\winksl.exe  C:\WINDOWS\system32\update.exe  C:\WINDOWS\system32\systemout.exe  C:\WINDOWS\system32\sysdll32.dll  C:\WINDOWS\system32\servises.exe  C:\WINDOWS\system32\rx.exe  C:\WINDOWS\system32\regperf.exe  C:\WINDOWS\system32\pup.exe  C:\WINDOWS\system32\pnp.exe  C:\WINDOWS\system32\per.exe  C:\WINDOWS\system32\nvctrl.exe  C:\WINDOWS\system32\norton update.exe C:\WINDOWS\system32\mssearchnet.exe  C:\WINDOWS\system32\msmsgs.exe  C:\WINDOWS\system32\mscornet.exe  C:\WINDOWS\system32\issearch.exe  C:\WINDOWS\system32\isnotify.exe  C:\WINDOWS\system32\ismon.exe  C:\WINDOWS\system32\ishost.exe  C:\WINDOWS\system32\dfrgsrv.exe  C:\WINDOWS\system32\df_kme.exe  C:\WINDOWS\system32\dcomcfg.exe  C:\WINDOWS\system32\csm.exe  C:\WINDOWS\system32\botzor.exe  C:\WINDOWS\system32\axconfig.dll  C:\WINDOWS\system32\4ccc3cea.exe  C:\WINDOWS\pnpasn32.exe  C:\WINDOWS\hpsv.exe  C:\WINDOWS\cdproxyserv.exe  C:\WINDOWS\windowsupd4.exe  C:\WINDOWS\windowsupd2.exe  C:\WINDOWS\windowsupd1.exe  C:\WINDOWS\vx2.dll  C:\WINDOWS\t2serv.exe  C:\WINDOWS\t2serv.dll  C:\WINDOWS\system32\zlbw.dll  C:\WINDOWS\system32\wshtlprh.dll  C:\WINDOWS\system32\wshnseri.exe  C:\WINDOWS\system32\winntcreate.exe  C:\WINDOWS\system32\winftsap.exe  C:\WINDOWS\system32\winftsap.dll  C:\WINDOWS\system32\wincom32.sys  C:\WINDOWS\system32\w3sskbda.dll  C:\WINDOWS\system32\vx2.dll  C:\WINDOWS\system32\vwix32.exe  C:\WINDOWS\system32\vsxmpgpc.dll  C:\WINDOWS\system32\vnetsmme.dll  C:\WINDOWS\system32\vb5dmspo.dll  C:\WINDOWS\system32\v4pbpt51.dll  C:\WINDOWS\system32\uninmyad.exe  C:\WINDOWS\system32\trafracp.dll  C:\WINDOWS\system32\tps108.dll  C:\WINDOWS\system32\tisa.dll  C:\WINDOWS\system32\tips.exe  C:\WINDOWS\system32\tippcls.dat  C:\WINDOWS\system32\tipp.dat  C:\WINDOWS\system32\timesrv.exe  C:\WINDOWS\system32\ticont.dll  C:\WINDOWS\system32\ticads.exe  C:\WINDOWS\system32\tconini.dat  C:\WINDOWS\system32\sysmonnt.exe  C:\WINDOWS\system32\spwgoc.exe  C:\WINDOWS\system32\snmpmssw.exe  C:\WINDOWS\system32\slbrmqtr.exe  C:\WINDOWS\system32\slbipsch.exe  C:\WINDOWS\system32\slbipsch.dll  C:\WINDOWS\system32\shfoxpob.exe  C:\WINDOWS\system32\secumsje.exe  C:\WINDOWS\system32\se.exe  C:\WINDOWS\system32\sd16win.dll  C:\WINDOWS\system32\scp3jgaw.dll  C:\WINDOWS\system32\rvreg.exe  C:\WINDOWS\system32\rulesak.dll  C:\WINDOWS\system32\rdpwmsjt.exe  C:\WINDOWS\system32\rcbdwmpd.dll  C:\WINDOWS\system32\qdvtscf.dll  C:\WINDOWS\system32\ppl.exe  C:\WINDOWS\system32\oebdfc.dll  C:\WINDOWS\system32\nordsys.exe  C:\WINDOWS\system32\myad.dll  C:\WINDOWS\system32\msview.dll  C:\WINDOWS\system32\msnavc32.exe  C:\WINDOWS\system32\messenger.lib.exe  C:\WINDOWS\system32\lut.dat  C:\WINDOWS\system32\lspak.dll  C:\WINDOWS\system32\localnrd.dll  C:\WINDOWS\system32\lcch.dat  C:\WINDOWS\system32\ladchkr.exe  C:\WINDOWS\system32\host.dll  C:\WINDOWS\system32\hook2.dll  C:\WINDOWS\system32\hook1.dll  C:\WINDOWS\system32\google.png.exe  C:\WINDOWS\system32\gdu.dll  C:\WINDOWS\system32\game3.exe  C:\WINDOWS\system32\game2.exe  C:\WINDOWS\system32\game1.exe  C:\WINDOWS\system32\dad.bat  C:\WINDOWS\system32\cidrules.dll  C:\WINDOWS\system32\bridge.dll  C:\WINDOWS\system32\alsys.exe  C:\WINDOWS\system32\adchkr.exe  C:\WINDOWS\system32\a.exe  C:\WINDOWS\system32\6fo4svc.dll  C:\WINDOWS\sserrvv.exe  C:\WINDOWS\serrv.exe  C:\WINDOWS\reggserv.exe  C:\WINDOWS\psapi.dll  C:\WINDOWS\msupdtwiz.exe  C:\WINDOWS\kernellos.dll  C:\WINDOWS\iehelper.dll  C:\WINDOWS\cserv32.exe  C:\WINDOWS\cleanhistories.dll  C:\WINDOWS\ccsserv.exe  C:\WINDOWS\ads.js  C:\WINDOWS\waladhpr.exe  C:\WINDOWS\system32\xkrdk.dll  C:\WINDOWS\system32\wzhelper.dll  C:\WINDOWS\system32\wiatwain.dll  C:\WINDOWS\system32\webalize.dll  C:\WINDOWS\system32\unsocul.exe  C:\WINDOWS\system32\somatic.dll  C:\WINDOWS\system32\sodahk.dll  C:\WINDOWS\system32\socul.dll  C:\WINDOWS\system32\smdnn05.dll  C:\WINDOWS\system32\servehost.exe  C:\WINDOWS\system32\seqsb.dll  C:\WINDOWS\system32\searchupdate33.exe  C:\WINDOWS\system32\searchupdate31.exe  C:\WINDOWS\system32\searchsquire33.dll  C:\WINDOWS\system32\searchsquire3.dll  C:\WINDOWS\system32\searchsquire2.dll  C:\WINDOWS\system32\searchsquire.dll  C:\WINDOWS\system32\seantb.dll  C:\WINDOWS\system32\s4helper.dll  C:\WINDOWS\system32\replmap.dll  C:\WINDOWS\system32\reg2.exe  C:\WINDOWS\system32\pqhelper.dll  C:\WINDOWS\system32\mygeek.dll  C:\WINDOWS\system32\msstersv.dll  C:\WINDOWS\system32\msqsb.dll  C:\WINDOWS\system32\msnsxole.exe  C:\WINDOWS\system32\msnsxole.dll  C:\WINDOWS\system32\mslspcg.exe  C:\WINDOWS\system32\mslsicwd.dll  C:\WINDOWS\system32\msexcred.exe  C:\WINDOWS\system32\msafiasn.dll  C:\WINDOWS\system32\mqoacdmo.dll  C:\WINDOWS\system32\mqadscp3.exe  C:\WINDOWS\system32\mgmtmtxc.exe  C:\WINDOWS\system32\mgeekremove.exe  C:\WINDOWS\system32\mcd3mscm.dll  C:\WINDOWS\system32\lmrtatkc.dll  C:\WINDOWS\system32\kbdpkbdr.exe  C:\WINDOWS\system32\kbdfwshe.exe  C:\WINDOWS\system32\jgsdrpcn.exe  C:\WINDOWS\system32\jgsdrpcn.dll  C:\WINDOWS\system32\jgdwadsn.exe  C:\WINDOWS\system32\jgdwadsn.dll  C:\WINDOWS\system32\iuennwcf.dll  C:\WINDOWS\system32\ir32racp.exe  C:\WINDOWS\system32\ipxwshel.exe  C:\WINDOWS\system32\ipxrmfc4.dll  C:\WINDOWS\system32\imesrdch.exe  C:\WINDOWS\system32\ifsomatic.dll  C:\WINDOWS\system32\ifhelper.dll  C:\WINDOWS\system32\iebrw.dll  C:\WINDOWS\system32\icmpdx3j.dll  C:\WINDOWS\system32\iaspdpus.dll  C:\WINDOWS\system32\i4n27vl.exe  C:\WINDOWS\system32\hotlink.dll  C:\WINDOWS\system32\homepage.dll  C:\WINDOWS\system32\hmepge.dll  C:\WINDOWS\system32\higehsg.dll  C:\WINDOWS\system32\hhselz32.dll  C:\WINDOWS\system32\gsim.dll  C:\WINDOWS\system32\fltlauto.exe  C:\WINDOWS\system32\fileserv.dll  C:\WINDOWS\system32\e1.dll  C:\WINDOWS\system32\dsseds32.exe  C:\WINDOWS\system32\dsseds32.dll  C:\WINDOWS\system32\dpugmswe.dll  C:\WINDOWS\system32\dnsrxpob.exe  C:\WINDOWS\system32\deskmcd3.dll  C:\WINDOWS\system32\ddemdmco.dll  C:\WINDOWS\system32\davctool.exe  C:\WINDOWS\system32\davctool.dll  C:\WINDOWS\system32\confbrw.dll  C:\WINDOWS\system32\comrkbdd.exe  C:\WINDOWS\system32\comploader.dll  C:\WINDOWS\system32\chkmfdep.exe  C:\WINDOWS\system32\camodpnm.exe  C:\WINDOWS\system32\brwstat.dll  C:\WINDOWS\system32\brwprf32.dll  C:\WINDOWS\system32\brwperf.exe  C:\WINDOWS\system32\brwmgr32.dll  C:\WINDOWS\system32\brwconf.exe  C:\WINDOWS\system32\barbho.dll  C:\WINDOWS\system32\avifipxr.dll  C:\WINDOWS\system32\admeiolo.dll  C:\WINDOWS\system32\actidmoc.exe  C:\WINDOWS\svrmgr.exe  C:\WINDOWS\ssmsgr.exe  C:\WINDOWS\ssls.exe  C:\WINDOWS\ssdgt.exe  C:\WINDOWS\sscrg.exe  C:\WINDOWS\gsim.dll  C:\WINDOWS\cssswd.exe  C:\WINDOWS\csssupd.exe  C:\WINDOWS\adrsb.exe  C:\WINDOWS\wserver.exe  C:\WINDOWS\winlogon.scr  C:\WINDOWS\winlogon.exe  C:\WINDOWS\visualguard.exe  C:\WINDOWS\userconfig9x.dll  C:\WINDOWS\system32\xpfirewall.exe  C:\WINDOWS\system32\wpwmgrs.exe  C:\WINDOWS\system32\winvnc.exe  C:\WINDOWS\system32\wintasker.exe  C:\WINDOWS\system32\winsyscfg.exe  C:\WINDOWS\system32\winsys32.exe  C:\WINDOWS\system32\winsys.exe  C:\WINDOWS\system32\winsvc32.exe  C:\WINDOWS\system32\winstart.pif  C:\WINDOWS\system32\winnt.exe  C:\WINDOWS\system32\wininfo.exe  C:\WINDOWS\system32\winhlpapi.exe  C:\WINDOWS\system32\wingmt32.exe  C:\WINDOWS\system32\winds.exe  C:\WINDOWS\system32\windowz.exe  C:\WINDOWS\system32\windowsfirewall.exe  C:\WINDOWS\system32\windasz-updote.exe  C:\WINDOWS\system32\win32.exe  C:\WINDOWS\system32\win24.exe  C:\WINDOWS\system32\wid32.exe  C:\WINDOWS\system32\wfdmgr.exe  C:\WINDOWS\system32\wfdgmr.exe  C:\WINDOWS\system32\wdns33.exe  C:\WINDOWS\system32\w32ntupdt.exe  C:\WINDOWS\system32\w1nt5k.exe  C:\WINDOWS\system32\vlcx052.dll  C:\WINDOWS\system32\twunk_65.exe  C:\WINDOWS\system32\timemanager.exe  C:\WINDOWS\system32\taskgmr32.exe  C:\WINDOWS\system32\taskgmr.exe  C:\WINDOWS\system32\taskgamr.exe  C:\WINDOWS\system32\tagmr.exe  C:\WINDOWS\system32\sysconf.exe  C:\WINDOWS\system32\sword.exe  C:\WINDOWS\system32\svshost.exe  C:\WINDOWS\system32\stagmr.exe  C:\WINDOWS\system32\speeder.exe  C:\WINDOWS\system32\sp2winfix.exe  C:\WINDOWS\system32\sp2fx.exe  C:\WINDOWS\system32\slpube03.dll  C:\WINDOWS\system32\shnlog.exe  C:\WINDOWS\system32\rlvknlg.exe  C:\WINDOWS\system32\rkinstaller.exe  C:\WINDOWS\system32\rk.exe  C:\WINDOWS\system32\optserve.exe  C:\WINDOWS\system32\optserve.dll  C:\WINDOWS\system32\mstc.exe  C:\WINDOWS\system32\msplus4.dll  C:\WINDOWS\system32\msplus3.dll  C:\WINDOWS\system32\msplus2.dll  C:\WINDOWS\system32\msplus1.dll  C:\WINDOWS\system32\msplus.dll  C:\WINDOWS\system32\msclt.exe  C:\WINDOWS\system32\mrkscr.exe  C:\WINDOWS\system32\lp.exe  C:\WINDOWS\system32\lp.dll  C:\WINDOWS\system32\intmon.exe  C:\WINDOWS\system32\auole4.dll  C:\WINDOWS\sysmonxp.exe  C:\WINDOWS\symav.exe  C:\WINDOWS\switpb.exe  C:\WINDOWS\switpa.exe  C:\WINDOWS\skynetave.exe  C:\WINDOWS\services.exe  C:\WINDOWS\rundil32.exe  C:\WINDOWS\rundil.exe  C:\WINDOWS\phantom.exe  C:\WINDOWS\pandaavengine.exe  C:\WINDOWS\netmedia.exe  C:\WINDOWS\napatch.exe  C:\WINDOWS\msnmsgrs.exe  C:\WINDOWS\maja.exe  C:\WINDOWS\lsasss.exe  C:\WINDOWS\lansas.exe  C:\WINDOWS\kasperskyaveng.exe  C:\WINDOWS\jammer2nd.exe  C:\WINDOWS\infodll.dll  C:\WINDOWS\fvprotect.exe  C:\WINDOWS\fooding.exe  C:\WINDOWS\firewallsvr.exe  C:\WINDOWS\easyav.exe  C:\WINDOWS\diskmonitor.exe  C:\WINDOWS\comp.cpl  C:\WINDOWS\cfg32s.dll  C:\WINDOWS\cfg32r.dll  C:\WINDOWS\cfg32o.dll  C:\WINDOWS\cfg32.exe  C:\WINDOWS\avserve3.exe  C:\WINDOWS\avserve2.exe  C:\WINDOWS\avprotect9x.exe  C:\WINDOWS\avprotect.exe  C:\WINDOWS\avpguard.exe  C:\WINDOWS\avguard.exe  C:\WINDOWS\avbgle.exe  C:\winssystem.exe  C:\WINDOWS\unstall.exe  C:\WINDOWS\system32\winnb60.dll  C:\WINDOWS\system32\winnb58.dll  C:\WINDOWS\system32\winnb57.dll  C:\WINDOWS\system32\winnb56.dll  C:\WINDOWS\system32\winnb52.dll  C:\WINDOWS\system32\winnb51.dll  C:\WINDOWS\system32\winnb42.dll  C:\WINDOWS\system32\winnb41.dll  C:\WINDOWS\system32\winnb40.dll  C:\WINDOWS\system32\windmy.dll  C:\WINDOWS\system32\winats.dll  C:\WINDOWS\system32\vtlbar1.dll  C:\WINDOWS\system32\tubby.dll  C:\WINDOWS\system32\tbc.dll  C:\WINDOWS\system32\sys.exe  C:\WINDOWS\system32\skybot.exe  C:\WINDOWS\system32\shell.exe  C:\WINDOWS\system32\service5.exe  C:\WINDOWS\system32\sd.exe  C:\WINDOWS\system32\scvhost32.exe  C:\WINDOWS\system32\scrigz.exe  C:\WINDOWS\system32\scalpe91.exe  C:\WINDOWS\system32\rundll.exe  C:\WINDOWS\system32\remote.exe  C:\WINDOWS\system32\protection.exe  C:\WINDOWS\system32\plugnplay32.exe  C:\WINDOWS\system32\picx.exe  C:\WINDOWS\system32\phantom.exe  C:\WINDOWS\system32\patch31345.exe  C:\WINDOWS\system32\osalogbe.exe  C:\WINDOWS\system32\nn_bar31.dll  C:\WINDOWS\system32\nn_bar22.dll  C:\WINDOWS\system32\nn_bar21.dll  C:\WINDOWS\system32\nn_bar.dll  C:\WINDOWS\system32\netcog.exe  C:\WINDOWS\system32\nas.dll  C:\WINDOWS\system32\myaccess.dll  C:\WINDOWS\system32\mtrnqs.exe  C:\WINDOWS\system32\mtc.dll  C:\WINDOWS\system32\mswins.exe  C:\WINDOWS\system32\mssck.exe  C:\WINDOWS\system32\msplus32.exe  C:\WINDOWS\system32\msnl.exe  C:\WINDOWS\system32\msmgrxp.exe  C:\WINDOWS\system32\msklive.dll  C:\WINDOWS\system32\msgmr.exe  C:\WINDOWS\system32\msegcompid.dll  C:\WINDOWS\system32\msdev32.exe  C:\WINDOWS\system32\msapasrc.dll  C:\WINDOWS\system32\msa64chk.dll  C:\WINDOWS\system32\mouse.exe  C:\WINDOWS\system32\microupdate.exe  C:\WINDOWS\system32\microsystem.exe  C:\WINDOWS\system32\memloader.exe  C:\WINDOWS\system32\mcscn.exe  C:\WINDOWS\system32\mapisvc32.exe  C:\WINDOWS\system32\mailinfo.exe  C:\WINDOWS\system32\madise.dll  C:\WINDOWS\system32\logitechwls.exe  C:\WINDOWS\system32\logic.exe  C:\WINDOWS\system32\lienvdk.exe  C:\WINDOWS\system32\lienvandekelder.exe  C:\WINDOWS\system32\lientjeuh.exe  C:\WINDOWS\system32\lien vd kelder.exeC:\WINDOWS\system32\lien vande kelder.exeC:\WINDOWS\system32\lien Van de kelderrr.exeC:\WINDOWS\system32\lien van de kelder.exeC:\WINDOWS\system32\lcd32.exe  C:\WINDOWS\system32\jusched32.exe  C:\WINDOWS\system32\itunegui.exe  C:\WINDOWS\system32\internet.exe  C:\WINDOWS\system32\iexplorer.exe  C:\WINDOWS\system32\hostdrvxp.exe  C:\WINDOWS\system32\hbmail.exe  C:\WINDOWS\system32\gothica.exe  C:\WINDOWS\system32\fixupdattr.exe  C:\WINDOWS\system32\evil.exe  C:\WINDOWS\system32\ds.exe  C:\WINDOWS\system32\dll.dll  C:\WINDOWS\system32\dcomuser.exe  C:\WINDOWS\system32\coolbot.exe  C:\WINDOWS\system32\ccsrs.exe  C:\WINDOWS\system32\avpr.exe  C:\WINDOWS\system32\adv.dll  C:\WINDOWS\system32\abs.exe  C:\WINDOWS\system32\666.exe  C:\WINDOWS\system32\1hellbot.exe  C:\WINDOWS\system32\0.exe  C:\WINDOWS\patch31345.exe  C:\WINDOWS\msnarrator.exe  C:\WINDOWS\mrhop.dll  C:\WINDOWS\mpgcom.dll  C:\WINDOWS\mmups.exe  C:\WINDOWS\mm63.ocx  C:\WINDOWS\mm21.ocx  C:\WINDOWS\mm20.ocx  C:\WINDOWS\imgurla.exe  C:\WINDOWS\iempg2.dll  C:\WINDOWS\iempg.dll  C:\WINDOWS\a64sddd.exe  C:\hellmsn.exe  C:\WINDOWS\xwrm.exe  C:\WINDOWS\winserv.exe  C:\WINDOWS\winobject.dll  C:\WINDOWS\wdskctl.exe  C:\WINDOWS\ts.exe  C:\WINDOWS\system32\zopenssl.dll  C:\WINDOWS\system32\yvsvga.sys  C:\WINDOWS\system32\yvsvga.dll  C:\WINDOWS\system32\yvprgb.dll  C:\WINDOWS\system32\yvpp02.sys  C:\WINDOWS\system32\xcdmfree.dll  C:\WINDOWS\system32\wndtx1.dll  C:\WINDOWS\system32\winstart001.exe  C:\WINDOWS\system32\winstart.exe  C:\WINDOWS\system32\winsrm32.dll  C:\WINDOWS\system32\winenc32.dll  C:\WINDOWS\system32\windowsie.dll  C:\WINDOWS\system32\windec32.dll  C:\WINDOWS\system32\wgavm.exe  C:\WINDOWS\system32\wgareg.exe  C:\WINDOWS\system32\waeb.dll  C:\WINDOWS\system32\version.exe  C:\WINDOWS\system32\updtscheduler.exe  C:\WINDOWS\system32\update_rsp.DLL  C:\WINDOWS\system32\update_removeold.dll  C:\WINDOWS\system32\update_hosts.dll  C:\WINDOWS\system32\update_com.dll  C:\WINDOWS\system32\update_bho.dll  C:\WINDOWS\system32\toolbar.dll  C:\WINDOWS\system32\tcpwrk.dll  C:\WINDOWS\system32\tcpgdc.dll  C:\WINDOWS\system32\tcpg4t.dll  C:\WINDOWS\system32\sksdll.dll  C:\WINDOWS\system32\sks2drvr.sys  C:\WINDOWS\system32\se633mxx.dll  C:\WINDOWS\system32\se500mdm.dll  C:\WINDOWS\system32\sdcard98.dll  C:\WINDOWS\system32\sbus.dll  C:\WINDOWS\system32\satmmc.dll  C:\WINDOWS\system32\satdll.dll  C:\WINDOWS\system32\satau320.dll  C:\WINDOWS\system32\rsp001.dll  C:\WINDOWS\system32\rsp.dll  C:\WINDOWS\system32\rsdapi.dll  C:\WINDOWS\system32\rdrvr2.dll  C:\WINDOWS\system32\msxml4r.exe  C:\WINDOWS\system32\mseggrpid.dll  C:\WINDOWS\system32\mscache.dll  C:\WINDOWS\system32\keyhost.exe  C:\WINDOWS\system32\keyactivex.ocx  C:\WINDOWS\system32\jeired.dll  C:\WINDOWS\system32\install_all.dll  C:\WINDOWS\system32\ineb.dll  C:\WINDOWS\system32\iexplorr29.dll  C:\WINDOWS\system32\iexplorr27.dll  C:\WINDOWS\system32\iexplorr26.dll  C:\WINDOWS\system32\iexplorr25.dll  C:\WINDOWS\system32\iexplorr24.dll  C:\WINDOWS\system32\iexplorr23.dll  C:\WINDOWS\system32\iexplorr22.dll  C:\WINDOWS\system32\iexplorr11.dll  C:\WINDOWS\system32\iexplore.exe  C:\WINDOWS\system32\iemsg.dll  C:\WINDOWS\system32\ia.dll  C:\WINDOWS\system32\gws.dll  C:\WINDOWS\system32\gcasctrl.exe  C:\WINDOWS\system32\egdial.dll  C:\WINDOWS\system32\egdhtml_1027.dll  C:\WINDOWS\system32\egdhtml_1026.dll  C:\WINDOWS\system32\egdhtml_1025.dll  C:\WINDOWS\system32\egdhtml_1024.dll  C:\WINDOWS\system32\egdhtml_1023.dll  C:\WINDOWS\system32\duel.exe  C:\WINDOWS\system32\drbr.dll  C:\WINDOWS\system32\chgrgs.dll  C:\WINDOWS\system32\bundler_mpb_sb.exe  C:\WINDOWS\system32\bmeb.dll  C:\WINDOWS\system32\bho001.dll  C:\WINDOWS\system32\bho.dll  C:\WINDOWS\system32\belop.dll  C:\WINDOWS\system32\aupdate_uninstall.exe  C:\WINDOWS\system32\aupdate.exe  C:\WINDOWS\system32\absnro.dll  C:\WINDOWS\system32\abeb.dll  C:\WINDOWS\systb.exe  C:\WINDOWS\systb.dll  C:\WINDOWS\ssk.exe  C:\WINDOWS\snbho.exe  C:\WINDOWS\rgrt.exe  C:\WINDOWS\pxckdlauninstall.exe  C:\WINDOWS\pxckdla.exe  C:\WINDOWS\offerssk.exe  C:\WINDOWS\mscache.exe  C:\WINDOWS\mscache.dll  C:\WINDOWS\istsvc.exe  C:\WINDOWS\invitessk.exe  C:\WINDOWS\id.exe  C:\WINDOWS\exedialer.exe  C:\winstall.exe  C:\WINDOWS\zserv.dll  C:\WINDOWS\xpupdate.exe  C:\WINDOWS\voiceip.dll  C:\WINDOWS\system32\winxp.exe  C:\WINDOWS\system32\winhost.exe  C:\WINDOWS\system32\windll.exe  C:\WINDOWS\system32\twain32.dll  C:\WINDOWS\system32\psksds.dll  C:\WINDOWS\system32\prwsks.dll  C:\WINDOWS\system32\prw76sks.sys  C:\WINDOWS\system32\printpnp.dll  C:\WINDOWS\system32\openglss.dll  C:\WINDOWS\system32\obbn13t.dll  C:\WINDOWS\system32\nvms.dll  C:\WINDOWS\system32\nuclabdll.dll  C:\WINDOWS\system32\nkunpack.dll  C:\WINDOWS\system32\nclabydll.dll  C:\WINDOWS\system32\msupdate.exe  C:\WINDOWS\system32\msplg7.dll  C:\WINDOWS\system32\msbe.dll  C:\WINDOWS\system32\mmxeroxk.dll  C:\WINDOWS\system32\mdfpro.dll  C:\WINDOWS\system32\mcfg7a.dll  C:\WINDOWS\system32\mcfcc4.dll  C:\WINDOWS\system32\lsd_f3.dll  C:\WINDOWS\system32\logon16x.dll  C:\WINDOWS\system32\ipv6mons.dll  C:\WINDOWS\system32\iesdl4l.dll  C:\WINDOWS\system32\ies4dll.dll  C:\WINDOWS\system32\ideusr50.dll  C:\WINDOWS\system32\hpprintx.dll  C:\WINDOWS\system32\ginuerep.dll  C:\WINDOWS\system32\gdwxp3.dll  C:\WINDOWS\system32\gdiwxp.dll  C:\WINDOWS\system32\gatexkey.dll  C:\WINDOWS\system32\flashdrvr.dll  C:\WINDOWS\system32\extxerox.dll  C:\WINDOWS\system32\extfpu.dll  C:\WINDOWS\system32\emldvc.dll  C:\WINDOWS\system32\emesx.dll  C:\WINDOWS\system32\dxmpp.dll  C:\WINDOWS\system32\dvd4free.dll  C:\WINDOWS\system32\docent2.dll  C:\WINDOWS\system32\docent0.dll  C:\WINDOWS\system32\directut.dll  C:\WINDOWS\system32\directpt.dll  C:\WINDOWS\system32\ddirectz.dll  C:\WINDOWS\system32\bt848rom.dll  C:\WINDOWS\system32\bootconf.exe  C:\WINDOWS\system32\axdebugl.dll  C:\WINDOWS\system32\avload32.dll  C:\WINDOWS\system32\anti_troj.exe  C:\WINDOWS\sistem.exe  C:\WINDOWS\qttasks.exe  C:\WINDOWS\pynix.dll  C:\WINDOWS\olehelp.exe  C:\WINDOWS\mssvr.exe  C:\WINDOWS\msconfd.dll  C:\WINDOWS\iexplorer.exe  C:\WINDOWS\dlmax.dll  C:\WINDOWS\ctrlpan.dll  C:\WINDOWS\btgrab.dll  C:\WINDOWS\avpcc.dll  C:\WINDOWS\2020search2.dll  C:\WINDOWS\2020search.dll  C:\csrss.exe  C:\WINDOWS\system32\winupd.exe  C:\WINDOWS\system32\winsvc.exe  C:\WINDOWS\system32\svhost.exe  C:\WINDOWS\system32\svchost32.exe  C:\WINDOWS\system32\server.exe  C:\WINDOWS\svchost.exe  C:\WINDOWS\rundll16.exe  C:\WINDOWS\explore.exe  C:\WINDOWS\csrss.exe  Registry Keys to delete:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9A9307A0-7DA4-4DAF-B042-5009F29E09E1}HKEY_CLASSES_ROOT\CLSID\{9A9307A0-7DA4-4DAF-B042-5009F29E09E1}

