Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Lots of viruses and sending SPAM too

Started by LesFo , Jan 28 2011 10:39 PM

  • This topic is locked This topic is locked

#1
LesFo
Posted 28 January 2011 - 10:39 PM

LesFo

    Member

  • Member
  • PipPip
  • 35 posts
My computer has lots of viruses. I have avast and mbam now and they got rid of a lot but not before the viruses sent a spam email to others from my email address. one of them that i found was "win32;junkpoly-b cryp" and i quarentined it. i haven't had anymore spam email sent. here is the otl thing. Please help.

Leslie

OTL logfile created on: 1/28/2011 3:32:06 PM - Run 1
OTL by OldTimer - Version 3.2.20.6 Folder = C:\Documents and Settings\Leslie Schooling\My Documents\Downloads
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

1.00 Gb Total Physical Memory | 0.00 Gb Available Physical Memory | 19.00% Memory free
2.00 Gb Paging File | 1.00 Gb Available in Paging File | 52.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 37.05 Gb Total Space | 8.03 Gb Free Space | 21.66% Space Free | Partition Type: NTFS
Unable to calculate disk information.

Computer Name: LESLIENEW | User Name: Leslie Schooling | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/01/28 15:30:55 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Leslie Schooling\My Documents\Downloads\OTL.exe
PRC - [2011/01/28 14:12:34 | 002,806,088 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfpupdat.exe
PRC - [2011/01/28 14:12:10 | 002,548,552 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
PRC - [2011/01/28 14:12:00 | 001,803,224 | ---- | M] (COMODO) -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
PRC - [2011/01/13 00:47:34 | 003,396,624 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastUI.exe
PRC - [2011/01/13 00:47:33 | 000,040,384 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
PRC - [2010/12/10 23:23:33 | 000,016,856 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\plugin-container.exe
PRC - [2010/12/10 23:23:24 | 000,912,344 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
PRC - [2010/02/04 19:24:27 | 001,181,328 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009/10/18 16:24:55 | 001,858,144 | ---- | M] (Emsi Software GmbH) -- C:\Program Files\a-squared Free\a2service.exe
PRC - [2008/04/13 16:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2003/11/13 13:29:40 | 000,455,680 | ---- | M] () -- C:\Program Files\Linksys\Wireless-G Notebook Adapter\NICServ.exe


========== Modules (SafeList) ==========

MOD - [2011/01/28 15:30:55 | 000,602,624 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Leslie Schooling\My Documents\Downloads\OTL.exe
MOD - [2011/01/28 14:13:03 | 000,285,480 | ---- | M] (COMODO) -- C:\WINDOWS\system32\guard32.dll
MOD - [2011/01/13 00:47:35 | 000,189,728 | ---- | M] (AVAST Software) -- C:\Program Files\Alwil Software\Avast5\snxhk.dll
MOD - [2010/08/23 08:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [Disabled | Stopped] -- -- (HidServ)
SRV - File not found [On_Demand | Stopped] -- -- (AppMgmt)
SRV - [2011/01/28 14:12:00 | 001,803,224 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV - [2011/01/13 00:47:33 | 000,040,384 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\Alwil Software\Avast5\AvastSvc.exe -- (avast! Antivirus)
SRV - [2010/10/16 00:40:40 | 000,037,664 | ---- | M] (Apple Inc.) [Auto | Running] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2010/02/04 19:24:27 | 001,181,328 | ---- | M] (Lavasoft) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2009/10/18 16:24:55 | 001,858,144 | ---- | M] (Emsi Software GmbH) [Auto | Running] -- C:\Program Files\a-squared Free\a2service.exe -- (a2free)
SRV - [2007/08/08 23:27:52 | 000,073,728 | ---- | M] (HP) [Auto | Stopped] -- C:\WINDOWS\system32\HPZipm12.exe -- (Pml Driver HPZ12)
SRV - [2003/11/13 13:29:40 | 000,455,680 | ---- | M] () [Auto | Running] -- C:\Program Files\Linksys\Wireless-G Notebook Adapter\NICServ.exe -- (NICSer_WPC54G)