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

3. Now, open the avenger folder and start The Avenger program by clicking on its icon.
  • Right click on the window under Input script here:, and select Paste.
  • You can also click on this window and press (Ctrl+V) to paste the contents of the clipboard.
  • Click on Execute
  • Answer "Yes" twice when prompted.
4. The Avenger will automatically do the following:
  • It will Restart your computer. ( In cases where the code to execute contains "Drivers to Delete", The Avenger will actually restart your system twice.)
  • On reboot, it will briefly open a black command window on your desktop, this is normal.
  • After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
  • The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.
5. Please copy/paste the content of c:\avenger.txt into your reply and ATTACH a fresh DSS main log .
  • 0

#230
kelkay
Posted 11 July 2008 - 09:27 AM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows XP (build 2600, Service Pack 3)
Fri Jul 11 10:21:53 2008

10:21:18: Error: Invalid registry syntax in command:
"HKEY_CLASSES_ROOT\CLSID\{9A9307A0-7DA4-4DAF-B042-5009F29E09E1}"
Only registry keys under the HKEY_LOCAL_MACHINE hive are accessible to this program.
Skipping line. (Registry key deletion mode)


//////////////////////////////////////////


Logfile of The Avenger Version 2.0, © by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

File "C:\Program Files\zsearch" deleted successfully.
File "C:\Program Files\zeropopupbar" deleted successfully.
File "C:\Program Files\zangoclient" deleted successfully.
File "C:\Program Files\zango games" deleted successfully.
File "C:\Program Files\xsoftware" deleted successfully.
File "C:\Program Files\xpcspy" deleted successfully.
File "C:\WINDOWS\isrvs" deleted successfully.
File "C:\temp_kl" deleted successfully.
File "C:\Program Files\winfixer 2005" deleted successfully.
File "C:\Program Files\winfavorites" deleted successfully.
File "C:\Program Files\windows adtools" deleted successfully.
File "C:\Program Files\windows adcontrol" deleted successfully.
File "C:\Program Files\win comm" deleted successfully.
File "C:\Program Files\whenu" deleted successfully.
File "C:\Program Files\web_rebates" deleted successfully.
File "C:\Program Files\web_cpr" deleted successfully.
File "C:\Program Files\vvsn" deleted successfully.
File "C:\Program Files\vvsdl" deleted successfully.
File "C:\Program Files\vomba" deleted successfully.
File "C:\Program Files\vmntoolbar" deleted successfully.
File "C:\Program Files\ts trial" deleted successfully.
File "C:\Program Files\topmoxie" deleted successfully.
File "C:\Program Files\sys detective+" deleted successfully.
File "C:\Program Files\surfsidekick" deleted successfully.
File "C:\Program Files\surfsidekick 2" deleted successfully.
File "C:\Program Files\superbar" deleted successfully.
File "C:\Program Files\netmeting" deleted successfully.
File "C:\Program Files\hpdll" deleted successfully.
File "C:\Program Files\Common Files\winsoftware" deleted successfully.
File "C:\Program Files\Common Files\ucontrol" deleted successfully.
File "C:\Program Files\autoupdate" deleted successfully.
File "C:\archivos de programa" deleted successfully.
File "C:\WINDOWS\winsecurity" deleted successfully.
File "C:\WINDOWS\connectionstatus" deleted successfully.
File "C:\spedia" deleted successfully.
File "C:\Program Files\valintines day card" deleted successfully.
File "C:\Program Files\swagent" deleted successfully.
File "C:\Program Files\stealthwatcher200" deleted successfully.
File "C:\Program Files\spytech software" deleted successfully.
File "C:\Program Files\spyonthis" deleted successfully.
File "C:\Program Files\spyblast" deleted successfully.
File "C:\Program Files\softomate" deleted successfully.
File "C:\Program Files\selectrebates" deleted successfully.
File "C:\Program Files\searchnet" deleted successfully.
File "C:\Program Files\searchlocate" deleted successfully.
File "C:\Program Files\screenview" deleted successfully.
File "C:\Program Files\p4p" deleted successfully.
File "C:\Program Files\ietoolbar" deleted successfully.
File "C:\Program Files\dynamic toolbar" deleted successfully.
File "C:\Program Files\Common Files\sogou pxp" deleted successfully.
File "C:\Program Files\startup mechanic" deleted successfully.
File "C:\Program Files\savenow" deleted successfully.
File "C:\Program Files\rxtoolbar" deleted successfully.
File "C:\Program Files\relevantknowledge" deleted successfully.
File "C:\Program Files\rax search helper" deleted successfully.
File "C:\Program Files\psupport" deleted successfully.
File "C:\Program Files\need2find" deleted successfully.
File "C:\Program Files\ncase" deleted successfully.
File "C:\Program Files\navexcel" deleted successfully.
File "C:\Program Files\navexcel search toolbar" deleted successfully.
File "C:\Program Files\mywebsearch" deleted successfully.
File "C:\Program Files\ezthemes_whenusavenow_installer" deleted successfully.
File "C:\Program Files\exolon" deleted successfully.
File "C:\Program Files\ddr" deleted successfully.
File "C:\Program Files\Common Files\nsis" deleted successfully.
File "C:\Program Files\arcade!" deleted successfully.
File "C:\WINDOWS\wintrim" deleted successfully.
File "C:\WINDOWS\winmgts" deleted successfully.
File "C:\WINDOWS\wincomp" deleted successfully.
File "C:\WINDOWS\navpmc" deleted successfully.
File "C:\WINDOWS\mc" deleted successfully.
File "C:\Program Files\support software" deleted successfully.
File "C:\Program Files\network essentials" deleted successfully.
File "C:\Program Files\medialoads" deleted successfully.
File "C:\Program Files\medialoads enhanced" deleted successfully.
File "C:\Program Files\media gateway" deleted successfully.
File "C:\Program Files\md" deleted successfully.
File "C:\WINDOWS\wqzq" deleted successfully.
File "C:\WINDOWS\wcby" deleted successfully.
File "C:\WINDOWS\ilookup" deleted successfully.
File "C:\Program Files\powersearch" deleted successfully.
File "C:\Program Files\perfectnav" deleted successfully.
File "C:\Program Files\lstsvc" deleted successfully.
File "C:\Program Files\kuaiso toolsbar" deleted successfully.
File "C:\Program Files\kgb keylogger" deleted successfully.
File "C:\Program Files\invisible secrets toolbar" deleted successfully.
File "C:\Program Files\instant buzz" deleted successfully.
File "C:\Program Files\instant access" deleted successfully.
File "C:\Program Files\install provider" deleted successfully.
File "C:\Program Files\instafink" deleted successfully.
File "C:\Program Files\incredifind" deleted successfully.
File "C:\Program Files\ebayshop" deleted successfully.
File "C:\Program Files\Common Files\updmgr" deleted successfully.
File "C:\Program Files\Common Files\updater" deleted successfully.
File "C:\Program Files\Common Files\keenvalue" deleted successfully.
File "C:\Program Files\security iguard" deleted successfully.
File "C:\Program Files\psguard" deleted successfully.
File "C:\Program Files\malwaresweeper.com" deleted successfully.
File "C:\Program Files\gator.com" deleted successfully.
File "C:\Program Files\emedia codec" deleted successfully.
File "C:\Program Files\data19" deleted successfully.
File "C:\Program Files\accoona" deleted successfully.
File "C:\Program Files\pcprivacysoftware.com" deleted successfully.
File "C:\Program Files\bulletproofsoft.com" deleted successfully.
File "C:\Program Files\adwareremovergold.com" deleted successfully.
File "C:\WINDOWS\system32\iedriver" deleted successfully.
File "C:\Program Files\system soap pro" deleted successfully.
File "C:\Program Files\search toolbar" deleted successfully.
File "C:\Program Files\httper" deleted successfully.
File "C:\Program Files\hotbar" deleted successfully.
File "C:\Program Files\homekeylogger" deleted successfully.
File "C:\Program Files\hbtools" deleted successfully.
File "C:\Program Files\hbinst" deleted successfully.
File "C:\Program Files\Common Files\wqzq" deleted successfully.
File "C:\Program Files\Common Files\msiets" deleted successfully.
File "C:\Program Files\Common Files\btlink" deleted successfully.
File "C:\Program Files\xmod" deleted successfully.
File "C:\Program Files\xml" deleted successfully.
File "C:\Program Files\vcom" deleted successfully.
File "C:\Program Files\sync manager demo" deleted successfully.
File "C:\Program Files\scom" deleted successfully.
File "C:\Program Files\reg2" deleted successfully.
File "C:\Program Files\pvm" deleted successfully.
File "C:\Program Files\primesoft" deleted successfully.
File "C:\Program Files\paymentone" deleted successfully.
File "C:\Program Files\gsr" deleted successfully.
File "C:\Program Files\gsoft" deleted successfully.
File "C:\Program Files\gmsoft" deleted successfully.
File "C:\Program Files\globe7" deleted successfully.
File "C:\Program Files\globaldialer" deleted successfully.
File "C:\Program Files\fwn toolbar" deleted successfully.
File "C:\Program Files\ftk" deleted successfully.
File "C:\Program Files\ftapp" deleted successfully.
File "C:\Program Files\fsw" deleted successfully.
File "C:\Program Files\flt" deleted successfully.
File "C:\Program Files\fln" deleted successfully.
File "C:\Program Files\flcp" deleted successfully.
File "C:\Program Files\fla" deleted successfully.
File "C:\Program Files\filesubmit" deleted successfully.
File "C:\Program Files\fen" deleted successfully.
File "C:\Program Files\dialers" deleted successfully.
File "C:\Program Files\browserenh" deleted successfully.
File "C:\windowsupdate" deleted successfully.
File "C:\WINDOWS\system32\fcyberalert" deleted successfully.
File "C:\WINDOWS\system32\f0r0r" deleted successfully.
File "C:\WINDOWS\system32\ctf" deleted successfully.
File "C:\WINDOWS\elitetoolbar" deleted successfully.
File "C:\WINDOWS\elitesidebar" deleted successfully.
File "C:\WINDOWS\elitebar" deleted successfully.
File "C:\Program Files\websearch" deleted successfully.
File "C:\Program Files\webrebates" deleted successfully.
File "C:\Program Files\fastseeker" deleted successfully.
File "C:\Program Files\ezurl" deleted successfully.
File "C:\Program Files\exploreanywhere" deleted successfully.
File "C:\Program Files\exact" deleted successfully.
File "C:\Program Files\ebatesmoemoneymaker" deleted successfully.
File "C:\Program Files\ebates_moemoneymaker" deleted successfully.
File "C:\Program Files\comsoft" deleted successfully.
File "C:\WINDOWS\system32\adcache" deleted successfully.
File "C:\WINDOWS\roodyc" deleted successfully.
File "C:\WINDOWS\explorer" deleted successfully.
File "C:\Program Files\real-tens" deleted successfully.
File "C:\Program Files\popcorn.net" deleted successfully.
File "C:\Program Files\movienetworks" deleted successfully.
File "C:\Program Files\mlh" deleted successfully.
File "C:\Program Files\medch" deleted successfully.
File "C:\Program Files\kfh" deleted successfully.
File "C:\Program Files\keylog" deleted successfully.
File "C:\Program Files\e2give" deleted successfully.
File "C:\Program Files\drivecleaner free" deleted successfully.
File "C:\Program Files\downloadware" deleted successfully.
File "C:\Program Files\downloadware engine" deleted successfully.
File "C:\Program Files\dealio" deleted successfully.
File "C:\Program Files\dealhelper" deleted successfully.
File "C:\Program Files\dateregon" deleted successfully.
File "C:\Program Files\date manager" deleted successfully.
File "C:\Program Files\commonname" deleted successfully.
File "C:\Program Files\Common Files\eacceleration" deleted successfully.
File "C:\Program Files\Common Files\drivecleaner free" deleted successfully.
File "C:\Program Files\Common Files\cpush" deleted successfully.
File "C:\e2g" deleted successfully.
File "C:\WINDOWS\winfj" deleted successfully.
File "C:\WINDOWS\syspi" deleted successfully.
File "C:\WINDOWS\sysbj" deleted successfully.
File "C:\WINDOWS\msew" deleted successfully.
File "C:\WINDOWS\ieoo" deleted successfully.
File "C:\WINDOWS\system32\services" deleted successfully.
File "C:\WINDOWS\configsys" deleted successfully.
File "C:\WINDOWS\coder" deleted successfully.
File "C:\Program Files\colej_uk design toolbar" deleted successfully.
File "C:\Program Files\clocksync" deleted successfully.
File "C:\Program Files\clipgenie" deleted successfully.
File "C:\WINDOWS\ctb3_shared" deleted successfully.
File "C:\Program Files\windowssa" deleted successfully.
File "C:\Program Files\tvs" deleted successfully.
File "C:\Program Files\rvp" deleted successfully.
File "C:\Program Files\lycos" deleted successfully.
File "C:\Program Files\letssearch" deleted successfully.
File "C:\Program Files\csbb" deleted successfully.
File "C:\Program Files\Common Files\psd tools" deleted successfully.
File "C:\Program Files\Common Files\gmt" deleted successfully.
File "C:\Program Files\Common Files\cmeii" deleted successfully.
File "C:\Program Files\cntrc" deleted successfully.
File "C:\Program Files\clientman" deleted successfully.
File "C:\Program Files\buddylinks.net" deleted successfully.
File "C:\Program Files\btv" deleted successfully.
File "C:\Program Files\brp" deleted successfully.
File "C:\Program Files\browser pal" deleted successfully.
File "C:\Program Files\bpt" deleted successfully.
File "C:\Program Files\bpc_search" deleted successfully.
File "C:\Program Files\bonzibuddy" deleted successfully.
File "C:\Program Files\bcpc" deleted successfully.
File "C:\WINDOWS\bde" deleted successfully.
File "C:\Program Files\funcade" deleted successfully.
File "C:\Program Files\cashback" deleted successfully.
File "C:\Program Files\cardcrazy" deleted successfully.
File "C:\Program Files\bde" deleted successfully.
File "C:\Program Files\bargain buddy" deleted successfully.