========== Driver Services (SafeList) ==========

DRV - [2011/01/28 14:13:02 | 000,094,784 | ---- | M] (COMODO) [Kernel | Boot | Running] -- C:\WINDOWS\System32\DRIVERS\inspect.sys -- (Inspect)
DRV - [2011/01/28 14:13:02 | 000,027,576 | ---- | M] (COMODO) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\cmdhlp.sys -- (cmdHlp)
DRV - [2011/01/28 14:13:01 | 000,239,368 | ---- | M] (COMODO) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\cmdGuard.sys -- (cmdGuard)
DRV - [2011/01/13 00:41:16 | 000,294,608 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/01/13 00:40:16 | 000,047,440 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/01/13 00:40:04 | 000,100,176 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/01/13 00:37:30 | 000,023,632 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/01/13 00:37:11 | 000,029,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/01/13 00:37:09 | 000,017,744 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2009/09/23 04:55:23 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\Lbd.sys -- (Lbd)
DRV - [2009/09/15 10:42:48 | 000,007,408 | R--- | M] ( SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | On_Demand | Stopped] -- C:\Program Files\SUPERAntiSpyware\SASENUM.SYS -- (SASENUM)
DRV - [2009/09/15 10:42:46 | 000,009,968 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/09/15 10:42:44 | 000,074,480 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS -- (SASKUTIL)
DRV - [2008/08/12 13:06:17 | 000,022,328 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PnkBstrK.sys -- (PnkBstrK)
DRV - [2008/05/08 19:00:45 | 000,016,694 | ---- | M] (PalmSource, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\PalmUSBD.sys -- (PalmUSBD)
DRV - [2005/02/12 05:46:22 | 000,371,712 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\BCMWL5.SYS -- (BCM43XX)
DRV - [2005/02/10 16:52:36 | 000,157,056 | ---- | M] (Texas Instruments) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\tifm21.sys -- (tifm21)
DRV - [2005/01/10 16:13:00 | 000,346,496 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\camc6hal.sys -- (CAMCHALA)
DRV - [2005/01/10 16:12:12 | 000,037,760 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\camc6aud.sys -- (CAMCAUD)
DRV - [2004/12/17 13:52:58 | 000,017,992 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\bcm42rly.sys -- (BCM42RLY)
DRV - [2004/12/14 14:18:34 | 000,207,232 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH)
DRV - [2004/12/14 14:18:28 | 000,703,232 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/12/14 14:18:26 | 001,038,208 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/12/02 08:36:08 | 000,070,912 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Rtlnicxp.sys -- (RTL8023xp)
DRV - [2004/11/22 02:41:10 | 003,222,784 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel®
DRV - [2004/11/04 10:26:42 | 000,186,016 | ---- | M] (Synaptics, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\SynTP.sys -- (SynTP)
DRV - [2004/09/24 23:36:44 | 000,173,056 | ---- | M] (Funk Software, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\odysseyIM4.sys -- (odysseyIM4)
DRV - [2004/04/14 06:36:50 | 000,007,432 | ---- | M] (Hewlett-Packard Company) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\eabfiltr.sys -- (eabfiltr)
DRV - [2003/10/01 10:54:46 | 000,184,832 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\rtl8180.sys -- (LSWPCv4)
DRV - [2003/07/16 22:28:02 | 000,017,142 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\CBTNDIS5.sys -- (CBTNDIS5)
DRV - [2003/06/06 10:46:16 | 000,005,220 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\EabUsb.sys -- (eabusb)
DRV - [2001/08/17 11:10:28 | 000,035,913 | ---- | M] (SMC) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\smcirda.sys -- (SMCIRDA)
DRV - [2001/08/17 07:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://news.yahoo.com [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.co...ie=utf8&oe=utf8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://us.mg2.mail.y...d=35lp8p4bps3ti
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://us.mg4.mail.y...a.com/#/paused"
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.2.20100127023632
FF - prefs.js..extensions.enabledItems: [email protected]:1.0
FF - prefs.js..extensions.enabledItems: {0538E3E3-7E9B-4d49-8831-A227C80A7AD3}:2.0.2
FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/10 23:23:54 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.6.13\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/12/10 23:23:54 | 000,000,000 | ---D | M]