Error: could not delete file "C:\bde"
Deletion of file "C:\bde" failed!
Status: 0xc0000035 (STATUS_OBJECT_NAME_COLLISION)
--> another object exists already with the same name

File "C:\WINDOWS\system32\exefld" deleted successfully.
File "C:\Program Files\mediaring talk" deleted successfully.
File "C:\Program Files\backweb" deleted successfully.
File "C:\WINDOWS\system32\win type" deleted successfully.
File "C:\WINDOWS\system32\ide" deleted successfully.
File "C:\WINDOWS\system32\feeds" deleted successfully.
File "C:\WINDOWS\system32\dhcp32" deleted successfully.
File "C:\Program Files\the guard" deleted successfully.
File "C:\Program Files\sysal" deleted successfully.
File "C:\Program Files\netturbotrial" deleted successfully.
File "C:\Program Files\fs" deleted successfully.
File "C:\Program Files\cxtpls" deleted successfully.
File "C:\Program Files\Common Files\betterinternet" deleted successfully.
File "C:\Program Files\arcaderockstar" deleted successfully.
File "C:\Program Files\aproposclient" deleted successfully.
File "C:\Program Files\altnet" deleted successfully.
File "C:\Program Files\adstatus service" deleted successfully.
File "C:\Program Files\acetoolbar" deleted successfully.
File "C:\Program Files\abetterinternet" deleted successfully.
File "C:\Program Files\2search" deleted successfully.
File "C:\Program Files\securemypc" deleted successfully.
File "C:\Program Files\scanspyware v3.8.0.4" deleted successfully.
File "C:\Program Files\scan & repair utilities 2007" deleted successfully.
File "C:\Program Files\prvdef4.0" deleted successfully.
File "C:\Program Files\privacy crusader demo" deleted successfully.
File "C:\Program Files\privacy champion" deleted successfully.
File "C:\Program Files\pestbot" deleted successfully.
File "C:\Program Files\perfectcleaner" deleted successfully.
File "C:\Program Files\pcsecurityshield" deleted successfully.
File "C:\Program Files\pal spyrem" deleted successfully.
File "C:\Program Files\neospace" deleted successfully.
File "C:\Program Files\malwarewipers" deleted successfully.
File "C:\Program Files\killspy.net" deleted successfully.
File "C:\Program Files\btppdv2.2" deleted successfully.
File "C:\Program Files\winferno" deleted successfully.
File "C:\Program Files\softwaredoctor" deleted successfully.
File "C:\Program Files\secure pc solutions" deleted successfully.
File "C:\Program Files\scorpio software" deleted successfully.
File "C:\Program Files\kazaap" deleted successfully.
File "C:\Program Files\guardbar" deleted successfully.
File "C:\Program Files\goodbye spy" deleted successfully.
File "C:\Program Files\froggie scan demo" deleted successfully.
File "C:\Program Files\flobo spyware clean" deleted successfully.
File "C:\Program Files\fix my registry" deleted successfully.
File "C:\Program Files\expertantivirus" deleted successfully.
File "C:\Program Files\easy erase spyware remover" deleted successfully.
File "C:\Program Files\curepcsolution" deleted successfully.
File "C:\Program Files\codeclean2007" deleted successfully.
File "C:\Program Files\cleanx2007" deleted successfully.
File "C:\Program Files\bps remover" deleted successfully.
File "C:\Program Files\beclean" deleted successfully.
File "C:\Program Files\antivirusgoldenpro" deleted successfully.
File "C:\Program Files\antivirus solution" deleted successfully.
File "C:\Program Files\antispyzone 5.0" deleted successfully.
File "C:\Program Files\allume systems" deleted successfully.
File "C:\Program Files\adwareX eliminator" deleted successfully.
File "C:\Program Files\adware spyWare removal" deleted successfully.
File "C:\Program Files\adware remover" deleted successfully.
File "C:\Program Files\adware agent" deleted successfully.
File "C:\Program Files\ads adware remover" deleted successfully.
File "C:\Program Files\ad armor" deleted successfully.
File "C:\Program Files\1stantivirus" deleted successfully.
File "C:\Program Files\#1spywarekillerv2.1" deleted successfully.
File "C:\Program Files\dealhelper.com inc" deleted successfully.
File "C:\Program Files\websnitch v3.0" deleted successfully.
File "C:\Documents and Settings\Kelly\Application Data\wklnhst.dat" deleted successfully.
Folder "C:\Documents and Settings\Kelly\Application Data\abelhadigital.com" deleted successfully.
Folder "C:\Documents and Settings\All Users\Application Data\abelhadigital.com" deleted successfully.
Folder "C:\found.000" deleted successfully.
Folder "C:\WINDOWS\winupie.exe" deleted successfully.
Folder "C:\WINDOWS\winmuschi.exe" deleted successfully.
Folder "C:\WINDOWS\updatewinlocator.exe" deleted successfully.
Folder "C:\WINDOWS\system32\zp.dll" deleted successfully.
Folder "C:\WINDOWS\system32\zeropopupbar.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winwsl.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wintft.dll" deleted successfully.
Folder "C:\WINDOWS\system32\wintbpx.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wintbp.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winshow.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winsb.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winrvl.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winpup32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winpup.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winlocatorhelper.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winlocator.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winksl.exe" deleted successfully.
Folder "C:\WINDOWS\system32\update.exe" deleted successfully.
Folder "C:\WINDOWS\system32\systemout.exe" deleted successfully.
Folder "C:\WINDOWS\system32\sysdll32.dll" deleted successfully.
Folder "C:\WINDOWS\system32\servises.exe" deleted successfully.
Folder "C:\WINDOWS\system32\rx.exe" deleted successfully.
Folder "C:\WINDOWS\system32\regperf.exe" deleted successfully.
Folder "C:\WINDOWS\system32\pup.exe" deleted successfully.
Folder "C:\WINDOWS\system32\pnp.exe" deleted successfully.
Folder "C:\WINDOWS\system32\per.exe" deleted successfully.
Folder "C:\WINDOWS\system32\nvctrl.exe" deleted successfully.
Folder "C:\WINDOWS\system32\norton update.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mssearchnet.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msmsgs.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mscornet.exe" deleted successfully.
Folder "C:\WINDOWS\system32\issearch.exe" deleted successfully.
Folder "C:\WINDOWS\system32\isnotify.exe" deleted successfully.
Folder "C:\WINDOWS\system32\ismon.exe" deleted successfully.
Folder "C:\WINDOWS\system32\ishost.exe" deleted successfully.
Folder "C:\WINDOWS\system32\dfrgsrv.exe" deleted successfully.
Folder "C:\WINDOWS\system32\df_kme.exe" deleted successfully.
Folder "C:\WINDOWS\system32\dcomcfg.exe" deleted successfully.
Folder "C:\WINDOWS\system32\csm.exe" deleted successfully.
Folder "C:\WINDOWS\system32\botzor.exe" deleted successfully.
Folder "C:\WINDOWS\system32\axconfig.dll" deleted successfully.
Folder "C:\WINDOWS\system32\4ccc3cea.exe" deleted successfully.
Folder "C:\WINDOWS\pnpasn32.exe" deleted successfully.
Folder "C:\WINDOWS\hpsv.exe" deleted successfully.
Folder "C:\WINDOWS\cdproxyserv.exe" deleted successfully.
Folder "C:\WINDOWS\windowsupd4.exe" deleted successfully.
Folder "C:\WINDOWS\windowsupd2.exe" deleted successfully.
Folder "C:\WINDOWS\windowsupd1.exe" deleted successfully.
Folder "C:\WINDOWS\vx2.dll" deleted successfully.
Folder "C:\WINDOWS\t2serv.exe" deleted successfully.
Folder "C:\WINDOWS\t2serv.dll" deleted successfully.
Folder "C:\WINDOWS\system32\zlbw.dll" deleted successfully.
Folder "C:\WINDOWS\system32\wshtlprh.dll" deleted successfully.
Folder "C:\WINDOWS\system32\wshnseri.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winntcreate.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winftsap.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winftsap.dll" deleted successfully.
Folder "C:\WINDOWS\system32\wincom32.sys" deleted successfully.
Folder "C:\WINDOWS\system32\w3sskbda.dll" deleted successfully.
Folder "C:\WINDOWS\system32\vx2.dll" deleted successfully.
Folder "C:\WINDOWS\system32\vwix32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\vsxmpgpc.dll" deleted successfully.
Folder "C:\WINDOWS\system32\vnetsmme.dll" deleted successfully.
Folder "C:\WINDOWS\system32\vb5dmspo.dll" deleted successfully.
Folder "C:\WINDOWS\system32\v4pbpt51.dll" deleted successfully.
Folder "C:\WINDOWS\system32\uninmyad.exe" deleted successfully.
Folder "C:\WINDOWS\system32\trafracp.dll" deleted successfully.
Folder "C:\WINDOWS\system32\tps108.dll" deleted successfully.
Folder "C:\WINDOWS\system32\tisa.dll" deleted successfully.
Folder "C:\WINDOWS\system32\tips.exe" deleted successfully.
Folder "C:\WINDOWS\system32\tippcls.dat" deleted successfully.
Folder "C:\WINDOWS\system32\tipp.dat" deleted successfully.
Folder "C:\WINDOWS\system32\timesrv.exe" deleted successfully.
Folder "C:\WINDOWS\system32\ticont.dll" deleted successfully.
Folder "C:\WINDOWS\system32\ticads.exe" deleted successfully.
Folder "C:\WINDOWS\system32\tconini.dat" deleted successfully.
Folder "C:\WINDOWS\system32\sysmonnt.exe" deleted successfully.
Folder "C:\WINDOWS\system32\spwgoc.exe" deleted successfully.
Folder "C:\WINDOWS\system32\snmpmssw.exe" deleted successfully.
Folder "C:\WINDOWS\system32\slbrmqtr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\slbipsch.exe" deleted successfully.
Folder "C:\WINDOWS\system32\slbipsch.dll" deleted successfully.
Folder "C:\WINDOWS\system32\shfoxpob.exe" deleted successfully.
Folder "C:\WINDOWS\system32\secumsje.exe" deleted successfully.
Folder "C:\WINDOWS\system32\se.exe" deleted successfully.
Folder "C:\WINDOWS\system32\sd16win.dll" deleted successfully.
Folder "C:\WINDOWS\system32\scp3jgaw.dll" deleted successfully.
Folder "C:\WINDOWS\system32\rvreg.exe" deleted successfully.
Folder "C:\WINDOWS\system32\rulesak.dll" deleted successfully.
Folder "C:\WINDOWS\system32\rdpwmsjt.exe" deleted successfully.
Folder "C:\WINDOWS\system32\rcbdwmpd.dll" deleted successfully.
Folder "C:\WINDOWS\system32\qdvtscf.dll" deleted successfully.
Folder "C:\WINDOWS\system32\ppl.exe" deleted successfully.
Folder "C:\WINDOWS\system32\oebdfc.dll" deleted successfully.
Folder "C:\WINDOWS\system32\nordsys.exe" deleted successfully.
Folder "C:\WINDOWS\system32\myad.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msview.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msnavc32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\messenger.lib.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lut.dat" deleted successfully.
Folder "C:\WINDOWS\system32\lspak.dll" deleted successfully.
Folder "C:\WINDOWS\system32\localnrd.dll" deleted successfully.
Folder "C:\WINDOWS\system32\lcch.dat" deleted successfully.
Folder "C:\WINDOWS\system32\ladchkr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\host.dll" deleted successfully.
Folder "C:\WINDOWS\system32\hook2.dll" deleted successfully.
Folder "C:\WINDOWS\system32\hook1.dll" deleted successfully.
Folder "C:\WINDOWS\system32\google.png.exe" deleted successfully.
Folder "C:\WINDOWS\system32\gdu.dll" deleted successfully.
Folder "C:\WINDOWS\system32\game3.exe" deleted successfully.
Folder "C:\WINDOWS\system32\game2.exe" deleted successfully.
Folder "C:\WINDOWS\system32\game1.exe" deleted successfully.
Folder "C:\WINDOWS\system32\dad.bat" deleted successfully.
Folder "C:\WINDOWS\system32\cidrules.dll" deleted successfully.
Folder "C:\WINDOWS\system32\bridge.dll" deleted successfully.
Folder "C:\WINDOWS\system32\alsys.exe" deleted successfully.
Folder "C:\WINDOWS\system32\adchkr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\a.exe" deleted successfully.
Folder "C:\WINDOWS\system32\6fo4svc.dll" deleted successfully.
Folder "C:\WINDOWS\sserrvv.exe" deleted successfully.
Folder "C:\WINDOWS\serrv.exe" deleted successfully.
Folder "C:\WINDOWS\reggserv.exe" deleted successfully.
Folder "C:\WINDOWS\psapi.dll" deleted successfully.
Folder "C:\WINDOWS\msupdtwiz.exe" deleted successfully.
Folder "C:\WINDOWS\kernellos.dll" deleted successfully.
Folder "C:\WINDOWS\iehelper.dll" deleted successfully.
Folder "C:\WINDOWS\cserv32.exe" deleted successfully.
Folder "C:\WINDOWS\cleanhistories.dll" deleted successfully.
Folder "C:\WINDOWS\ccsserv.exe" deleted successfully.
Folder "C:\WINDOWS\ads.js" deleted successfully.
Folder "C:\WINDOWS\waladhpr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\xkrdk.dll" deleted successfully.
Folder "C:\WINDOWS\system32\wzhelper.dll" deleted successfully.
Folder "C:\WINDOWS\system32\wiatwain.dll" deleted successfully.
Folder "C:\WINDOWS\system32\webalize.dll" deleted successfully.
Folder "C:\WINDOWS\system32\unsocul.exe" deleted successfully.
Folder "C:\WINDOWS\system32\somatic.dll" deleted successfully.
Folder "C:\WINDOWS\system32\sodahk.dll" deleted successfully.
Folder "C:\WINDOWS\system32\socul.dll" deleted successfully.
Folder "C:\WINDOWS\system32\smdnn05.dll" deleted successfully.
Folder "C:\WINDOWS\system32\servehost.exe" deleted successfully.
Folder "C:\WINDOWS\system32\seqsb.dll" deleted successfully.
Folder "C:\WINDOWS\system32\searchupdate33.exe" deleted successfully.
Folder "C:\WINDOWS\system32\searchupdate31.exe" deleted successfully.
Folder "C:\WINDOWS\system32\searchsquire33.dll" deleted successfully.
Folder "C:\WINDOWS\system32\searchsquire3.dll" deleted successfully.
Folder "C:\WINDOWS\system32\searchsquire2.dll" deleted successfully.
Folder "C:\WINDOWS\system32\searchsquire.dll" deleted successfully.
Folder "C:\WINDOWS\system32\seantb.dll" deleted successfully.
Folder "C:\WINDOWS\system32\s4helper.dll" deleted successfully.
Folder "C:\WINDOWS\system32\replmap.dll" deleted successfully.
Folder "C:\WINDOWS\system32\reg2.exe" deleted successfully.
Folder "C:\WINDOWS\system32\pqhelper.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mygeek.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msstersv.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msqsb.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msnsxole.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msnsxole.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mslspcg.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mslsicwd.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msexcred.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msafiasn.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mqoacdmo.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mqadscp3.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mgmtmtxc.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mgeekremove.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mcd3mscm.dll" deleted successfully.
Folder "C:\WINDOWS\system32\lmrtatkc.dll" deleted successfully.
Folder "C:\WINDOWS\system32\kbdpkbdr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\kbdfwshe.exe" deleted successfully.
Folder "C:\WINDOWS\system32\jgsdrpcn.exe" deleted successfully.
Folder "C:\WINDOWS\system32\jgsdrpcn.dll" deleted successfully.
Folder "C:\WINDOWS\system32\jgdwadsn.exe" deleted successfully.
Folder "C:\WINDOWS\system32\jgdwadsn.dll" deleted successfully.
Folder "C:\WINDOWS\system32\iuennwcf.dll" deleted successfully.
Folder "C:\WINDOWS\system32\ir32racp.exe" deleted successfully.
Folder "C:\WINDOWS\system32\ipxwshel.exe" deleted successfully.
Folder "C:\WINDOWS\system32\ipxrmfc4.dll" deleted successfully.
Folder "C:\WINDOWS\system32\imesrdch.exe" deleted successfully.
Folder "C:\WINDOWS\system32\ifsomatic.dll" deleted successfully.
Folder "C:\WINDOWS\system32\ifhelper.dll" deleted successfully.
Folder "C:\WINDOWS\system32\iebrw.dll" deleted successfully.
Folder "C:\WINDOWS\system32\icmpdx3j.dll" deleted successfully.
Folder "C:\WINDOWS\system32\iaspdpus.dll" deleted successfully.
Folder "C:\WINDOWS\system32\i4n27vl.exe" deleted successfully.
Folder "C:\WINDOWS\system32\hotlink.dll" deleted successfully.
Folder "C:\WINDOWS\system32\homepage.dll" deleted successfully.
Folder "C:\WINDOWS\system32\hmepge.dll" deleted successfully.
Folder "C:\WINDOWS\system32\higehsg.dll" deleted successfully.
Folder "C:\WINDOWS\system32\hhselz32.dll" deleted successfully.
Folder "C:\WINDOWS\system32\gsim.dll" deleted successfully.
Folder "C:\WINDOWS\system32\fltlauto.exe" deleted successfully.
Folder "C:\WINDOWS\system32\fileserv.dll" deleted successfully.
Folder "C:\WINDOWS\system32\e1.dll" deleted successfully.
Folder "C:\WINDOWS\system32\dsseds32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\dsseds32.dll" deleted successfully.
Folder "C:\WINDOWS\system32\dpugmswe.dll" deleted successfully.
Folder "C:\WINDOWS\system32\dnsrxpob.exe" deleted successfully.
Folder "C:\WINDOWS\system32\deskmcd3.dll" deleted successfully.
Folder "C:\WINDOWS\system32\ddemdmco.dll" deleted successfully.
Folder "C:\WINDOWS\system32\davctool.exe" deleted successfully.
Folder "C:\WINDOWS\system32\davctool.dll" deleted successfully.
Folder "C:\WINDOWS\system32\confbrw.dll" deleted successfully.
Folder "C:\WINDOWS\system32\comrkbdd.exe" deleted successfully.
Folder "C:\WINDOWS\system32\comploader.dll" deleted successfully.
Folder "C:\WINDOWS\system32\chkmfdep.exe" deleted successfully.
Folder "C:\WINDOWS\system32\camodpnm.exe" deleted successfully.
Folder "C:\WINDOWS\system32\brwstat.dll" deleted successfully.
Folder "C:\WINDOWS\system32\brwprf32.dll" deleted successfully.
Folder "C:\WINDOWS\system32\brwperf.exe" deleted successfully.
Folder "C:\WINDOWS\system32\brwmgr32.dll" deleted successfully.
Folder "C:\WINDOWS\system32\brwconf.exe" deleted successfully.
Folder "C:\WINDOWS\system32\barbho.dll" deleted successfully.
Folder "C:\WINDOWS\system32\avifipxr.dll" deleted successfully.
Folder "C:\WINDOWS\system32\admeiolo.dll" deleted successfully.
Folder "C:\WINDOWS\system32\actidmoc.exe" deleted successfully.
Folder "C:\WINDOWS\svrmgr.exe" deleted successfully.
Folder "C:\WINDOWS\ssmsgr.exe" deleted successfully.
Folder "C:\WINDOWS\ssls.exe" deleted successfully.
Folder "C:\WINDOWS\ssdgt.exe" deleted successfully.
Folder "C:\WINDOWS\sscrg.exe" deleted successfully.
Folder "C:\WINDOWS\gsim.dll" deleted successfully.
Folder "C:\WINDOWS\cssswd.exe" deleted successfully.
Folder "C:\WINDOWS\csssupd.exe" deleted successfully.
Folder "C:\WINDOWS\adrsb.exe" deleted successfully.
Folder "C:\WINDOWS\wserver.exe" deleted successfully.
Folder "C:\WINDOWS\winlogon.scr" deleted successfully.
Folder "C:\WINDOWS\winlogon.exe" deleted successfully.
Folder "C:\WINDOWS\visualguard.exe" deleted successfully.
Folder "C:\WINDOWS\userconfig9x.dll" deleted successfully.
Folder "C:\WINDOWS\system32\xpfirewall.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wpwmgrs.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winvnc.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wintasker.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winsyscfg.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winsys32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winsys.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winsvc32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winstart.pif" deleted successfully.
Folder "C:\WINDOWS\system32\winnt.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wininfo.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winhlpapi.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wingmt32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winds.exe" deleted successfully.
Folder "C:\WINDOWS\system32\windowz.exe" deleted successfully.
Folder "C:\WINDOWS\system32\windowsfirewall.exe" deleted successfully.
Folder "C:\WINDOWS\system32\windasz-updote.exe" deleted successfully.
Folder "C:\WINDOWS\system32\win32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\win24.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wid32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wfdmgr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wfdgmr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wdns33.exe" deleted successfully.
Folder "C:\WINDOWS\system32\w32ntupdt.exe" deleted successfully.
Folder "C:\WINDOWS\system32\w1nt5k.exe" deleted successfully.
Folder "C:\WINDOWS\system32\vlcx052.dll" deleted successfully.
Folder "C:\WINDOWS\system32\twunk_65.exe" deleted successfully.
Folder "C:\WINDOWS\system32\timemanager.exe" deleted successfully.
Folder "C:\WINDOWS\system32\taskgmr32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\taskgmr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\taskgamr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\tagmr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\sysconf.exe" deleted successfully.
Folder "C:\WINDOWS\system32\sword.exe" deleted successfully.
Folder "C:\WINDOWS\system32\svshost.exe" deleted successfully.
Folder "C:\WINDOWS\system32\stagmr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\speeder.exe" deleted successfully.
Folder "C:\WINDOWS\system32\sp2winfix.exe" deleted successfully.
Folder "C:\WINDOWS\system32\sp2fx.exe" deleted successfully.
Folder "C:\WINDOWS\system32\slpube03.dll" deleted successfully.
Folder "C:\WINDOWS\system32\shnlog.exe" deleted successfully.
Folder "C:\WINDOWS\system32\rlvknlg.exe" deleted successfully.
Folder "C:\WINDOWS\system32\rkinstaller.exe" deleted successfully.
Folder "C:\WINDOWS\system32\rk.exe" deleted successfully.
Folder "C:\WINDOWS\system32\optserve.exe" deleted successfully.
Folder "C:\WINDOWS\system32\optserve.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mstc.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msplus4.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msplus3.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msplus2.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msplus1.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msplus.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msclt.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mrkscr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lp.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lp.dll" deleted successfully.
Folder "C:\WINDOWS\system32\intmon.exe" deleted successfully.
Folder "C:\WINDOWS\system32\auole4.dll" deleted successfully.
Folder "C:\WINDOWS\sysmonxp.exe" deleted successfully.
Folder "C:\WINDOWS\symav.exe" deleted successfully.
Folder "C:\WINDOWS\switpb.exe" deleted successfully.
Folder "C:\WINDOWS\switpa.exe" deleted successfully.
Folder "C:\WINDOWS\skynetave.exe" deleted successfully.
Folder "C:\WINDOWS\services.exe" deleted successfully.
Folder "C:\WINDOWS\rundil32.exe" deleted successfully.
Folder "C:\WINDOWS\rundil.exe" deleted successfully.
Folder "C:\WINDOWS\phantom.exe" deleted successfully.
Folder "C:\WINDOWS\pandaavengine.exe" deleted successfully.
Folder "C:\WINDOWS\netmedia.exe" deleted successfully.
Folder "C:\WINDOWS\napatch.exe" deleted successfully.
Folder "C:\WINDOWS\msnmsgrs.exe" deleted successfully.
Folder "C:\WINDOWS\maja.exe" deleted successfully.
Folder "C:\WINDOWS\lsasss.exe" deleted successfully.
Folder "C:\WINDOWS\lansas.exe" deleted successfully.
Folder "C:\WINDOWS\kasperskyaveng.exe" deleted successfully.
Folder "C:\WINDOWS\jammer2nd.exe" deleted successfully.
Folder "C:\WINDOWS\infodll.dll" deleted successfully.
Folder "C:\WINDOWS\fvprotect.exe" deleted successfully.
Folder "C:\WINDOWS\fooding.exe" deleted successfully.
Folder "C:\WINDOWS\firewallsvr.exe" deleted successfully.
Folder "C:\WINDOWS\easyav.exe" deleted successfully.
Folder "C:\WINDOWS\diskmonitor.exe" deleted successfully.
Folder "C:\WINDOWS\comp.cpl" deleted successfully.
Folder "C:\WINDOWS\cfg32s.dll" deleted successfully.
Folder "C:\WINDOWS\cfg32r.dll" deleted successfully.
Folder "C:\WINDOWS\cfg32o.dll" deleted successfully.
Folder "C:\WINDOWS\cfg32.exe" deleted successfully.
Folder "C:\WINDOWS\avserve3.exe" deleted successfully.
Folder "C:\WINDOWS\avserve2.exe" deleted successfully.
Folder "C:\WINDOWS\avprotect9x.exe" deleted successfully.
Folder "C:\WINDOWS\avprotect.exe" deleted successfully.
Folder "C:\WINDOWS\avpguard.exe" deleted successfully.
Folder "C:\WINDOWS\avguard.exe" deleted successfully.
Folder "C:\WINDOWS\avbgle.exe" deleted successfully.
Folder "C:\winssystem.exe" deleted successfully.
Folder "C:\WINDOWS\unstall.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winnb60.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winnb58.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winnb57.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winnb56.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winnb52.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winnb51.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winnb42.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winnb41.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winnb40.dll" deleted successfully.
Folder "C:\WINDOWS\system32\windmy.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winats.dll" deleted successfully.
Folder "C:\WINDOWS\system32\vtlbar1.dll" deleted successfully.
Folder "C:\WINDOWS\system32\tubby.dll" deleted successfully.
Folder "C:\WINDOWS\system32\tbc.dll" deleted successfully.
Folder "C:\WINDOWS\system32\sys.exe" deleted successfully.
Folder "C:\WINDOWS\system32\skybot.exe" deleted successfully.
Folder "C:\WINDOWS\system32\shell.exe" deleted successfully.
Folder "C:\WINDOWS\system32\service5.exe" deleted successfully.
Folder "C:\WINDOWS\system32\sd.exe" deleted successfully.
Folder "C:\WINDOWS\system32\scvhost32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\scrigz.exe" deleted successfully.
Folder "C:\WINDOWS\system32\scalpe91.exe" deleted successfully.
Folder "C:\WINDOWS\system32\rundll.exe" deleted successfully.
Folder "C:\WINDOWS\system32\remote.exe" deleted successfully.
Folder "C:\WINDOWS\system32\protection.exe" deleted successfully.
Folder "C:\WINDOWS\system32\plugnplay32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\picx.exe" deleted successfully.
Folder "C:\WINDOWS\system32\phantom.exe" deleted successfully.
Folder "C:\WINDOWS\system32\patch31345.exe" deleted successfully.
Folder "C:\WINDOWS\system32\osalogbe.exe" deleted successfully.
Folder "C:\WINDOWS\system32\nn_bar31.dll" deleted successfully.
Folder "C:\WINDOWS\system32\nn_bar22.dll" deleted successfully.
Folder "C:\WINDOWS\system32\nn_bar21.dll" deleted successfully.
Folder "C:\WINDOWS\system32\nn_bar.dll" deleted successfully.
Folder "C:\WINDOWS\system32\netcog.exe" deleted successfully.
Folder "C:\WINDOWS\system32\nas.dll" deleted successfully.
Folder "C:\WINDOWS\system32\myaccess.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mtrnqs.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mtc.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mswins.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mssck.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msplus32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msnl.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msmgrxp.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msklive.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msgmr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msegcompid.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msdev32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msapasrc.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msa64chk.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mouse.exe" deleted successfully.
Folder "C:\WINDOWS\system32\microupdate.exe" deleted successfully.
Folder "C:\WINDOWS\system32\microsystem.exe" deleted successfully.
Folder "C:\WINDOWS\system32\memloader.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mcscn.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mapisvc32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mailinfo.exe" deleted successfully.
Folder "C:\WINDOWS\system32\madise.dll" deleted successfully.
Folder "C:\WINDOWS\system32\logitechwls.exe" deleted successfully.
Folder "C:\WINDOWS\system32\logic.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lienvdk.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lienvandekelder.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lientjeuh.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lien vd kelder.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lien vande kelder.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lien Van de kelderrr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lien van de kelder.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lcd32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\jusched32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\itunegui.exe" deleted successfully.
Folder "C:\WINDOWS\system32\internet.exe" deleted successfully.
Folder "C:\WINDOWS\system32\iexplorer.exe" deleted successfully.
Folder "C:\WINDOWS\system32\hostdrvxp.exe" deleted successfully.
Folder "C:\WINDOWS\system32\hbmail.exe" deleted successfully.
Folder "C:\WINDOWS\system32\gothica.exe" deleted successfully.
Folder "C:\WINDOWS\system32\fixupdattr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\evil.exe" deleted successfully.
Folder "C:\WINDOWS\system32\ds.exe" deleted successfully.
Folder "C:\WINDOWS\system32\dll.dll" deleted successfully.
Folder "C:\WINDOWS\system32\dcomuser.exe" deleted successfully.
Folder "C:\WINDOWS\system32\coolbot.exe" deleted successfully.
Folder "C:\WINDOWS\system32\ccsrs.exe" deleted successfully.
Folder "C:\WINDOWS\system32\avpr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\adv.dll" deleted successfully.
Folder "C:\WINDOWS\system32\abs.exe" deleted successfully.
Folder "C:\WINDOWS\system32\666.exe" deleted successfully.
Folder "C:\WINDOWS\system32\1hellbot.exe" deleted successfully.
Folder "C:\WINDOWS\system32\0.exe" deleted successfully.
Folder "C:\WINDOWS\patch31345.exe" deleted successfully.
Folder "C:\WINDOWS\msnarrator.exe" deleted successfully.
Folder "C:\WINDOWS\mrhop.dll" deleted successfully.
Folder "C:\WINDOWS\mpgcom.dll" deleted successfully.
Folder "C:\WINDOWS\mmups.exe" deleted successfully.
Folder "C:\WINDOWS\mm63.ocx" deleted successfully.
Folder "C:\WINDOWS\mm21.ocx" deleted successfully.
Folder "C:\WINDOWS\mm20.ocx" deleted successfully.
Folder "C:\WINDOWS\imgurla.exe" deleted successfully.
Folder "C:\WINDOWS\iempg2.dll" deleted successfully.
Folder "C:\WINDOWS\iempg.dll" deleted successfully.
Folder "C:\WINDOWS\a64sddd.exe" deleted successfully.
Folder "C:\hellmsn.exe" deleted successfully.
Folder "C:\WINDOWS\xwrm.exe" deleted successfully.
Folder "C:\WINDOWS\winserv.exe" deleted successfully.
Folder "C:\WINDOWS\winobject.dll" deleted successfully.
Folder "C:\WINDOWS\wdskctl.exe" deleted successfully.
Folder "C:\WINDOWS\ts.exe" deleted successfully.
Folder "C:\WINDOWS\system32\zopenssl.dll" deleted successfully.
Folder "C:\WINDOWS\system32\yvsvga.sys" deleted successfully.
Folder "C:\WINDOWS\system32\yvsvga.dll" deleted successfully.
Folder "C:\WINDOWS\system32\yvprgb.dll" deleted successfully.
Folder "C:\WINDOWS\system32\yvpp02.sys" deleted successfully.
Folder "C:\WINDOWS\system32\xcdmfree.dll" deleted successfully.
Folder "C:\WINDOWS\system32\wndtx1.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winstart001.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winstart.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winsrm32.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winenc32.dll" deleted successfully.
Folder "C:\WINDOWS\system32\windowsie.dll" deleted successfully.
Folder "C:\WINDOWS\system32\windec32.dll" deleted successfully.
Folder "C:\WINDOWS\system32\wgavm.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wgareg.exe" deleted successfully.
Folder "C:\WINDOWS\system32\waeb.dll" deleted
  • 0