[2010/02/27 10:08:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Leslie Schooling\Application Data\Mozilla\Extensions
[2011/01/28 14:10:57 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Leslie Schooling\Application Data\Mozilla\Firefox\Profiles\bpmw51q3.default\extensions
[2010/11/14 19:17:51 | 000,000,000 | ---D | M] (Forecastfox Weather) -- C:\Documents and Settings\Leslie Schooling\Application Data\Mozilla\Firefox\Profiles\bpmw51q3.default\extensions\{0538E3E3-7E9B-4d49-8831-A227C80A7AD3}
[2010/09/17 17:37:17 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Leslie Schooling\Application Data\Mozilla\Firefox\Profiles\bpmw51q3.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/01/28 14:10:57 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/02/27 10:07:37 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Program Files\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/03/19 14:36:02 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\Access Privileges Test
[2009/01/01 16:33:32 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2009/11/19 13:16:28 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
[2009/11/19 13:16:29 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll

O1 HOSTS File: ([2004/08/04 00:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - File not found
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKCU\..\Toolbar\ShellBrowser: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - No CLSID value found.
O4 - HKLM..\Run: [avast5] C:\Program Files\Alwil Software\Avast5\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Image Zone Fast Start.lnk = C:\Program Files\Hp\Digital Imaging\bin\hpqthb08.exe (Hewlett-Packard Co.)
O4 - Startup: C:\Documents and Settings\Leslie Schooling\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.micros...tes/ieawsdc.cab (Microsoft Office Template and Media Control)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://a1540.g.akama...ex/qtplugin.cab (QuickTime Object)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://download.macr...ector/swdir.cab (Shockwave ActiveX Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.micr...heckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} http://photos.walmar...martActivia.cab (Snapfish Activia)
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} http://lads.myspace....ploader1006.cab (MySpace Uploader Control)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebo...oUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} http://www.sibelius....tiveXPlugin.cab (ScorchPlugin Class)
O16 - DPF: {BE319D04-18BD-4B34-AECC-EE7CB610FCA9} http://download.game...itched/main.cab (BewitchedGameClass Control)
O16 - DPF: {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_15)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 192.168.2.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\Hp\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - AppInit_DLLs: (C:\WINDOWS\system32\guard32.dll) - C:\WINDOWS\system32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\!SASWinLogon: DllName - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll (SUPERAntiSpyware.com)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop WallPaper: C:\Documents and Settings\Leslie Schooling\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Leslie Schooling\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O28 - HKLM ShellExecuteHooks: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL (SuperAdBlocker.com)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/01/18 20:46:04 | 000,000,671 | ---- | M] () - C:\autoAlbum.log -- [ NTFS ]
O33 - MountPoints2\##192.168.2.1#My Book\Shell - "" = AutoRun
O33 - MountPoints2\##192.168.2.1#My Book\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\##192.168.2.1#My Book\Shell\AutoRun\command - "" = G:\wd_windows_tools\WDSetup.exe -- [2008/06/19 12:46:02 | 001,760,476 | ---- | M] (Western Digital Corporation )
O33 - MountPoints2\{557fc16f-9844-11dc-95af-001c10202a60}\Shell\AutoRun\command - "" = E:\Programs\Pstart\PStart.exe
O33 - MountPoints2\{aed293f2-ead5-11db-9551-00163612f211}\Shell - "" = AutoRun
O33 - MountPoints2\{aed293f2-ead5-11db-9551-00163612f211}\Shell\AutoRun - "" = Auto&Play
O33 - MountPoints2\{aed293f2-ead5-11db-9551-00163612f211}\Shell\AutoRun\command - "" = E:\LaunchU3.exe
O33 - MountPoints2\{e7fc6c0e-48cd-11de-9645-00163612f211}\Shell\AutoRun\command - "" = E:\wd_windows_tools\WDSetup.exe
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/01/24 21:24:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Leslie Schooling\Desktop\peeper
[2011/01/16 17:26:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Leslie Schooling\Desktop\Colleen
[2011/01/09 18:28:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Leslie Schooling\Desktop\displayFullBill.do_files
[2011/01/04 19:09:32 | 000,000,000 | ---D | C] -- C:\Program Files\MSECache
[2010/12/30 17:59:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Leslie Schooling\Application Data\W Photo Studio
[2010/12/30 17:55:14 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Walgreens
[2010/12/30 17:55:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Walgreens