#231
kelkay
Posted 11 July 2008 - 09:36 AM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
Deckard's System Scanner v20071014.68
Run by Kelly on 2008-07-11 10:29:16
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Kelly.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:30:06, on 7/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Documents and Settings\Kelly\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Kelly.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O3 - Toolbar: WebFerret - {A58686ED-FC46-44C3-95C6-4A812AB776F1} - C:\Program Files\FerretSoft\WebFerret\FerretBand.dll
O4 - HKLM\..\Run: [SmartDefrag] "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [HostsMan] "C:\Program Files\HostsMan\hm.exe" -s
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - S-1-5-18 Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\system32\wweb32.dll/lookup.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (file missing)
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative....030/CTSUEng.cab
O16 - DPF: {127CE7BA-AD89-4108-A913-C52EFC037C36} (OMN Player Support) - http://kdx.omn.org/s...ayerSupport.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewid...oOnlineScan.cab
O16 - DPF: {2776DDE9-D4B2-4BF7-9F98-ADC1A1B80AF5} (OMN Media Publisher) - http://kdx.omn.org/s...iaPublisher.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://www.shockwave...h2.1.0.0.67.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1165348971449
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative....15030/CTPID.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sansa Updater Service (SansaService) - Unknown owner - C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe

--
End of file - 9100 bytes

-- Files created between 2008-06-11 and 2008-07-11 -----------------------------

2008-07-11 10:24:46 0 d-------- C:\Documents and Settings\Kelly\Application Data\abelhadigital.com
2008-07-11 10:24:46 0 d-------- C:\Documents and Settings\All Users\Application Data\abelhadigital.com
2008-07-11 10:21:50 6735236 --a------ C:\backup.reg
2008-07-09 19:58:38 135168 --a------ C:\zip.exe
2008-07-09 19:58:38 19286 --a------ C:\cleanup.exe
2008-07-09 19:58:38 574 --a------ C:\cleanup.bat
2008-07-09 18:45:48 0 d-------- C:\Documents and Settings\Kelly\Application Data\OnlineArmor
2008-07-09 18:45:48 0 d-------- C:\Documents and Settings\All Users\Application Data\OnlineArmor
2008-07-09 18:45:34 28872 --a------ C:\WINDOWS\system32\drivers\oanet.sys
2008-07-09 18:45:34 25600 --a------ C:\WINDOWS\system32\drivers\OAmon.sys
2008-07-09 18:45:34 75776 --a------ C:\WINDOWS\system32\drivers\OADriver.sys
2008-07-09 18:45:34 0 d-------- C:\Program Files\Tall Emu
2008-07-05 11:07:34 449462 --a------ C:\HaxFix.exe <Not Verified; Marckie; >
2008-07-04 14:02:01 0 d-------- C:\Program Files\HostsMan
2008-07-03 22:34:18 0 d-------- C:\Program Files\HD Tune
2008-07-01 01:15:01 0 d-------- C:\WINDOWS\Prefetch
2008-07-01 01:04:25 0 d-------- C:\WINDOWS\system32\scripting
2008-07-01 01:04:24 0 d-------- C:\WINDOWS\system32\en
2008-07-01 01:04:24 0 d-------- C:\WINDOWS\l2schemas
2008-07-01 01:04:23 0 d-------- C:\WINDOWS\system32\bits
2008-07-01 01:02:31 0 d-------- C:\WINDOWS\ServicePackFiles
2008-06-28 14:40:13 0 d-------- C:\Documents and Settings\All Users\Application Data\ESET
2008-06-28 11:59:58 39424 --a------ C:\WINDOWS\zipinst.exe <Not Verified; NirSoft; ZipInstaller>
2008-06-27 23:32:13 0 d-------- C:\Program Files\Common Files\Java
2008-06-23 17:06:15 0 d-------- C:\WINDOWS\ERUNT
2008-06-15 21:31:48 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-06-15 21:31:41 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-06-15 21:31:41 0 d-------- C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com
2008-06-12 15:35:16 0 d-------- C:\Program Files\iPod
2008-06-12 15:35:06 0 d-------- C:\Program Files\iTunes
2008-06-12 15:34:02 0 d-------- C:\Program Files\QuickTime
2008-06-12 15:32:24 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-06-12 15:29:32 0 d-------- C:\Program Files\Apple Software Update
2008-06-12 15:29:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple


-- Find3M Report ---------------------------------------------------------------

2008-07-11 10:22:55 0 d-------- C:\Program Files\Common Files
2008-07-09 21:00:44 0 d-------- C:\Program Files\HP
2008-07-09 20:52:11 0 d-------- C:\Program Files\kontiki
2008-07-09 16:03:50 0 d-------- C:\Program Files\SpywareGuard
2008-07-09 14:19:25 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-07-08 10:05:32 118784 --a------ C:\WINDOWS\SeaMonkeyUninstall.exe
2008-07-08 10:05:32 16267 --a------ C:\WINDOWS\mozver.dat
2008-07-08 10:05:22 118784 --a------ C:\WINDOWS\GREUninstall.exe
2008-07-06 15:25:43 0 d-------- C:\Program Files\SpywareBlaster
2008-07-04 10:59:44 0 d-------- C:\Program Files\SpeedFan
2008-07-01 01:04:47 0 d-------- C:\Program Files\Messenger
2008-07-01 01:04:23 0 d-------- C:\Program Files\Movie Maker
2008-07-01 01:02:15 0 d-------- C:\Program Files\Windows NT
2008-06-29 18:15:35 0 d-------- C:\Program Files\Napster
2008-06-29 10:55:37 0 d-------- C:\Program Files\MSECache
2008-06-28 17:03:27 0 d-------- C:\Program Files\Yahoo!
2008-06-28 17:03:24 0 d-------- C:\Program Files\SureThing
2008-06-28 17:03:01 0 d-------- C:\Program Files\OpenTalk
2008-06-28 17:02:26 0 d-------- C:\Program Files\Logitech
2008-06-28 17:02:24 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-28 17:02:22 0 d-------- C:\Program Files\Hewlett-Packard
2008-06-28 17:02:17 0 d-------- C:\Program Files\GemMaster
2008-06-28 17:02:12 0 d-------- C:\Program Files\Common Files\aolshare
2008-06-28 17:02:11 0 d-------- C:\Program Files\Common Files\AOL
2008-06-28 17:02:04 0 d-------- C:\Program Files\CD to MP3 Freeware
2008-06-28 17:02:04 0 d-------- C:\Program Files\BitComet
2008-06-28 17:02:04 0 d-------- C:\Program Files\Audible
2008-06-28 16:49:53 0 d-------- C:\Program Files\Malware Immunizer
2008-06-28 15:06:48 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-28 14:33:06 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-28 14:24:33 0 d-------- C:\Program Files\DrWeb
2008-06-28 12:09:39 0 d-------- C:\Program Files\WinUpdatesList
2008-06-28 00:19:13 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-06-27 23:32:55 0 d-------- C:\Program Files\Java
2008-06-24 18:57:59 0 d-------- C:\Program Files\Shockwave.com
2008-06-16 14:02:00 0 d-------- C:\Documents and Settings\Kelly\Application Data\OpenOffice.org2
2008-06-12 15:36:36 0 d-------- C:\Documents and Settings\Kelly\Application Data\Apple Computer
2008-06-08 16:20:06 0 d-------- C:\Documents and Settings\Kelly\Application Data\Adobe
2008-06-06 08:57:39 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-05 23:49:04 222 ---h----- C:\bde
2008-06-05 23:32:44 0 d-------- C:\Documents and Settings\Kelly\Application Data\Malwarebytes
2008-06-04 19:37:15 0 d-------- C:\Program Files\Trend Micro
2008-06-04 19:25:50 0 d-------- C:\Program Files\7-Zip
2008-05-28 23:22:30 0 d-------- C:\Documents and Settings\Kelly\Application Data\AdobeUM
2008-05-28 14:39:11 0 d-------- C:\Program Files\MTV Virtual World
2008-05-23 00:43:40 0 d-------- C:\Documents and Settings\Kelly\Application Data\PlayFirst
2008-05-21 09:38:13 0 d-------- C:\Program Files\Common Files\Roxio Shared
2008-05-21 09:38:13 0 d-------- C:\Program Files\Common Files\Napster Shared


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown



-- End of Deckard's System Scanner: finished at 2008-07-11 10:31:59 ------------

Attached Files

  • Attached File  main.txt   15.68KB   111 downloads

  • 0

#232
kelkay
Posted 11 July 2008 - 09:40 AM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
For some reason the other Avenger log did not completely paste, so I redid it here for you.

//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows XP (build 2600, Service Pack 3)
Fri Jul 11 10:21:53 2008

10:21:18: Error: Invalid registry syntax in command:
"HKEY_CLASSES_ROOT\CLSID\{9A9307A0-7DA4-4DAF-B042-5009F29E09E1}"
Only registry keys under the HKEY_LOCAL_MACHINE hive are accessible to this program.
Skipping line. (Registry key deletion mode)


//////////////////////////////////////////


Logfile of The Avenger Version 2.0, © by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

File "C:\Program Files\zsearch" deleted successfully.
File "C:\Program Files\zeropopupbar" deleted successfully.
File "C:\Program Files\zangoclient" deleted successfully.
File "C:\Program Files\zango games" deleted successfully.
File "C:\Program Files\xsoftware" deleted successfully.
File "C:\Program Files\xpcspy" deleted successfully.
File "C:\WINDOWS\isrvs" deleted successfully.
File "C:\temp_kl" deleted successfully.
File "C:\Program Files\winfixer 2005" deleted successfully.
File "C:\Program Files\winfavorites" deleted successfully.
File "C:\Program Files\windows adtools" deleted successfully.
File "C:\Program Files\windows adcontrol" deleted successfully.
File "C:\Program Files\win comm" deleted successfully.
File "C:\Program Files\whenu" deleted successfully.
File "C:\Program Files\web_rebates" deleted successfully.
File "C:\Program Files\web_cpr" deleted successfully.
File "C:\Program Files\vvsn" deleted successfully.
File "C:\Program Files\vvsdl" deleted successfully.
File "C:\Program Files\vomba" deleted successfully.
File "C:\Program Files\vmntoolbar" deleted successfully.
File "C:\Program Files\ts trial" deleted successfully.
File "C:\Program Files\topmoxie" deleted successfully.
File "C:\Program Files\sys detective+" deleted successfully.
File "C:\Program Files\surfsidekick" deleted successfully.
File "C:\Program Files\surfsidekick 2" deleted successfully.
File "C:\Program Files\superbar" deleted successfully.
File "C:\Program Files\netmeting" deleted successfully.
File "C:\Program Files\hpdll" deleted successfully.
File "C:\Program Files\Common Files\winsoftware" deleted successfully.
File "C:\Program Files\Common Files\ucontrol" deleted successfully.
File "C:\Program Files\autoupdate" deleted successfully.
File "C:\archivos de programa" deleted successfully.
File "C:\WINDOWS\winsecurity" deleted successfully.
File "C:\WINDOWS\connectionstatus" deleted successfully.
File "C:\spedia" deleted successfully.
File "C:\Program Files\valintines day card" deleted successfully.
File "C:\Program Files\swagent" deleted successfully.
File "C:\Program Files\stealthwatcher200" deleted successfully.
File "C:\Program Files\spytech software" deleted successfully.
File "C:\Program Files\spyonthis" deleted successfully.
File "C:\Program Files\spyblast" deleted successfully.
File "C:\Program Files\softomate" deleted successfully.
File "C:\Program Files\selectrebates" deleted successfully.
File "C:\Program Files\searchnet" deleted successfully.
File "C:\Program Files\searchlocate" deleted successfully.
File "C:\Program Files\screenview" deleted successfully.
File "C:\Program Files\p4p" deleted successfully.
File "C:\Program Files\ietoolbar" deleted successfully.
File "C:\Program Files\dynamic toolbar" deleted successfully.
File "C:\Program Files\Common Files\sogou pxp" deleted successfully.
File "C:\Program Files\startup mechanic" deleted successfully.
File "C:\Program Files\savenow" deleted successfully.
File "C:\Program Files\rxtoolbar" deleted successfully.
File "C:\Program Files\relevantknowledge" deleted successfully.
File "C:\Program Files\rax search helper" deleted successfully.
File "C:\Program Files\psupport" deleted successfully.
File "C:\Program Files\need2find" deleted successfully.
File "C:\Program Files\ncase" deleted successfully.
File "C:\Program Files\navexcel" deleted successfully.
File "C:\Program Files\navexcel search toolbar" deleted successfully.
File "C:\Program Files\mywebsearch" deleted successfully.
File "C:\Program Files\ezthemes_whenusavenow_installer" deleted successfully.
File "C:\Program Files\exolon" deleted successfully.
File "C:\Program Files\ddr" deleted successfully.
File "C:\Program Files\Common Files\nsis" deleted successfully.
File "C:\Program Files\arcade!" deleted successfully.
File "C:\WINDOWS\wintrim" deleted successfully.
File "C:\WINDOWS\winmgts" deleted successfully.
File "C:\WINDOWS\wincomp" deleted successfully.
File "C:\WINDOWS\navpmc" deleted successfully.
File "C:\WINDOWS\mc" deleted successfully.
File "C:\Program Files\support software" deleted successfully.
File "C:\Program Files\network essentials" deleted successfully.
File "C:\Program Files\medialoads" deleted successfully.
File "C:\Program Files\medialoads enhanced" deleted successfully.
File "C:\Program Files\media gateway" deleted successfully.
File "C:\Program Files\md" deleted successfully.
File "C:\WINDOWS\wqzq" deleted successfully.
File "C:\WINDOWS\wcby" deleted successfully.
File "C:\WINDOWS\ilookup" deleted successfully.
File "C:\Program Files\powersearch" deleted successfully.
File "C:\Program Files\perfectnav" deleted successfully.
File "C:\Program Files\lstsvc" deleted successfully.
File "C:\Program Files\kuaiso toolsbar" deleted successfully.
File "C:\Program Files\kgb keylogger" deleted successfully.
File "C:\Program Files\invisible secrets toolbar" deleted successfully.
File "C:\Program Files\instant buzz" deleted successfully.
File "C:\Program Files\instant access" deleted successfully.
File "C:\Program Files\install provider" deleted successfully.
File "C:\Program Files\instafink" deleted successfully.
File "C:\Program Files\incredifind" deleted successfully.
File "C:\Program Files\ebayshop" deleted successfully.
File "C:\Program Files\Common Files\updmgr" deleted successfully.
File "C:\Program Files\Common Files\updater" deleted successfully.
File "C:\Program Files\Common Files\keenvalue" deleted successfully.
File "C:\Program Files\security iguard" deleted successfully.
File "C:\Program Files\psguard" deleted successfully.
File "C:\Program Files\malwaresweeper.com" deleted successfully.
File "C:\Program Files\gator.com" deleted successfully.
File "C:\Program Files\emedia codec" deleted successfully.
File "C:\Program Files\data19" deleted successfully.
File "C:\Program Files\accoona" deleted successfully.
File "C:\Program Files\pcprivacysoftware.com" deleted successfully.
File "C:\Program Files\bulletproofsoft.com" deleted successfully.
File "C:\Program Files\adwareremovergold.com" deleted successfully.
File "C:\WINDOWS\system32\iedriver" deleted successfully.
File "C:\Program Files\system soap pro" deleted successfully.
File "C:\Program Files\search toolbar" deleted successfully.
File "C:\Program Files\httper" deleted successfully.
File "C:\Program Files\hotbar" deleted successfully.
File "C:\Program Files\homekeylogger" deleted successfully.
File "C:\Program Files\hbtools" deleted successfully.
File "C:\Program Files\hbinst" deleted successfully.
File "C:\Program Files\Common Files\wqzq" deleted successfully.
File "C:\Program Files\Common Files\msiets" deleted successfully.
File "C:\Program Files\Common Files\btlink" deleted successfully.
File "C:\Program Files\xmod" deleted successfully.
File "C:\Program Files\xml" deleted successfully.
File "C:\Program Files\vcom" deleted successfully.
File "C:\Program Files\sync manager demo" deleted successfully.
File "C:\Program Files\scom" deleted successfully.
File "C:\Program Files\reg2" deleted successfully.
File "C:\Program Files\pvm" deleted successfully.
File "C:\Program Files\primesoft" deleted successfully.
File "C:\Program Files\paymentone" deleted successfully.
File "C:\Program Files\gsr" deleted successfully.
File "C:\Program Files\gsoft" deleted successfully.
File "C:\Program Files\gmsoft" deleted successfully.
File "C:\Program Files\globe7" deleted successfully.
File "C:\Program Files\globaldialer" deleted successfully.
File "C:\Program Files\fwn toolbar" deleted successfully.
File "C:\Program Files\ftk" deleted successfully.
File "C:\Program Files\ftapp" deleted successfully.
File "C:\Program Files\fsw" deleted successfully.
File "C:\Program Files\flt" deleted successfully.
File "C:\Program Files\fln" deleted successfully.
File "C:\Program Files\flcp" deleted successfully.
File "C:\Program Files\fla" deleted successfully.
File "C:\Program Files\filesubmit" deleted successfully.
File "C:\Program Files\fen" deleted successfully.
File "C:\Program Files\dialers" deleted successfully.
File "C:\Program Files\browserenh" deleted successfully.
File "C:\windowsupdate" deleted successfully.
File "C:\WINDOWS\system32\fcyberalert" deleted successfully.
File "C:\WINDOWS\system32\f0r0r" deleted successfully.
File "C:\WINDOWS\system32\ctf" deleted successfully.
File "C:\WINDOWS\elitetoolbar" deleted successfully.
File "C:\WINDOWS\elitesidebar" deleted successfully.
File "C:\WINDOWS\elitebar" deleted successfully.
File "C:\Program Files\websearch" deleted successfully.
File "C:\Program Files\webrebates" deleted successfully.
File "C:\Program Files\fastseeker" deleted successfully.
File "C:\Program Files\ezurl" deleted successfully.
File "C:\Program Files\exploreanywhere" deleted successfully.
File "C:\Program Files\exact" deleted successfully.
File "C:\Program Files\ebatesmoemoneymaker" deleted successfully.
File "C:\Program Files\ebates_moemoneymaker" deleted successfully.
File "C:\Program Files\comsoft" deleted successfully.
File "C:\WINDOWS\system32\adcache" deleted successfully.
File "C:\WINDOWS\roodyc" deleted successfully.
File "C:\WINDOWS\explorer" deleted successfully.
File "C:\Program Files\real-tens" deleted successfully.
File "C:\Program Files\popcorn.net" deleted successfully.
File "C:\Program Files\movienetworks" deleted successfully.
File "C:\Program Files\mlh" deleted successfully.
File "C:\Program Files\medch" deleted successfully.
File "C:\Program Files\kfh" deleted successfully.
File "C:\Program Files\keylog" deleted successfully.
File "C:\Program Files\e2give" deleted successfully.
File "C:\Program Files\drivecleaner free" deleted successfully.
File "C:\Program Files\downloadware" deleted successfully.
File "C:\Program Files\downloadware engine" deleted successfully.
File "C:\Program Files\dealio" deleted successfully.
File "C:\Program Files\dealhelper" deleted successfully.
File "C:\Program Files\dateregon" deleted successfully.
File "C:\Program Files\date manager" deleted successfully.
File "C:\Program Files\commonname" deleted successfully.
File "C:\Program Files\Common Files\eacceleration" deleted successfully.
File "C:\Program Files\Common Files\drivecleaner free" deleted successfully.
File "C:\Program Files\Common Files\cpush" deleted successfully.
File "C:\e2g" deleted successfully.
File "C:\WINDOWS\winfj" deleted successfully.
File "C:\WINDOWS\syspi" deleted successfully.
File "C:\WINDOWS\sysbj" deleted successfully.
File "C:\WINDOWS\msew" deleted successfully.
File "C:\WINDOWS\ieoo" deleted successfully.
File "C:\WINDOWS\system32\services" deleted successfully.
File "C:\WINDOWS\configsys" deleted successfully.
File "C:\WINDOWS\coder" deleted successfully.
File "C:\Program Files\colej_uk design toolbar" deleted successfully.
File "C:\Program Files\clocksync" deleted successfully.
File "C:\Program Files\clipgenie" deleted successfully.
File "C:\WINDOWS\ctb3_shared" deleted successfully.
File "C:\Program Files\windowssa" deleted successfully.
File "C:\Program Files\tvs" deleted successfully.
File "C:\Program Files\rvp" deleted successfully.
File "C:\Program Files\lycos" deleted successfully.
File "C:\Program Files\letssearch" deleted successfully.
File "C:\Program Files\csbb" deleted successfully.
File "C:\Program Files\Common Files\psd tools" deleted successfully.
File "C:\Program Files\Common Files\gmt" deleted successfully.
File "C:\Program Files\Common Files\cmeii" deleted successfully.
File "C:\Program Files\cntrc" deleted successfully.
File "C:\Program Files\clientman" deleted successfully.
File "C:\Program Files\buddylinks.net" deleted successfully.
File "C:\Program Files\btv" deleted successfully.
File "C:\Program Files\brp" deleted successfully.
File "C:\Program Files\browser pal" deleted successfully.
File "C:\Program Files\bpt" deleted successfully.
File "C:\Program Files\bpc_search" deleted successfully.
File "C:\Program Files\bonzibuddy" deleted successfully.
File "C:\Program Files\bcpc" deleted successfully.
File "C:\WINDOWS\bde" deleted successfully.
File "C:\Program Files\funcade" deleted successfully.
File "C:\Program Files\cashback" deleted successfully.
File "C:\Program Files\cardcrazy" deleted successfully.
File "C:\Program Files\bde" deleted successfully.
File "C:\Program Files\bargain buddy" deleted successfully.

Error: could not delete file "C:\bde"
Deletion of file "C:\bde" failed!
Status: 0xc0000035 (STATUS_OBJECT_NAME_COLLISION)
--> another object exists already with the same name