[2010/12/30 17:54:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Leslie Schooling\Application Data\Walgreens
[2010/12/30 17:54:38 | 000,000,000 | ---D | C] -- C:\Program Files\Walgreens
[2010/12/30 17:34:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Leslie Schooling\Application Data\W Photo Studio Viewer
[26 C:\Documents and Settings\Leslie Schooling\Desktop\*.tmp files -> C:\Documents and Settings\Leslie Schooling\Desktop\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/01/28 15:39:00 | 000,000,366 | ---- | M] () -- C:\WINDOWS\tasks\Symantec NetDetect.job
[2011/01/28 15:35:20 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/01/28 15:35:19 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2011/01/28 15:35:18 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2011/01/28 15:35:18 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
[2011/01/28 15:35:17 | 000,000,472 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
[2011/01/28 15:24:01 | 000,001,158 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/01/28 15:21:59 | 000,000,902 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/01/28 15:21:03 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/01/28 15:20:59 | 000,442,128 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/01/28 15:20:58 | 1332,203,520 | -HS- | M] () -- C:\hiberfil.sys
[2011/01/28 14:48:01 | 000,000,906 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/01/28 14:13:03 | 000,285,480 | ---- | M] (COMODO) -- C:\WINDOWS\System32\guard32.dll
[2011/01/28 14:13:02 | 000,094,784 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\inspect.sys
[2011/01/28 14:13:02 | 000,027,576 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdhlp.sys
[2011/01/28 14:13:01 | 000,239,368 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmdGuard.sys
[2011/01/28 14:13:01 | 000,015,592 | ---- | M] (COMODO) -- C:\WINDOWS\System32\drivers\cmderd.sys
[2011/01/27 21:55:55 | 000,000,010 | ---- | M] () -- C:\WINDOWS\popcinfo.dat
[2011/01/26 15:06:53 | 000,002,626 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/01/25 18:15:21 | 000,027,648 | ---- | M] () -- C:\Documents and Settings\Leslie Schooling\Desktop\Peeper Log.doc
[2011/01/25 16:44:17 | 000,301,056 | ---- | M] () -- C:\Documents and Settings\Leslie Schooling\Desktop\fo life.xls
[2011/01/24 20:34:00 | 000,046,141 | ---- | M] () -- C:\Documents and Settings\Leslie Schooling\Desktop\IMG_2073.jpg
[2011/01/16 16:42:16 | 000,002,281 | ---- | M] () -- C:\Documents and Settings\Leslie Schooling\Application Data\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Word 2003.lnk
[2011/01/13 00:47:35 | 000,038,848 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/01/13 00:47:32 | 000,188,216 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/01/13 00:41:16 | 000,294,608 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/01/13 00:40:16 | 000,047,440 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/01/13 00:40:04 | 000,100,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/01/13 00:39:50 | 000,094,544 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/01/13 00:37:30 | 000,023,632 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/01/13 00:37:11 | 000,029,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/01/13 00:37:09 | 000,017,744 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/01/12 12:26:03 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/01/11 19:01:30 | 000,095,232 | ---- | M] () -- C:\Documents and Settings\Leslie Schooling\Desktop\So we had a WILD vacation.doc
[2011/01/10 19:13:58 | 001,095,693 | ---- | M] () -- C:\Documents and Settings\Leslie Schooling\Desktop\IMG_5927.JPG
[2011/01/09 18:28:32 | 000,724,934 | ---- | M] () -- C:\Documents and Settings\Leslie Schooling\Desktop\displayFullBill.do.htm
[2011/01/05 16:56:55 | 000,000,162 | -H-- | M] () -- C:\Documents and Settings\Leslie Schooling\Desktop\~$ we had a WILD vacation.doc
[2010/12/30 17:55:17 | 000,001,918 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Walgreens W Photo Studio.lnk
[26 C:\Documents and Settings\Leslie Schooling\Desktop\*.tmp files -> C:\Documents and Settings\Leslie Schooling\Desktop\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/01/28 15:20:58 | 1332,203,520 | -HS- | C] () -- C:\hiberfil.sys
[2011/01/24 20:35:07 | 000,046,141 | ---- | C] () -- C:\Documents and Settings\Leslie Schooling\Desktop\IMG_2073.jpg
[2011/01/16 17:24:12 | 001,095,693 | ---- | C] () -- C:\Documents and Settings\Leslie Schooling\Desktop\IMG_5927.JPG
[2011/01/16 16:46:11 | 000,027,648 | ---- | C] () -- C:\Documents and Settings\Leslie Schooling\Desktop\Peeper Log.doc
[2011/01/09 18:28:16 | 000,724,934 | ---- | C] () -- C:\Documents and Settings\Leslie Schooling\Desktop\displayFullBill.do.htm
[2011/01/05 16:56:55 | 000,095,232 | ---- | C] () -- C:\Documents and Settings\Leslie Schooling\Desktop\So we had a WILD vacation.doc
[2011/01/05 16:56:55 | 000,000,162 | -H-- | C] () -- C:\Documents and Settings\Leslie Schooling\Desktop\~$ we had a WILD vacation.doc
[2011/01/01 11:08:37 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2011/01/01 11:08:33 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
[2011/01/01 11:08:29 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
[2011/01/01 11:08:05 | 000,000,472 | ---- | C] () -- C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
[2010/12/30 17:55:17 | 000,001,918 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Walgreens W Photo Studio.lnk
[2010/04/30 19:07:01 | 000,000,130 | ---- | C] () -- C:\WINDOWS\cfplogvw.INI
[2008/11/25 21:06:41 | 000,020,992 | ---- | C] () -- C:\WINDOWS\jestertb.dll
[2008/08/08 11:15:42 | 000,022,328 | ---- | C] () -- C:\Documents and Settings\Leslie Schooling\Application Data\PnkBstrK.sys
[2007/12/23 01:40:07 | 000,056,832 | ---- | C] () -- C:\WINDOWS\System32\Iyvu9_32.dll
[2007/12/03 16:13:57 | 000,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2007/11/22 18:37:34 | 000,000,064 | ---- | C] () -- C:\WINDOWS\init.ini
[2007/10/20 20:09:11 | 000,000,214 | ---- | C] () -- C:\WINDOWS\HP_48BitScanUpdatePatch.ini
[2006/12/15 22:29:47 | 000,000,020 | ---- | C] () -- C:\WINDOWS\LANG.INI
[2006/04/15 18:58:34 | 000,006,586 | ---- | C] () -- C:\Documents and Settings\Leslie Schooling\Application Data\GdiplusUpgrade_MSIApproach_Wrapper.log
[2006/04/15 18:58:34 | 000,000,206 | ---- | C] () -- C:\WINDOWS\HPGdiPlus.ini
[2006/03/18 11:26:36 | 000,000,098 | ---- | C] () -- C:\WINDOWS\NAVPRESS.INI
[2006/01/15 23:22:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\QuickInstall.INI
[2006/01/15 22:24:57 | 000,000,139 | ---- | C] () -- C:\Documents and Settings\Leslie Schooling\Local Settings\Application Data\fusioncache.dat
[2006/01/15 21:57:55 | 000,005,527 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\hpzinstall.log
[2006/01/10 11:28:44 | 000,152,576 | ---- | C] () -- C:\Documents and Settings\Leslie Schooling\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/04/10 08:36:12 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2005/04/10 08:36:12 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2005/04/10 08:36:12 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2005/04/10 08:36:12 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2005/04/10 08:36:12 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2005/04/10 08:36:12 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2005/04/10 08:22:32 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/04/10 08:19:31 | 000,015,669 | ---- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2005/02/12 00:33:06 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/07 05:16:44 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2004/08/07 05:10:08 | 000,000,780 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/07 04:57:54 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/01/13 10:46:34 | 000,172,032 | ---- | C] () -- C:\WINDOWS\System32\tifmicon.dll
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2010/02/18 20:03:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2006/12/12 13:44:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HipSoft
[2008/05/08 19:04:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\HotSync
[2005/04/10 08:52:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\muvee Technologies
[2006/08/19 21:41:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2010/04/02 16:29:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2010/12/30 17:55:02 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Walgreens
[2008/12/20 17:26:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\YAHOO
[2010/05/12 14:01:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2009/10/03 19:33:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD}
[2009/06/13 22:07:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/10/18 18:17:11 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{CFBD8779-FAAB-4357-84F2-1EC8619FADA6}
[2008/05/08 19:00:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Leslie Schooling\Application Data\HotSync
[2006/02/25 20:13:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Leslie Schooling\Application Data\InterVideo
[2006/01/14 23:34:52 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Leslie Schooling\Application Data\Leadertech
[2006/12/11 21:42:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Leslie Schooling\Application Data\Magic Match
[2008/01/12 20:19:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Leslie Schooling\Application Data\MyPublisher
[2009/12/12 12:04:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Leslie Schooling\Application Data\NormSoft
[2007/09/11 23:55:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Leslie Schooling\Application Data\Snapfish
[2010/12/30 18:04:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Leslie Schooling\Application Data\W Photo Studio
[2010/12/30 18:04:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Leslie Schooling\Application Data\W Photo Studio Viewer
[2010/12/30 17:54:59 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Leslie Schooling\Application Data\Walgreens
[2011/01/28 15:35:17 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 1).job
[2011/01/28 15:35:18 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 2).job
[2011/01/28 15:35:18 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 3).job
[2011/01/28 15:35:19 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Daily 4).job
[2011/01/28 15:35:20 | 000,000,472 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5C321E34