File "C:\WINDOWS\system32\exefld" deleted successfully.
File "C:\Program Files\mediaring talk" deleted successfully.
File "C:\Program Files\backweb" deleted successfully.
File "C:\WINDOWS\system32\win type" deleted successfully.
File "C:\WINDOWS\system32\ide" deleted successfully.
File "C:\WINDOWS\system32\feeds" deleted successfully.
File "C:\WINDOWS\system32\dhcp32" deleted successfully.
File "C:\Program Files\the guard" deleted successfully.
File "C:\Program Files\sysal" deleted successfully.
File "C:\Program Files\netturbotrial" deleted successfully.
File "C:\Program Files\fs" deleted successfully.
File "C:\Program Files\cxtpls" deleted successfully.
File "C:\Program Files\Common Files\betterinternet" deleted successfully.
File "C:\Program Files\arcaderockstar" deleted successfully.
File "C:\Program Files\aproposclient" deleted successfully.
File "C:\Program Files\altnet" deleted successfully.
File "C:\Program Files\adstatus service" deleted successfully.
File "C:\Program Files\acetoolbar" deleted successfully.
File "C:\Program Files\abetterinternet" deleted successfully.
File "C:\Program Files\2search" deleted successfully.
File "C:\Program Files\securemypc" deleted successfully.
File "C:\Program Files\scanspyware v3.8.0.4" deleted successfully.
File "C:\Program Files\scan & repair utilities 2007" deleted successfully.
File "C:\Program Files\prvdef4.0" deleted successfully.
File "C:\Program Files\privacy crusader demo" deleted successfully.
File "C:\Program Files\privacy champion" deleted successfully.
File "C:\Program Files\pestbot" deleted successfully.
File "C:\Program Files\perfectcleaner" deleted successfully.
File "C:\Program Files\pcsecurityshield" deleted successfully.
File "C:\Program Files\pal spyrem" deleted successfully.
File "C:\Program Files\neospace" deleted successfully.
File "C:\Program Files\malwarewipers" deleted successfully.
File "C:\Program Files\killspy.net" deleted successfully.
File "C:\Program Files\btppdv2.2" deleted successfully.
File "C:\Program Files\winferno" deleted successfully.
File "C:\Program Files\softwaredoctor" deleted successfully.
File "C:\Program Files\secure pc solutions" deleted successfully.
File "C:\Program Files\scorpio software" deleted successfully.
File "C:\Program Files\kazaap" deleted successfully.
File "C:\Program Files\guardbar" deleted successfully.
File "C:\Program Files\goodbye spy" deleted successfully.
File "C:\Program Files\froggie scan demo" deleted successfully.
File "C:\Program Files\flobo spyware clean" deleted successfully.
File "C:\Program Files\fix my registry" deleted successfully.
File "C:\Program Files\expertantivirus" deleted successfully.
File "C:\Program Files\easy erase spyware remover" deleted successfully.
File "C:\Program Files\curepcsolution" deleted successfully.
File "C:\Program Files\codeclean2007" deleted successfully.
File "C:\Program Files\cleanx2007" deleted successfully.
File "C:\Program Files\bps remover" deleted successfully.
File "C:\Program Files\beclean" deleted successfully.
File "C:\Program Files\antivirusgoldenpro" deleted successfully.
File "C:\Program Files\antivirus solution" deleted successfully.
File "C:\Program Files\antispyzone 5.0" deleted successfully.
File "C:\Program Files\allume systems" deleted successfully.
File "C:\Program Files\adwareX eliminator" deleted successfully.
File "C:\Program Files\adware spyWare removal" deleted successfully.
File "C:\Program Files\adware remover" deleted successfully.
File "C:\Program Files\adware agent" deleted successfully.
File "C:\Program Files\ads adware remover" deleted successfully.
File "C:\Program Files\ad armor" deleted successfully.
File "C:\Program Files\1stantivirus" deleted successfully.
File "C:\Program Files\#1spywarekillerv2.1" deleted successfully.
File "C:\Program Files\dealhelper.com inc" deleted successfully.
File "C:\Program Files\websnitch v3.0" deleted successfully.
File "C:\Documents and Settings\Kelly\Application Data\wklnhst.dat" deleted successfully.
Folder "C:\Documents and Settings\Kelly\Application Data\abelhadigital.com" deleted successfully.
Folder "C:\Documents and Settings\All Users\Application Data\abelhadigital.com" deleted successfully.
Folder "C:\found.000" deleted successfully.
Folder "C:\WINDOWS\winupie.exe" deleted successfully.
Folder "C:\WINDOWS\winmuschi.exe" deleted successfully.
Folder "C:\WINDOWS\updatewinlocator.exe" deleted successfully.
Folder "C:\WINDOWS\system32\zp.dll" deleted successfully.
Folder "C:\WINDOWS\system32\zeropopupbar.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winwsl.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wintft.dll" deleted successfully.
Folder "C:\WINDOWS\system32\wintbpx.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wintbp.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winshow.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winsb.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winrvl.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winpup32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winpup.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winlocatorhelper.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winlocator.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winksl.exe" deleted successfully.
Folder "C:\WINDOWS\system32\update.exe" deleted successfully.
Folder "C:\WINDOWS\system32\systemout.exe" deleted successfully.
Folder "C:\WINDOWS\system32\sysdll32.dll" deleted successfully.
Folder "C:\WINDOWS\system32\servises.exe" deleted successfully.
Folder "C:\WINDOWS\system32\rx.exe" deleted successfully.
Folder "C:\WINDOWS\system32\regperf.exe" deleted successfully.
Folder "C:\WINDOWS\system32\pup.exe" deleted successfully.
Folder "C:\WINDOWS\system32\pnp.exe" deleted successfully.
Folder "C:\WINDOWS\system32\per.exe" deleted successfully.
Folder "C:\WINDOWS\system32\nvctrl.exe" deleted successfully.
Folder "C:\WINDOWS\system32\norton update.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mssearchnet.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msmsgs.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mscornet.exe" deleted successfully.
Folder "C:\WINDOWS\system32\issearch.exe" deleted successfully.
Folder "C:\WINDOWS\system32\isnotify.exe" deleted successfully.
Folder "C:\WINDOWS\system32\ismon.exe" deleted successfully.
Folder "C:\WINDOWS\system32\ishost.exe" deleted successfully.
Folder "C:\WINDOWS\system32\dfrgsrv.exe" deleted successfully.
Folder "C:\WINDOWS\system32\df_kme.exe" deleted successfully.
Folder "C:\WINDOWS\system32\dcomcfg.exe" deleted successfully.
Folder "C:\WINDOWS\system32\csm.exe" deleted successfully.
Folder "C:\WINDOWS\system32\botzor.exe" deleted successfully.
Folder "C:\WINDOWS\system32\axconfig.dll" deleted successfully.
Folder "C:\WINDOWS\system32\4ccc3cea.exe" deleted successfully.
Folder "C:\WINDOWS\pnpasn32.exe" deleted successfully.
Folder "C:\WINDOWS\hpsv.exe" deleted successfully.
Folder "C:\WINDOWS\cdproxyserv.exe" deleted successfully.
Folder "C:\WINDOWS\windowsupd4.exe" deleted successfully.
Folder "C:\WINDOWS\windowsupd2.exe" deleted successfully.
Folder "C:\WINDOWS\windowsupd1.exe" deleted successfully.
Folder "C:\WINDOWS\vx2.dll" deleted successfully.
Folder "C:\WINDOWS\t2serv.exe" deleted successfully.
Folder "C:\WINDOWS\t2serv.dll" deleted successfully.
Folder "C:\WINDOWS\system32\zlbw.dll" deleted successfully.
Folder "C:\WINDOWS\system32\wshtlprh.dll" deleted successfully.
Folder "C:\WINDOWS\system32\wshnseri.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winntcreate.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winftsap.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winftsap.dll" deleted successfully.
Folder "C:\WINDOWS\system32\wincom32.sys" deleted successfully.
Folder "C:\WINDOWS\system32\w3sskbda.dll" deleted successfully.
Folder "C:\WINDOWS\system32\vx2.dll" deleted successfully.
Folder "C:\WINDOWS\system32\vwix32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\vsxmpgpc.dll" deleted successfully.
Folder "C:\WINDOWS\system32\vnetsmme.dll" deleted successfully.
Folder "C:\WINDOWS\system32\vb5dmspo.dll" deleted successfully.
Folder "C:\WINDOWS\system32\v4pbpt51.dll" deleted successfully.
Folder "C:\WINDOWS\system32\uninmyad.exe" deleted successfully.
Folder "C:\WINDOWS\system32\trafracp.dll" deleted successfully.
Folder "C:\WINDOWS\system32\tps108.dll" deleted successfully.
Folder "C:\WINDOWS\system32\tisa.dll" deleted successfully.
Folder "C:\WINDOWS\system32\tips.exe" deleted successfully.
Folder "C:\WINDOWS\system32\tippcls.dat" deleted successfully.
Folder "C:\WINDOWS\system32\tipp.dat" deleted successfully.
Folder "C:\WINDOWS\system32\timesrv.exe" deleted successfully.
Folder "C:\WINDOWS\system32\ticont.dll" deleted successfully.
Folder "C:\WINDOWS\system32\ticads.exe" deleted successfully.
Folder "C:\WINDOWS\system32\tconini.dat" deleted successfully.
Folder "C:\WINDOWS\system32\sysmonnt.exe" deleted successfully.
Folder "C:\WINDOWS\system32\spwgoc.exe" deleted successfully.
Folder "C:\WINDOWS\system32\snmpmssw.exe" deleted successfully.
Folder "C:\WINDOWS\system32\slbrmqtr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\slbipsch.exe" deleted successfully.
Folder "C:\WINDOWS\system32\slbipsch.dll" deleted successfully.
Folder "C:\WINDOWS\system32\shfoxpob.exe" deleted successfully.
Folder "C:\WINDOWS\system32\secumsje.exe" deleted successfully.
Folder "C:\WINDOWS\system32\se.exe" deleted successfully.
Folder "C:\WINDOWS\system32\sd16win.dll" deleted successfully.
Folder "C:\WINDOWS\system32\scp3jgaw.dll" deleted successfully.
Folder "C:\WINDOWS\system32\rvreg.exe" deleted successfully.
Folder "C:\WINDOWS\system32\rulesak.dll" deleted successfully.
Folder "C:\WINDOWS\system32\rdpwmsjt.exe" deleted successfully.
Folder "C:\WINDOWS\system32\rcbdwmpd.dll" deleted successfully.
Folder "C:\WINDOWS\system32\qdvtscf.dll" deleted successfully.
Folder "C:\WINDOWS\system32\ppl.exe" deleted successfully.
Folder "C:\WINDOWS\system32\oebdfc.dll" deleted successfully.
Folder "C:\WINDOWS\system32\nordsys.exe" deleted successfully.
Folder "C:\WINDOWS\system32\myad.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msview.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msnavc32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\messenger.lib.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lut.dat" deleted successfully.
Folder "C:\WINDOWS\system32\lspak.dll" deleted successfully.
Folder "C:\WINDOWS\system32\localnrd.dll" deleted successfully.
Folder "C:\WINDOWS\system32\lcch.dat" deleted successfully.
Folder "C:\WINDOWS\system32\ladchkr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\host.dll" deleted successfully.
Folder "C:\WINDOWS\system32\hook2.dll" deleted successfully.
Folder "C:\WINDOWS\system32\hook1.dll" deleted successfully.
Folder "C:\WINDOWS\system32\google.png.exe" deleted successfully.
Folder "C:\WINDOWS\system32\gdu.dll" deleted successfully.
Folder "C:\WINDOWS\system32\game3.exe" deleted successfully.
Folder "C:\WINDOWS\system32\game2.exe" deleted successfully.
Folder "C:\WINDOWS\system32\game1.exe" deleted successfully.
Folder "C:\WINDOWS\system32\dad.bat" deleted successfully.
Folder "C:\WINDOWS\system32\cidrules.dll" deleted successfully.
Folder "C:\WINDOWS\system32\bridge.dll" deleted successfully.
Folder "C:\WINDOWS\system32\alsys.exe" deleted successfully.
Folder "C:\WINDOWS\system32\adchkr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\a.exe" deleted successfully.
Folder "C:\WINDOWS\system32\6fo4svc.dll" deleted successfully.
Folder "C:\WINDOWS\sserrvv.exe" deleted successfully.
Folder "C:\WINDOWS\serrv.exe" deleted successfully.
Folder "C:\WINDOWS\reggserv.exe" deleted successfully.
Folder "C:\WINDOWS\psapi.dll" deleted successfully.
Folder "C:\WINDOWS\msupdtwiz.exe" deleted successfully.
Folder "C:\WINDOWS\kernellos.dll" deleted successfully.
Folder "C:\WINDOWS\iehelper.dll" deleted successfully.
Folder "C:\WINDOWS\cserv32.exe" deleted successfully.
Folder "C:\WINDOWS\cleanhistories.dll" deleted successfully.
Folder "C:\WINDOWS\ccsserv.exe" deleted successfully.
Folder "C:\WINDOWS\ads.js" deleted successfully.
Folder "C:\WINDOWS\waladhpr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\xkrdk.dll" deleted successfully.
Folder "C:\WINDOWS\system32\wzhelper.dll" deleted successfully.
Folder "C:\WINDOWS\system32\wiatwain.dll" deleted successfully.
Folder "C:\WINDOWS\system32\webalize.dll" deleted successfully.
Folder "C:\WINDOWS\system32\unsocul.exe" deleted successfully.
Folder "C:\WINDOWS\system32\somatic.dll" deleted successfully.
Folder "C:\WINDOWS\system32\sodahk.dll" deleted successfully.
Folder "C:\WINDOWS\system32\socul.dll" deleted successfully.
Folder "C:\WINDOWS\system32\smdnn05.dll" deleted successfully.
Folder "C:\WINDOWS\system32\servehost.exe" deleted successfully.
Folder "C:\WINDOWS\system32\seqsb.dll" deleted successfully.
Folder "C:\WINDOWS\system32\searchupdate33.exe" deleted successfully.
Folder "C:\WINDOWS\system32\searchupdate31.exe" deleted successfully.
Folder "C:\WINDOWS\system32\searchsquire33.dll" deleted successfully.
Folder "C:\WINDOWS\system32\searchsquire3.dll" deleted successfully.
Folder "C:\WINDOWS\system32\searchsquire2.dll" deleted successfully.
Folder "C:\WINDOWS\system32\searchsquire.dll" deleted successfully.
Folder "C:\WINDOWS\system32\seantb.dll" deleted successfully.
Folder "C:\WINDOWS\system32\s4helper.dll" deleted successfully.
Folder "C:\WINDOWS\system32\replmap.dll" deleted successfully.
Folder "C:\WINDOWS\system32\reg2.exe" deleted successfully.
Folder "C:\WINDOWS\system32\pqhelper.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mygeek.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msstersv.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msqsb.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msnsxole.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msnsxole.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mslspcg.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mslsicwd.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msexcred.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msafiasn.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mqoacdmo.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mqadscp3.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mgmtmtxc.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mgeekremove.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mcd3mscm.dll" deleted successfully.
Folder "C:\WINDOWS\system32\lmrtatkc.dll" deleted successfully.
Folder "C:\WINDOWS\system32\kbdpkbdr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\kbdfwshe.exe" deleted successfully.
Folder "C:\WINDOWS\system32\jgsdrpcn.exe" deleted successfully.
Folder "C:\WINDOWS\system32\jgsdrpcn.dll" deleted successfully.
Folder "C:\WINDOWS\system32\jgdwadsn.exe" deleted successfully.
Folder "C:\WINDOWS\system32\jgdwadsn.dll" deleted successfully.
Folder "C:\WINDOWS\system32\iuennwcf.dll" deleted successfully.
Folder "C:\WINDOWS\system32\ir32racp.exe" deleted successfully.
Folder "C:\WINDOWS\system32\ipxwshel.exe" deleted successfully.
Folder "C:\WINDOWS\system32\ipxrmfc4.dll" deleted successfully.
Folder "C:\WINDOWS\system32\imesrdch.exe" deleted successfully.
Folder "C:\WINDOWS\system32\ifsomatic.dll" deleted successfully.
Folder "C:\WINDOWS\system32\ifhelper.dll" deleted successfully.
Folder "C:\WINDOWS\system32\iebrw.dll" deleted successfully.
Folder "C:\WINDOWS\system32\icmpdx3j.dll" deleted successfully.
Folder "C:\WINDOWS\system32\iaspdpus.dll" deleted successfully.
Folder "C:\WINDOWS\system32\i4n27vl.exe" deleted successfully.
Folder "C:\WINDOWS\system32\hotlink.dll" deleted successfully.
Folder "C:\WINDOWS\system32\homepage.dll" deleted successfully.
Folder "C:\WINDOWS\system32\hmepge.dll" deleted successfully.
Folder "C:\WINDOWS\system32\higehsg.dll" deleted successfully.
Folder "C:\WINDOWS\system32\hhselz32.dll" deleted successfully.
Folder "C:\WINDOWS\system32\gsim.dll" deleted successfully.
Folder "C:\WINDOWS\system32\fltlauto.exe" deleted successfully.
Folder "C:\WINDOWS\system32\fileserv.dll" deleted successfully.
Folder "C:\WINDOWS\system32\e1.dll" deleted successfully.
Folder "C:\WINDOWS\system32\dsseds32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\dsseds32.dll" deleted successfully.
Folder "C:\WINDOWS\system32\dpugmswe.dll" deleted successfully.
Folder "C:\WINDOWS\system32\dnsrxpob.exe" deleted successfully.
Folder "C:\WINDOWS\system32\deskmcd3.dll" deleted successfully.
Folder "C:\WINDOWS\system32\ddemdmco.dll" deleted successfully.
Folder "C:\WINDOWS\system32\davctool.exe" deleted successfully.
Folder "C:\WINDOWS\system32\davctool.dll" deleted successfully.
Folder "C:\WINDOWS\system32\confbrw.dll" deleted successfully.
Folder "C:\WINDOWS\system32\comrkbdd.exe" deleted successfully.
Folder "C:\WINDOWS\system32\comploader.dll" deleted successfully.
Folder "C:\WINDOWS\system32\chkmfdep.exe" deleted successfully.
Folder "C:\WINDOWS\system32\camodpnm.exe" deleted successfully.
Folder "C:\WINDOWS\system32\brwstat.dll" deleted successfully.
Folder "C:\WINDOWS\system32\brwprf32.dll" deleted successfully.
Folder "C:\WINDOWS\system32\brwperf.exe" deleted successfully.
Folder "C:\WINDOWS\system32\brwmgr32.dll" deleted successfully.
Folder "C:\WINDOWS\system32\brwconf.exe" deleted successfully.
Folder "C:\WINDOWS\system32\barbho.dll" deleted successfully.
Folder "C:\WINDOWS\system32\avifipxr.dll" deleted successfully.
Folder "C:\WINDOWS\system32\admeiolo.dll" deleted successfully.
Folder "C:\WINDOWS\system32\actidmoc.exe" deleted successfully.
Folder "C:\WINDOWS\svrmgr.exe" deleted successfully.
Folder "C:\WINDOWS\ssmsgr.exe" deleted successfully.
Folder "C:\WINDOWS\ssls.exe" deleted successfully.
Folder "C:\WINDOWS\ssdgt.exe" deleted successfully.
Folder "C:\WINDOWS\sscrg.exe" deleted successfully.
Folder "C:\WINDOWS\gsim.dll" deleted successfully.
Folder "C:\WINDOWS\cssswd.exe" deleted successfully.
Folder "C:\WINDOWS\csssupd.exe" deleted successfully.
Folder "C:\WINDOWS\adrsb.exe" deleted successfully.
Folder "C:\WINDOWS\wserver.exe" deleted successfully.
Folder "C:\WINDOWS\winlogon.scr" deleted successfully.
Folder "C:\WINDOWS\winlogon.exe" deleted successfully.
Folder "C:\WINDOWS\visualguard.exe" deleted successfully.
Folder "C:\WINDOWS\userconfig9x.dll" deleted successfully.
Folder "C:\WINDOWS\system32\xpfirewall.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wpwmgrs.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winvnc.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wintasker.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winsyscfg.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winsys32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winsys.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winsvc32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winstart.pif" deleted successfully.
Folder "C:\WINDOWS\system32\winnt.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wininfo.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winhlpapi.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wingmt32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winds.exe" deleted successfully.
Folder "C:\WINDOWS\system32\windowz.exe" deleted successfully.
Folder "C:\WINDOWS\system32\windowsfirewall.exe" deleted successfully.
Folder "C:\WINDOWS\system32\windasz-updote.exe" deleted successfully.
Folder "C:\WINDOWS\system32\win32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\win24.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wid32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wfdmgr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wfdgmr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wdns33.exe" deleted successfully.
Folder "C:\WINDOWS\system32\w32ntupdt.exe" deleted successfully.
Folder "C:\WINDOWS\system32\w1nt5k.exe" deleted successfully.
Folder "C:\WINDOWS\system32\vlcx052.dll" deleted successfully.
Folder "C:\WINDOWS\system32\twunk_65.exe" deleted successfully.
Folder "C:\WINDOWS\system32\timemanager.exe" deleted successfully.
Folder "C:\WINDOWS\system32\taskgmr32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\taskgmr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\taskgamr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\tagmr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\sysconf.exe" deleted successfully.
Folder "C:\WINDOWS\system32\sword.exe" deleted successfully.
Folder "C:\WINDOWS\system32\svshost.exe" deleted successfully.
Folder "C:\WINDOWS\system32\stagmr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\speeder.exe" deleted successfully.
Folder "C:\WINDOWS\system32\sp2winfix.exe" deleted successfully.
Folder "C:\WINDOWS\system32\sp2fx.exe" deleted successfully.
Folder "C:\WINDOWS\system32\slpube03.dll" deleted successfully.
Folder "C:\WINDOWS\system32\shnlog.exe" deleted successfully.
Folder "C:\WINDOWS\system32\rlvknlg.exe" deleted successfully.
Folder "C:\WINDOWS\system32\rkinstaller.exe" deleted successfully.
Folder "C:\WINDOWS\system32\rk.exe" deleted successfully.
Folder "C:\WINDOWS\system32\optserve.exe" deleted successfully.
Folder "C:\WINDOWS\system32\optserve.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mstc.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msplus4.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msplus3.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msplus2.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msplus1.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msplus.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msclt.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mrkscr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lp.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lp.dll" deleted successfully.
Folder "C:\WINDOWS\system32\intmon.exe" deleted successfully.
Folder "C:\WINDOWS\system32\auole4.dll" deleted successfully.
Folder "C:\WINDOWS\sysmonxp.exe" deleted successfully.
Folder "C:\WINDOWS\symav.exe" deleted successfully.
Folder "C:\WINDOWS\switpb.exe" deleted successfully.
Folder "C:\WINDOWS\switpa.exe" deleted successfully.
Folder "C:\WINDOWS\skynetave.exe" deleted successfully.
Folder "C:\WINDOWS\services.exe" deleted successfully.
Folder "C:\WINDOWS\rundil32.exe" deleted successfully.
Folder "C:\WINDOWS\rundil.exe" deleted successfully.
Folder "C:\WINDOWS\phantom.exe" deleted successfully.
Folder "C:\WINDOWS\pandaavengine.exe" deleted successfully.
Folder "C:\WINDOWS\netmedia.exe" deleted successfully.
Folder "C:\WINDOWS\napatch.exe" deleted successfully.
Folder "C:\WINDOWS\msnmsgrs.exe" deleted successfully.
Folder "C:\WINDOWS\maja.exe" deleted successfully.
Folder "C:\WINDOWS\lsasss.exe" deleted successfully.
Folder "C:\WINDOWS\lansas.exe" deleted successfully.
Folder "C:\WINDOWS\kasperskyaveng.exe" deleted successfully.
Folder "C:\WINDOWS\jammer2nd.exe" deleted successfully.
Folder "C:\WINDOWS\infodll.dll" deleted successfully.
Folder "C:\WINDOWS\fvprotect.exe" deleted successfully.
Folder "C:\WINDOWS\fooding.exe" deleted successfully.
Folder "C:\WINDOWS\firewallsvr.exe" deleted successfully.
Folder "C:\WINDOWS\easyav.exe" deleted successfully.
Folder "C:\WINDOWS\diskmonitor.exe" deleted successfully.
Folder "C:\WINDOWS\comp.cpl" deleted successfully.
Folder "C:\WINDOWS\cfg32s.dll" deleted successfully.
Folder "C:\WINDOWS\cfg32r.dll" deleted successfully.
Folder "C:\WINDOWS\cfg32o.dll" deleted successfully.
Folder "C:\WINDOWS\cfg32.exe" deleted successfully.
Folder "C:\WINDOWS\avserve3.exe" deleted successfully.
Folder "C:\WINDOWS\avserve2.exe" deleted successfully.
Folder "C:\WINDOWS\avprotect9x.exe" deleted successfully.
Folder "C:\WINDOWS\avprotect.exe" deleted successfully.
Folder "C:\WINDOWS\avpguard.exe" deleted successfully.
Folder "C:\WINDOWS\avguard.exe" deleted successfully.
Folder "C:\WINDOWS\avbgle.exe" deleted successfully.
Folder "C:\winssystem.exe" deleted successfully.
Folder "C:\WINDOWS\unstall.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winnb60.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winnb58.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winnb57.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winnb56.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winnb52.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winnb51.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winnb42.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winnb41.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winnb40.dll" deleted successfully.
Folder "C:\WINDOWS\system32\windmy.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winats.dll" deleted successfully.
Folder "C:\WINDOWS\system32\vtlbar1.dll" deleted successfully.
Folder "C:\WINDOWS\system32\tubby.dll" deleted successfully.
Folder "C:\WINDOWS\system32\tbc.dll" deleted successfully.
Folder "C:\WINDOWS\system32\sys.exe" deleted successfully.
Folder "C:\WINDOWS\system32\skybot.exe" deleted successfully.
Folder "C:\WINDOWS\system32\shell.exe" deleted successfully.
Folder "C:\WINDOWS\system32\service5.exe" deleted successfully.
Folder "C:\WINDOWS\system32\sd.exe" deleted successfully.
Folder "C:\WINDOWS\system32\scvhost32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\scrigz.exe" deleted successfully.
Folder "C:\WINDOWS\system32\scalpe91.exe" deleted successfully.
Folder "C:\WINDOWS\system32\rundll.exe" deleted successfully.
Folder "C:\WINDOWS\system32\remote.exe" deleted successfully.
Folder "C:\WINDOWS\system32\protection.exe" deleted successfully.
Folder "C:\WINDOWS\system32\plugnplay32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\picx.exe" deleted successfully.
Folder "C:\WINDOWS\system32\phantom.exe" deleted successfully.
Folder "C:\WINDOWS\system32\patch31345.exe" deleted successfully.
Folder "C:\WINDOWS\system32\osalogbe.exe" deleted successfully.
Folder "C:\WINDOWS\system32\nn_bar31.dll" deleted successfully.
Folder "C:\WINDOWS\system32\nn_bar22.dll" deleted successfully.
Folder "C:\WINDOWS\system32\nn_bar21.dll" deleted successfully.
Folder "C:\WINDOWS\system32\nn_bar.dll" deleted successfully.
Folder "C:\WINDOWS\system32\netcog.exe" deleted successfully.
Folder "C:\WINDOWS\system32\nas.dll" deleted successfully.
Folder "C:\WINDOWS\system32\myaccess.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mtrnqs.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mtc.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mswins.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mssck.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msplus32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msnl.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msmgrxp.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msklive.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msgmr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msegcompid.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msdev32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\msapasrc.dll" deleted successfully.
Folder "C:\WINDOWS\system32\msa64chk.dll" deleted successfully.
Folder "C:\WINDOWS\system32\mouse.exe" deleted successfully.
Folder "C:\WINDOWS\system32\microupdate.exe" deleted successfully.
Folder "C:\WINDOWS\system32\microsystem.exe" deleted successfully.
Folder "C:\WINDOWS\system32\memloader.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mcscn.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mapisvc32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\mailinfo.exe" deleted successfully.
Folder "C:\WINDOWS\system32\madise.dll" deleted successfully.
Folder "C:\WINDOWS\system32\logitechwls.exe" deleted successfully.
Folder "C:\WINDOWS\system32\logic.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lienvdk.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lienvandekelder.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lientjeuh.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lien vd kelder.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lien vande kelder.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lien Van de kelderrr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lien van de kelder.exe" deleted successfully.
Folder "C:\WINDOWS\system32\lcd32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\jusched32.exe" deleted successfully.
Folder "C:\WINDOWS\system32\itunegui.exe" deleted successfully.
Folder "C:\WINDOWS\system32\internet.exe" deleted successfully.
Folder "C:\WINDOWS\system32\iexplorer.exe" deleted successfully.
Folder "C:\WINDOWS\system32\hostdrvxp.exe" deleted successfully.
Folder "C:\WINDOWS\system32\hbmail.exe" deleted successfully.
Folder "C:\WINDOWS\system32\gothica.exe" deleted successfully.
Folder "C:\WINDOWS\system32\fixupdattr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\evil.exe" deleted successfully.
Folder "C:\WINDOWS\system32\ds.exe" deleted successfully.
Folder "C:\WINDOWS\system32\dll.dll" deleted successfully.
Folder "C:\WINDOWS\system32\dcomuser.exe" deleted successfully.
Folder "C:\WINDOWS\system32\coolbot.exe" deleted successfully.
Folder "C:\WINDOWS\system32\ccsrs.exe" deleted successfully.
Folder "C:\WINDOWS\system32\avpr.exe" deleted successfully.
Folder "C:\WINDOWS\system32\adv.dll" deleted successfully.
Folder "C:\WINDOWS\system32\abs.exe" deleted successfully.
Folder "C:\WINDOWS\system32\666.exe" deleted successfully.
Folder "C:\WINDOWS\system32\1hellbot.exe" deleted successfully.
Folder "C:\WINDOWS\system32\0.exe" deleted successfully.
Folder "C:\WINDOWS\patch31345.exe" deleted successfully.
Folder "C:\WINDOWS\msnarrator.exe" deleted successfully.
Folder "C:\WINDOWS\mrhop.dll" deleted successfully.
Folder "C:\WINDOWS\mpgcom.dll" deleted successfully.
Folder "C:\WINDOWS\mmups.exe" deleted successfully.
Folder "C:\WINDOWS\mm63.ocx" deleted successfully.
Folder "C:\WINDOWS\mm21.ocx" deleted successfully.
Folder "C:\WINDOWS\mm20.ocx" deleted successfully.
Folder "C:\WINDOWS\imgurla.exe" deleted successfully.
Folder "C:\WINDOWS\iempg2.dll" deleted successfully.
Folder "C:\WINDOWS\iempg.dll" deleted successfully.
Folder "C:\WINDOWS\a64sddd.exe" deleted successfully.
Folder "C:\hellmsn.exe" deleted successfully.
Folder "C:\WINDOWS\xwrm.exe" deleted successfully.
Folder "C:\WINDOWS\winserv.exe" deleted successfully.
Folder "C:\WINDOWS\winobject.dll" deleted successfully.
Folder "C:\WINDOWS\wdskctl.exe" deleted successfully.
Folder "C:\WINDOWS\ts.exe" deleted successfully.
Folder "C:\WINDOWS\system32\zopenssl.dll" deleted successfully.
Folder "C:\WINDOWS\system32\yvsvga.sys" deleted successfully.
Folder "C:\WINDOWS\system32\yvsvga.dll" deleted successfully.
Folder "C:\WINDOWS\system32\yvprgb.dll" deleted successfully.
Folder "C:\WINDOWS\system32\yvpp02.sys" deleted successfully.
Folder "C:\WINDOWS\system32\xcdmfree.dll" deleted successfully.
Folder "C:\WINDOWS\system32\wndtx1.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winstart001.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winstart.exe" deleted successfully.
Folder "C:\WINDOWS\system32\winsrm32.dll" deleted successfully.
Folder "C:\WINDOWS\system32\winenc32.dll" deleted successfully.
Folder "C:\WINDOWS\system32\windowsie.dll" deleted successfully.
Folder "C:\WINDOWS\system32\windec32.dll" deleted successfully.
Folder "C:\WINDOWS\system32\wgavm.exe" deleted successfully.
Folder "C:\WINDOWS\system32\wgareg.exe&
  • 0

#233
kelkay
Posted 11 July 2008 - 12:21 PM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
Well it still didn't copy it all even though I had copied and pasted it. So I will attach it instead. Sorry for the trouble. :)

Attached Files


  • 0

#234
koko_crunch
Posted 13 July 2008 - 11:25 AM

koko_crunch

    Trusted Helper

  • Retired Staff
  • 1,751 posts
That's absolutely fine.

Looks like we are finally making some real progress.
The previous fix and this one was actually prepared by JSntgRvr.

Still some left.

1. Copy all the text contained in the code box below to your Clipboard by highlighting it and pressing (Ctrl+C):

Files to delete:C:\bdeRegistry keys to delete:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9A9307A0-7DA4-4DAF-B042-5009F29E09E1}HKEY_CLASSES_ROOT\CLSID\{9A9307A0-7DA4-4DAF-B042-5009F29E09E1}

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

2. Now, open the avenger folder and start The Avenger program by clicking on its icon.
  • Right click on the window under Input script here:, and select Paste.
  • You can also click on this window and press (Ctrl+V) to paste the contents of the clipboard.
  • Click on Execute
  • Answer "Yes" twice when prompted.
3. The Avenger will automatically do the following:
  • It will Restart your computer. ( In cases where the code to execute contains "Drivers to Delete", The Avenger will actually restart your system twice.)
  • On reboot, it will briefly open a black command window on your desktop, this is normal.
  • After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
  • The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.
4. Please copy/paste the content of c:\avenger.txt into your reply and ATTACH a fresh DSS main log .
  • 0

#235
kelkay
Posted 13 July 2008 - 02:06 PM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
//////////////////////////////////////////
Avenger Pre-Processor log
//////////////////////////////////////////

Platform: Windows XP (build 2600, Service Pack 3)
Sun Jul 13 15:00:58 2008

15:00:31: Error: Invalid registry syntax in command:
"HKEY_CLASSES_ROOT\CLSID\{9A9307A0-7DA4-4DAF-B042-5009F29E09E1}"
Only registry keys under the HKEY_LOCAL_MACHINE hive are accessible to this program.
Skipping line. (Registry key deletion mode)


//////////////////////////////////////////


Logfile of The Avenger Version 2.0, © by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.
No rootkits found!

File "C:\bde" deleted successfully.
Registry key "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{9A9307A0-7DA4-4DAF-B042-5009F29E09E1}" deleted successfully.

Completed script processing.

*******************

Finished! Terminate.
  • 0

Advertisements

#236
kelkay
Posted 13 July 2008 - 02:20 PM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
The only main.txt that showed up was from the 11th. So I could not attach it, as I couldn't find it. It was on Notepad, and I just copied it. Sorry. :)

Deckard's System Scanner v20071014.68
Run by Kelly on 2008-07-13 15:08:36
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Kelly.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:09:13, on 7/13/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Tall Emu\Online Armor\oasrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Tall Emu\Online Armor\oaui.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltpspd.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\Documents and Settings\Kelly\Desktop\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Kelly.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: hpWebHelper Class - {AAAE832A-5FFF-4661-9C8F-369692D1DCB9} - C:\WINDOWS\pchealth\helpctr\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\plugin\WebHelper.dll
O3 - Toolbar: WebFerret - {A58686ED-FC46-44C3-95C6-4A812AB776F1} - C:\Program Files\FerretSoft\WebFerret\FerretBand.dll
O4 - HKLM\..\Run: [SmartDefrag] "C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /startup
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [OnlineArmor GUI] "C:\Program Files\Tall Emu\Online Armor\oaui.exe"
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_9 -reboot 1
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [HostsMan] "C:\Program Files\HostsMan\hm.exe" -s
O4 - S-1-5-18 Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'SYSTEM')
O4 - S-1-5-18 Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Updates From HP.lnk = C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe
O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &WordWeb... - res://C:\WINDOWS\system32\wweb32.dll/lookup.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - (no file)
O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files\Paltalk Messenger\Paltalk.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (file missing)
O9 - Extra 'Tools' menuitem: Internet Connection Help - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative....030/CTSUEng.cab
O16 - DPF: {127CE7BA-AD89-4108-A913-C52EFC037C36} (OMN Player Support) - http://kdx.omn.org/s...ayerSupport.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewid...oOnlineScan.cab
O16 - DPF: {2776DDE9-D4B2-4BF7-9F98-ADC1A1B80AF5} (OMN Media Publisher) - http://kdx.omn.org/s...iaPublisher.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper20073151.dll
O16 - DPF: {639658F3-B141-4D6B-B936-226F75A5EAC3} (CPlayFirstDinerDash2Control Object) - http://www.shockwave...h2.1.0.0.67.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1165348971449
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} -
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative....15030/CTPID.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sansa Updater Service (SansaService) - Unknown owner - C:\Program Files\SanDisk\Sansa Updater\SansaSvr.exe
O23 - Service: Online Armor (SvcOnlineArmor) - Tall Emu - C:\Program Files\Tall Emu\Online Armor\oasrv.exe

--
End of file - 9071 bytes

-- Files created between 2008-06-13 and 2008-07-13 -----------------------------

2008-07-13 15:00:54 313 --a------ C:\avexport.bat
2008-07-11 10:24:46 0 d-------- C:\Documents and Settings\Kelly\Application Data\abelhadigital.com
2008-07-11 10:24:46 0 d-------- C:\Documents and Settings\All Users\Application Data\abelhadigital.com
2008-07-11 10:21:50 6735942 --a------ C:\backup.reg
2008-07-09 19:58:38 135168 --a------ C:\zip.exe
2008-07-09 19:58:38 19286 --a------ C:\cleanup.exe
2008-07-09 19:58:38 574 --a------ C:\cleanup.bat
2008-07-09 18:45:48 0 d-------- C:\Documents and Settings\Kelly\Application Data\OnlineArmor
2008-07-09 18:45:48 0 d-------- C:\Documents and Settings\All Users\Application Data\OnlineArmor
2008-07-09 18:45:34 28872 --a------ C:\WINDOWS\system32\drivers\oanet.sys
2008-07-09 18:45:34 25600 --a------ C:\WINDOWS\system32\drivers\OAmon.sys
2008-07-09 18:45:34 75776 --a------ C:\WINDOWS\system32\drivers\OADriver.sys
2008-07-09 18:45:34 0 d-------- C:\Program Files\Tall Emu
2008-07-05 11:07:34 449462 --a------ C:\HaxFix.exe <Not Verified; Marckie; >
2008-07-04 14:02:01 0 d-------- C:\Program Files\HostsMan
2008-07-03 22:34:18 0 d-------- C:\Program Files\HD Tune
2008-07-01 01:15:01 0 d-------- C:\WINDOWS\Prefetch
2008-07-01 01:04:25 0 d-------- C:\WINDOWS\system32\scripting
2008-07-01 01:04:24 0 d-------- C:\WINDOWS\system32\en
2008-07-01 01:04:24 0 d-------- C:\WINDOWS\l2schemas
2008-07-01 01:04:23 0 d-------- C:\WINDOWS\system32\bits
2008-07-01 01:02:31 0 d-------- C:\WINDOWS\ServicePackFiles
2008-06-28 14:40:13 0 d-------- C:\Documents and Settings\All Users\Application Data\ESET
2008-06-28 11:59:58 39424 --a------ C:\WINDOWS\zipinst.exe <Not Verified; NirSoft; ZipInstaller>
2008-06-27 23:32:13 0 d-------- C:\Program Files\Common Files\Java
2008-06-23 17:06:15 0 d-------- C:\WINDOWS\ERUNT
2008-06-15 21:31:48 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-06-15 21:31:41 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-06-15 21:31:41 0 d-------- C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com


-- Find3M Report ---------------------------------------------------------------

2008-07-11 10:22:55 0 d-------- C:\Program Files\Common Files
2008-07-09 21:00:44 0 d-------- C:\Program Files\HP
2008-07-09 20:52:11 0 d-------- C:\Program Files\kontiki
2008-07-09 16:03:50 0 d-------- C:\Program Files\SpywareGuard
2008-07-09 14:19:25 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2008-07-08 10:05:32 118784 --a------ C:\WINDOWS\SeaMonkeyUninstall.exe
2008-07-08 10:05:32 16267 --a------ C:\WINDOWS\mozver.dat
2008-07-08 10:05:22 118784 --a------ C:\WINDOWS\GREUninstall.exe
2008-07-06 15:25:43 0 d-------- C:\Program Files\SpywareBlaster
2008-07-04 10:59:44 0 d-------- C:\Program Files\SpeedFan
2008-07-01 01:04:47 0 d-------- C:\Program Files\Messenger
2008-07-01 01:04:23 0 d-------- C:\Program Files\Movie Maker
2008-07-01 01:02:15 0 d-------- C:\Program Files\Windows NT
2008-06-29 18:15:35 0 d-------- C:\Program Files\Napster
2008-06-29 10:55:37 0 d-------- C:\Program Files\MSECache
2008-06-28 17:03:27 0 d-------- C:\Program Files\Yahoo!
2008-06-28 17:03:24 0 d-------- C:\Program Files\SureThing
2008-06-28 17:03:01 0 d-------- C:\Program Files\QuickTime
2008-06-28 17:03:01 0 d-------- C:\Program Files\OpenTalk
2008-06-28 17:02:26 0 d-------- C:\Program Files\Logitech
2008-06-28 17:02:24 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-28 17:02:22 0 d-------- C:\Program Files\Hewlett-Packard
2008-06-28 17:02:17 0 d-------- C:\Program Files\GemMaster
2008-06-28 17:02:12 0 d-------- C:\Program Files\Common Files\aolshare
2008-06-28 17:02:11 0 d-------- C:\Program Files\Common Files\AOL
2008-06-28 17:02:04 0 d-------- C:\Program Files\CD to MP3 Freeware
2008-06-28 17:02:04 0 d-------- C:\Program Files\BitComet
2008-06-28 17:02:04 0 d-------- C:\Program Files\Audible
2008-06-28 16:49:53 0 d-------- C:\Program Files\Malware Immunizer
2008-06-28 15:06:48 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-28 14:33:06 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-28 14:24:33 0 d-------- C:\Program Files\DrWeb
2008-06-28 12:09:39 0 d-------- C:\Program Files\WinUpdatesList
2008-06-28 00:19:13 0 d-------- C:\Program Files\Microsoft ActiveSync
2008-06-27 23:32:55 0 d-------- C:\Program Files\Java
2008-06-24 18:57:59 0 d-------- C:\Program Files\Shockwave.com
2008-06-16 14:02:00 0 d-------- C:\Documents and Settings\Kelly\Application Data\OpenOffice.org2
2008-06-12 15:36:36 0 d-------- C:\Documents and Settings\Kelly\Application Data\Apple Computer
2008-06-12 15:36:26 0 d-------- C:\Program Files\iTunes
2008-06-12 15:35:16 0 d-------- C:\Program Files\iPod
2008-06-12 15:29:35 0 d-------- C:\Program Files\Apple Software Update
2008-06-08 16:20:06 0 d-------- C:\Documents and Settings\Kelly\Application Data\Adobe
2008-06-06 08:57:39 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-05 23:32:44 0 d-------- C:\Documents and Settings\Kelly\Application Data\Malwarebytes
2008-06-04 19:37:15 0 d-------- C:\Program Files\Trend Micro
2008-06-04 19:25:50 0 d-------- C:\Program Files\7-Zip
2008-05-28 23:22:30 0 d-------- C:\Documents and Settings\Kelly\Application Data\AdobeUM
2008-05-28 14:39:11 0 d-------- C:\Program Files\MTV Virtual World
2008-05-23 00:43:40 0 d-------- C:\Documents and Settings\Kelly\Application Data\PlayFirst
2008-05-21 09:38:13 0 d-------- C:\Program Files\Common Files\Roxio Shared
2008-05-21 09:38:13 0 d-------- C:\Program Files\Common Files\Napster Shared


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartDefrag"="C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" [11/20/2006 23:59]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [05/09/2006 17:50]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [05/08/2007 16:24]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [03/25/2008 04:28]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [03/13/2008 16:48]
"OnlineArmor GUI"="C:\Program Files\Tall Emu\Online Armor\oaui.exe" [04/17/2008 05:22]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" []
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [04/13/2008 19:12]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [01/28/2008 11:43]
"HostsMan"="C:\Program Files\HostsMan\hm.exe" [06/16/2008 04:19]

C:\Documents and Settings\Kelly\Start Menu\Programs\Startup\
SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe [8/29/2003 7:05:35 PM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Updates From HP.lnk - C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe [7/31/2006 9:36:54 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsHistory"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{4F07DA45-8170-4859-9B5F-037EF2970034}"= C:\PROGRA~1\TALLEM~1\ONLINE~1\oaevent.dll [04/17/2008 05:22 671432]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Updates From HP.lnk]
backup=C:\WINDOWS\pss\Updates From HP.lnkCommon Startup


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AlwaysReady Power Message APP]
ARPWRMSG.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSyncU.exe]
"C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\H/PC Connection Agent]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HostManager]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPBootOp]
"C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\kdx]
C:\Program Files\Kontiki\KHost.exe -all

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PwrUpTweakMe]
C:\WINDOWS\system32\PuXpTwks.exe /TWEAK

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\QTTask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
C:\WINDOWS\SMINST\RECGUARD.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Symantec Core LC"=2 (0x2)
"SPBBCSvc"=2 (0x2)
"SNDSrvc"=2 (0x2)
"SAVScan"=3 (0x3)
"NSCService"=3 (0x3)
"ccSetMgr"=2 (0x2)
"ccProxy"=2 (0x2)
"ccISPwdSvc"=3 (0x3)
"ccEvtMgr"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc




-- End of Deckard's System Scanner: finished at 2008-07-13 15:12:27 ------------
  • 0

#237
koko_crunch
Posted 14 July 2008 - 11:45 PM

koko_crunch

    Trusted Helper

  • Retired Staff
  • 1,751 posts
Much better. Now for a final scan to be sure.
How's your computer running? Other issues you would like to address?

Next,

Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 onlyDouble-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

Then,

Please do an online scan with Kaspersky WebScanner

Temporarily disable your resident Antivirus software before proceeding.

Welcome Information page will open. Click on Accept
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded, click on Scan
    • Now under that section select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save Report as button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

Enable you Anti-Virus protection once scan is done then post back with the log.
  • 0

#238
kelkay
Posted 15 July 2008 - 09:04 AM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
I did not get a full 30 day free trial of NOD32 as they said, and they did not honor what their website said. So I decided to try Kaspersky this morn. I had a firewall alert when I opened the browser that some computer was trying to connect to mine. This happened twice. I blocked them.

I am scanning now with the Kaspersky av program. It showed these already.
detected: riskware Invader Running process: C:\WINDOWS\system32\winlogon.exe
detected: riskware Invader Running process: C:\WINDOWS\System32\svchost.exe

detected: riskware Invader Running process: C:\WINDOWS\Explorer.EXE
quarantined: Trojan program Trojan-Downloader.JS.gen (modification) File: C:\omn.msi//omnF01.cab/omn_Kernel.js0

THE FUNNY thing about this is I deleted the OMN program that has free videos, afraid I was getting a problem via it. It wanted to set itself up to run all the time. This may just be a coincidence. (the name)

The Kaspersky scan has barely begun, so I will let you know if it finds more. I already have the ATF program you mentioned and have used it. I wonder since I have Kaspersky AV now, should I still connect to the online scanner of it? I think not, but if you want me to I certainly will. I am hoping we have finally reached the end of this maddening process, and you have been so patient with me. I am so thankful for people like you!
  • 0

#239
kelkay
Posted 15 July 2008 - 11:40 AM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
here is more stuff Kaspersky has found thus far...the scan is just a little over half over now.

detected: riskware Invader Running process: C:\Program Files\America Online 9.0a\aol.exe

deleted: adware not-a-virus:AdWare.Win32.SearchIt.t File: C:\Program Files\Common Files\aolback\Comps\toolbar\toolbr.exe//WiseSFXDropper//WISE0015.BIN

detected: riskware Invader Running process: C:\Program Files\America Online 9.0a\waol.exe
detected: riskware Invader Running process: C:\Program Files\America Online 9.0a\shellmon.exe

detected: riskware Invader Running process: C:\Program Files\America Online 9.0a\shellrestart.exe

detected: riskware Invader Running process: C:\WINDOWS\system32\svchost.exe

7/15/2008 14:00:27 Quarantine: File c:\omn.msi//omnF01.cab/omn_Kernel.js0: detected modification of Trojan program 'Trojan-Downloader.JS.gen'.

Here is what my firewall logs show...I'm afraid there is still infection.