< End of report >
  • 0

Advertisements

#2
mitch8
Posted 05 February 2011 - 08:45 PM

mitch8

    Trusted Helper

  • Malware Removal
  • 1,356 posts
Hi LesFo,

Sorry for the delay.

It appears that your computer is clean. Your anti-virus probably cleaned it up. Let's get one more scan to be sure.

Download GMER from Here. Note the file's name and save it to your root folder, such as C:\.
  • Disconnect from the Internet and close all running programs.
  • Temporarily disable any real-time active protection so your security program drivers will not conflict with this file.
  • Click on this link to see a list of programs that should be disabled.
  • Double-click on the downloaded file to start the program. (If running Vista, right click on it and select "Run as an Administrator")
  • Allow the driver to load if asked.
  • You may be prompted to scan immediately if it detects rootkit activity.
  • If you are prompted to scan your system click "No", save the log and post back the results.
  • If not prompted, click the "Rootkit/Malware" tab.
  • On the right-side, all items to be scanned should be checked by default except for "Show All". Leave that box unchecked.
  • Select all drives that are connected to your system to be scanned.
  • Click the Scan button to begin. (Please be patient as it can take some time to complete)
  • When the scan is finished, click Save to save the scan results to your Desktop.
  • Save the file as Results.log and copy/paste the contents in your next reply.
  • Exit the program and re-enable all active protection when done.

  • 0

#3
LesFo
Posted 07 February 2011 - 10:22 PM

LesFo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
Thank you Mitch for your prompt response. I did just what you said and ran the GMER program and when I tried to save it as a log on my desktop, my computer froze. When I powered it off, it made a beep and the sound has been distorted ever since then. I could not get the program to run anymore without freezing up. It is at a snail's pace now and i have been getting a windows forms parking window program that is running hidden until it does want to stop running on shut down. I tried to run avast and when I did, i got the second blue screen while running avast that said the "driver irql not less or equal" and mentions this file: "atapi.sys" Now what?
  • 0

#4
mitch8
Posted 08 February 2011 - 03:55 PM