7/15/2008 09:12:41 Protection of your computer is enabled.
7/15/2008 09:14:22 Process C:\WINDOWS\system32\winlogon.exe (PID: 1124): attempt to embed itself into another process was blocked.
7/15/2008 09:14:30 Process C:\WINDOWS\System32\svchost.exe (PID: 1544): attempt to embed itself into another process was blocked.
7/15/2008 09:15:35 Process C:\WINDOWS\Explorer.EXE (PID: 840): attempt to embed itself into another process was blocked.
7/15/2008 09:16:55 Please restart your computer to complete the installation of new or updated protection components.
7/15/2008 09:16:58 Please restart your computer to complete the installation of new or updated protection components.
7/15/2008 09:16:58 Not all components were updated
7/15/2008 09:16:58 Database is out of date, leaving your computer at risk of infection. Please update your database.
7/15/2008 09:18:52 Update completed successfully
7/15/2008 09:19:53 Process C:\WINDOWS\system32\winlogon.exe (PID: 1124): attempt to embed itself into another process was blocked.
7/15/2008 09:19:55 Process C:\WINDOWS\System32\svchost.exe (PID: 1544): attempt to embed itself into another process allowed.
7/15/2008 09:19:55 Process C:\WINDOWS\System32\svchost.exe (PID: 1544): attempt to embed itself into another process allowed.
7/15/2008 09:19:55 Process C:\WINDOWS\System32\svchost.exe (PID: 1544): attempt to embed itself into another process allowed.
7/15/2008 09:20:05 Protection of your computer is not running. You are advised to resume protection.
7/15/2008 09:22:34 You are advised to perform a full computer scan as soon as possible.
7/15/2008 09:22:34 Protection of your computer is enabled.
7/15/2008 09:23:00 Process C:\WINDOWS\system32\winlogon.exe (PID: 1128): attempt to embed itself into another process was blocked.
7/15/2008 09:23:03 Process C:\WINDOWS\System32\svchost.exe (PID: 1552): attempt to embed itself into another process was blocked.
7/15/2008 09:24:05 Update completed successfully
7/15/2008 09:26:38 Process C:\WINDOWS\Explorer.EXE (PID: 484): attempt to embed itself into another process was blocked.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/Ad-Aware SE Default.skn: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/arrow1.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/arrow2.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/bck1.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/bt11.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/bt12.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/bt13.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/bt21.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/bt22.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/bt23.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/bt31.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/bt32.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/bt33.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/bt41.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/bt42.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/bt43.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/bt51.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/bt52.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/bt53.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/bt61.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/bt62.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/checkbox1.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/checkbox2.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/checkbox3.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/checkbox4.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/defbtn1.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/defbtn2.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/defbtn3.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/glyph1.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/glyph2.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/glyph3.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/glyph4.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/glyph5.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/glyph6.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/glyph7.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/main.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/preview.bmp: is password protected.
7/15/2008 09:27:04 File C:\aawsepersonal.exe//WISE0020.BIN/sprite1.bmp: is password protected.
7/15/2008 09:37:07 Process C:\WINDOWS\Explorer.EXE (PID: 484): attempt to embed itself into another process was blocked.
7/15/2008 09:42:02 File C:\omn.msi//omnF01.cab/omn_Kernel.js0: detected modification of Trojan program 'Trojan-Downloader.JS.gen'.
7/15/2008 09:42:02 Security threats have been detected. You are advised to neutralize them immediately.
7/15/2008 09:42:02 File C:\omn.msi//omnF01.cab/omn_Kernel.js0: is still infected, postponed.
7/15/2008 09:50:11 File C:\Avenger\backup.zip/avenger/avenger.txt: is password protected.
7/15/2008 09:57:56 File C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\quarantine\Quarantine\20070207182620.zip/0: is password protected.
7/15/2008 09:57:56 File C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\quarantine\Quarantine\20070305031839.zip/0: is password protected.
7/15/2008 09:57:56 File C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\quarantine\Quarantine\20070329233745.zip/0: is password protected.
7/15/2008 09:57:57 File C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\quarantine\Quarantine\20070528181759.zip/0: is password protected.
7/15/2008 09:57:57 File C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\quarantine\Quarantine\20070528181759.zip/1: is password protected.
7/15/2008 09:57:57 File C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\quarantine\Quarantine\20070530144815.zip/0: is password protected.
7/15/2008 09:57:57 File C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\quarantine\Quarantine\20070602141730.zip/0: is password protected.
7/15/2008 09:57:57 File C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\quarantine\Quarantine\20070604140659.zip/0: is password protected.
7/15/2008 09:57:57 File C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\quarantine\Quarantine\20070611145542.zip/0: is password protected.
7/15/2008 09:57:57 File C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\quarantine\Quarantine\20070711142355.zip/0: is password protected.
7/15/2008 09:57:57 File C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\quarantine\Quarantine\20070719123108.zip/0: is password protected.
7/15/2008 09:57:57 File C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\quarantine\Quarantine\20070720090022.zip/0: is password protected.
7/15/2008 09:57:57 File C:\Documents and Settings\All Users\Application Data\AOL\UserProfiles\All Users\antiSpyware\quarantine\Quarantine\20070923004327.zip/0: is password protected.
7/15/2008 09:58:41 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0006.BIN/agent_lang_helper.vbs: is password protected.
7/15/2008 09:58:41 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0006.BIN/agentins.ini: is password protected.
7/15/2008 09:58:41 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0006.BIN/agntcons.vbs: is password protected.
7/15/2008 09:58:41 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0006.BIN/agntinst.htm: is password protected.
7/15/2008 09:58:41 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0006.BIN/agntinst.vbs: is password protected.
7/15/2008 09:58:41 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0006.BIN/agntlang.vbs: is password protected.
7/15/2008 09:58:41 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0006.BIN/default.htm: is password protected.
7/15/2008 09:58:41 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0006.BIN/header.vbs: is password protected.
7/15/2008 09:58:41 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0006.BIN/HtmlUtil.vbs: is password protected.
7/15/2008 09:58:41 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0006.BIN/images/bg_left_1x314.gif: is password protected.
7/15/2008 09:58:41 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0006.BIN/images/icon_info_16x16.gif: is password protected.
7/15/2008 09:58:41 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0006.BIN/images/icon_mcafee_61x61.gif: is password protected.
7/15/2008 09:58:41 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0006.BIN/images/icon_progress_checked_13x13.gif: is password protected.
7/15/2008 09:58:41 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0006.BIN/images/icon_progress_hot_13x13.gif: is password protected.
7/15/2008 09:58:41 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0006.BIN/images/icon_progress_unchecked_13x13.gif: is password protected.
7/15/2008 09:58:41 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0006.BIN/InstUtil.vbs: is password protected.
7/15/2008 09:58:41 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0006.BIN/instwiz.css: is password protected.
7/15/2008 09:58:41 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0006.BIN/instxp.css: is password protected.
7/15/2008 09:58:41 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0006.BIN/lang_agnt.vbs: is password protected.
7/15/2008 09:58:41 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0006.BIN/mcccom.lpk: is password protected.
7/15/2008 09:58:41 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0006.BIN/pbar.vbs: is password protected.
7/15/2008 09:58:41 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0006.BIN/setcss.vbs: is password protected.
7/15/2008 09:58:41 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0006.BIN/SubInfoData.vbs: is password protected.
7/15/2008 09:58:41 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0006.BIN/vssver.scc: is password protected.
7/15/2008 09:58:42 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0021.BIN/countries.js: is password protected.
7/15/2008 09:58:42 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0021.BIN/default.htm: is password protected.
7/15/2008 09:58:42 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0021.BIN/header.vbs: is password protected.
7/15/2008 09:58:42 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0021.BIN/HtmlUtil.vbs: is password protected.
7/15/2008 09:58:42 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0021.BIN/images/bg_left_1x314.gif: is password protected.
7/15/2008 09:58:42 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0021.BIN/images/icon_info_16x16.gif: is password protected.
7/15/2008 09:58:42 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0021.BIN/images/icon_mcafee_61x61.gif: is password protected.
7/15/2008 09:58:42 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0021.BIN/images/icon_progress_checked_13x13.gif: is password protected.
7/15/2008 09:58:42 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0021.BIN/images/icon_progress_hot_13x13.gif: is password protected.
7/15/2008 09:58:42 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0021.BIN/images/icon_progress_unchecked_13x13.gif: is password protected.
7/15/2008 09:58:42 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0021.BIN/install.htm: is password protected.
7/15/2008 09:58:42 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0021.BIN/instwiz.css: is password protected.
7/15/2008 09:58:42 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0021.BIN/instxp.css: is password protected.
7/15/2008 09:58:42 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0021.BIN/lang_countries.vbs: is password protected.
7/15/2008 09:58:42 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0021.BIN/lang_vso.vbs: is password protected.
7/15/2008 09:58:42 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0021.BIN/mcccom.lpk: is password protected.
7/15/2008 09:58:42 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0021.BIN/pbar.vbs: is password protected.
7/15/2008 09:58:42 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0021.BIN/setcss.vbs: is password protected.
7/15/2008 09:58:42 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0021.BIN/VsoConst.vbs: is password protected.
7/15/2008 09:58:42 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0021.BIN/vsoins.ini: is password protected.
7/15/2008 09:58:42 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0021.BIN/VSOPropConst.vbs: is password protected.
7/15/2008 09:58:43 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0024.BIN/screm.ui/agntcons.vbs: is password protected.
7/15/2008 09:58:43 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0024.BIN/screm.ui/agntlang.vbs: is password protected.
7/15/2008 09:58:43 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0024.BIN/screm.ui/comctl.lpk: is password protected.
7/15/2008 09:58:43 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0024.BIN/screm.ui/config.ini: is password protected.
7/15/2008 09:58:43 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0024.BIN/screm.ui/pbar.vbs: is password protected.
7/15/2008 09:58:43 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0024.BIN/screm.ui/UnInsStr.vbs: is password protected.
7/15/2008 09:58:43 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0024.BIN/screm.ui/uninst.vbs: is password protected.
7/15/2008 09:58:43 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0024.BIN/screm.ui/uninstall.htm: is password protected.
7/15/2008 09:58:43 File C:\Documents and Settings\All Users\Application Data\AOL Downloads\MAV\mavinst.exe//WISE0024.BIN/screm.ui/vssver.scc: is password protected.
7/15/2008 10:01:44 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CometCursors.zip/sbRecovery.reg: is password protected.
7/15/2008 10:01:44 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\CometCursors.zip/sbRecovery.ini: is password protected.
7/15/2008 10:01:44 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eSupportFFBiosExt.zip/TVICHW32.VXD: is password protected.
7/15/2008 10:01:44 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eSupportFFBiosExt.zip/sbRecovery.ini: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eSupportFFBiosExt1.zip/TVicHW32.sys: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\eSupportFFBiosExt1.zip/sbRecovery.ini: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ICQSpyMonitor.zip/sbRecovery.reg: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ICQSpyMonitor.zip/sbRecovery.ini: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ICQSpyMonitor1.zip/sbRecovery.reg: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ICQSpyMonitor1.zip/sbRecovery.ini: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterFirewallDisableNotify.zip/sbRecovery.reg: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\MicrosoftWindowsSecurityCenterFirewallDisableNotify.zip/sbRecovery.ini: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent.zip/sbRecovery.reg: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent.zip/sbRecovery.ini: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent1.zip/sbRecovery.reg: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent1.zip/sbRecovery.ini: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent2.zip/4.1.1/actorobject.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent2.zip/4.1.1/dx5drv.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent2.zip/4.1.1/dx7drv.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent2.zip/4.1.1/objectbundle.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent2.zip/4.1.1/sound.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent2.zip/4.1.1/wdcaps.ded: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent2.zip/4.1.1/wdengine.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent2.zip/4.1.1/webdriver.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent2.zip/4.1.1/wthost.exe: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent2.zip/4.1.1/wthostctl.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent2.zip/4.1.1/wtmulti.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent2.zip/4.1.1/wtmulti.jar: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent2.zip/4.1.1/wtwmplug.ax: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent2.zip/4.1.1/wtwmplug.ini: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent2.zip/jdriver.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent2.zip/rdriver.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent2.zip/wildtangent.jar: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent2.zip/sbRecovery.ini: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent3.zip/wcmdmgr.exe: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent3.zip/wcmdmgrl.exe: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent3.zip/wt.ini: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent3.zip/sbRecovery.ini: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/DRM/3.2.0.19/files/controlpanel/index.html: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/DRM/3.2.0.19/files/DRM0302.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/DRM/3.2.0.19/files/DRM0302Java.jar: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/DRM/3.2.0.19/files/jDRM0302.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/DRM/3.2.0.19/files/rDRM0302.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/DRM/3.2.0.19/install/DRM0302.cdanfo: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/DRM/3.2.0.19/install/DRM0302_Uninstall.cdas: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/actorobject.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/controlpanel/index.html: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/dx5drv.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/dx7drv.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/jdriver.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/legacy/data.wts: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/legacy/webdriver.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/legacy/wt3d.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/npWTHost.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/nsIWTHostPlugin.xpt: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/ObjectBundle.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/rdriver.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/Sound.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/update_info/data.wts: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/wdcaps.ded: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/wdengine.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/Webd331.cdanfo: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/Webd331_fileList.cdas: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/Webd331_Uninstall.cdas: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/webdriver.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/wildtangent.jar: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/wt3d.ini: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/WTHost.exe: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/WTHostCtl.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/wtmulti.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/wtmulti.jar: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/wtwmplug.ax: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/files/wtwmplug.ini: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/install/Webd4_1_1.cdanfo: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/webd/4.1.1/install/Webd4_1_1_Uninstall.cdas: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/WireControl/1.1.0.23/files/controlpanel/index.html: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/WireControl/1.1.0.23/files/install/WireControl.cdanfo: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/WireControl/1.1.0.23/files/install/WireControl_Uninstall.cdas: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/WireControl/1.1.0.23/files/WireControl.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/wtupdater/appinfo.dat: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/wtwebdriver/update_info/data.wts: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent4.zip/sbRecovery.ini: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent5.zip/data.wts: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent5.zip/wt3d.dll: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent5.zip/wt3d.ini: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent5.zip/sbRecovery.ini: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent6.zip/sbRecovery.reg: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent6.zip/sbRecovery.ini: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent7.zip/sbRecovery.reg: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent7.zip/sbRecovery.ini: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent8.zip/sbRecovery.reg: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent8.zip/sbRecovery.ini: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent9.zip/sbRecovery.reg: is password protected.
7/15/2008 10:01:45 File C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\WildTangent9.zip/sbRecovery.ini: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{0018BD14-0AC5-43A6-886D-0E177F9DBDF5}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{02A576BB-5120-48AB-A2B3-3A17CC4096F8}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{036CC689-8BA5-408F-8678-7B9C5A0CBAB6}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{0370A462-920E-4CF8-9073-35699FA588FA}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{04A2AAF5-B05C-48AE-BE09-BBBBEC634819}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{07951664-E3F0-4480-9FD4-80C7B6B97783}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{08E34216-CB25-4C8D-B25A-12BD71EA2CEC}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{0D7C7591-F162-4CA9-9D41-A399355BC74B}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{0DD360F2-EF16-45E3-815B-17088F0F52A7}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{0E1FF68D-2B47-440C-A9D3-07201BAEF27A}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{12643905-D27A-4E1C-B39D-87CF794C0B64}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{12BA5546-1F18-4B8E-A19B-BB8600596EE3}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{12EB70A9-6E75-41A9-8DC4-7D79936C6520}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{1331B44A-2488-46E2-8FE1-B86F93E217A3}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{13623FD1-AB06-4EA3-B2D9-2D10C967241F}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{15367910-FB90-4308-8C3D-3EB96AC4D669}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{158AB79D-3CA1-476B-BF81-48DB017FF015}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{18D05171-8936-4B86-9BD3-37F7AF4996DB}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{19009A8E-C300-4BCD-A090-2CA147417531}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{1A2E62B1-103F-444E-B2AB-756E631FA47F}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{1ABAF725-77E0-4D56-A2BB-5DEC04C454AC}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{1BF5EA34-D3F0-4A78-8D88-6EA7F1EEC774}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{1C702E0C-9501-44F3-B781-81709C794B89}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{1D192B1F-806C-48C0-B560-65DAE924621D}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{1F23B17E-4AB7-4F68-998D-A1624DB54714}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{1F2FD864-AA32-416F-804E-75F3276850A7}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{2023776F-8E1F-4A74-AA62-F0AA3AA781A1}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{20356988-014B-4E6F-8F35-50FBDCE5DEC6}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{20E3B644-9A89-4CD8-AC7B-581A3F90183F}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{213744FE-9257-406C-9E81-C788BBA235CA}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{22092712-6AD2-4A80-9CE3-BC6788F0D06E}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{23A141EA-3A1A-4254-B538-28DB0E8E2C53}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{25878C1C-8823-45CF-AB50-7465E8EA7FDC}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{25D383F2-AF77-4181-AF21-20D1664AF857}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{260293EC-812B-49A7-A2F0-D3A70000A5DB}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{26683C7A-625B-4FB1-8CF4-A5154EDE2398}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{2AA429BC-8A4E-457D-8864-3AAB47F93E53}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{2BE754A9-5218-4360-B2F7-DB748A4122FB}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{2D2BEBF5-CC90-4DC3-BB46-6DB67B5F7B20}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{2D305F92-69E3-40EE-A3A7-7659A06F486C}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{328F25CE-E7DB-47B7-9CDE-4DFB026B408C}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{33D92023-73EC-403E-864F-84F31F686A95}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{35A996E9-2839-4CAF-9A07-8B8F883BD5CB}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{36416B87-FCE5-40FF-BE2F-9DF1F503916F}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{36E496B9-A1E0-4F5A-AB38-37E41F56863A}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{3984E004-F577-42FE-AC8A-0D9EC603E89E}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{3A9FDFB0-755D-4B76-BE60-B6E49C0357E9}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{3AFEE3BC-4F5F-4A8B-B205-1FF4F3AF7AB8}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{3E3E8A6F-EB28-4AE7-93FF-565C4B45E741}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{3F1D1C2A-6074-495B-AF08-3FB2C861772E}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{40F6156E-BE8F-4B2E-9F0F-E42DC96C15C5}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{4114D993-1717-4BDC-8FDB-3273FE1E81F0}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{419B0FB2-64E3-4F28-ABE6-713BF17877B0}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{4489927F-1BF6-4983-B8E5-ADEDF02D62B4}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{44F3E6C2-49BE-418D-9665-21055101CA3F}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{475B6431-CB30-46AE-B100-F47D10732AC5}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{476E5174-3825-4DA4-AC25-0DB606DA57F3}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{4953C356-D7FC-4001-A507-9BDA13CD452E}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{4AE77B10-11CD-4D0E-B5AE-0B5FDB364B24}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{4B84C5AE-EA8C-454E-9289-A93DF015715C}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{4BF38A07-AD88-4DBF-9A83-51CFD08ED80F}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{4C63320A-77F1-4F12-A475-1295DD9AFF4C}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{4DF0A379-88D3-496A-B1DA-E8B9720B6D2E}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{4E766AF0-7C3B-4312-89DF-69AD9A00F1FA}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{4F17EE38-BA12-4D01-82D4-F9E6D3DBC735}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{50685E84-0DBA-4BAA-B454-2CD34820AC92}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{508F19B6-F1F8-4AD8-9B3A-65F7405EF6F1}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{5570CC17-2555-4F87-8943-4D99C8D9C982}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{56B42DA8-1F6D-4BA8-9A3F-76504B75B986}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{56CF85D2-68E1-4717-A524-04773E2AC020}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{57278D66-81E5-442A-A804-369763E57CDC}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{5761A964-5743-4874-BAD5-CC22BC8C0E6C}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{5812CCDE-CBA9-46C5-896D-2851A9DB25AB}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{585E19F5-381F-4D8F-A9E0-5808CDDB975F}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{588077E9-6266-40EA-91B0-A0DD0A13BE1F}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{59C861CA-37E0-4B14-9049-341F74ACC635}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{5C1B0F8B-8158-4E6D-BA85-C8F0CDAB4149}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{5C6CFC01-C910-4309-95DA-C88DDE67D506}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{5CF1575D-9859-40A1-B071-545C847A8E18}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{5F458792-7342-4CC4-893E-98A85C84EF0C}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{61D915F0-D63F-484D-A7F8-49950236A5E7}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{61E56F6A-2272-4390-9FC9-6F5D9C908430}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{688D1837-9ACF-409F-8C1B-13C9233E05AE}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{6A62F968-6E5B-4227-9280-7AE0FEACF135}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{6E79EAA3-928A-4905-9C5B-051F14DF9C6E}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{7235E7AD-1CCC-4B4B-82D7-A7E43E960E9D}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{72E151B7-1164-4B7A-A7BC-7428CACA97E1}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 07-02-2008 - 13-02-03.SBU/{73C1EAAA-62BE-47C6-8D2E-C98CD8D67648}: is password protected.
7/15/2008 10:07:38 File C:\Documents and Settings\Kelly

Edited by kelkay, 15 July 2008 - 03:32 PM.

  • 0

#240
kelkay
Posted 15 July 2008 - 02:35 PM

kelkay

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 423 posts
Alright the scan finally completed. It took almost 6 hours to do. This is what it detected.
quarantined: Trojan program Trojan-Downloader.JS.gen (modification) File: C:\omn.msi//omnF01.cab/omn_Kernel.js0


deleted: adware not-a-virus:AdWare.Win32.SearchIt.t File: C:\Program Files\Common Files\aolback\Comps\toolbar\toolbr.exe//WiseSFXDropper//WISE0015.BIN


I believe I posted these two earlier. Do you want me to do the online Kaspersky scan still?
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP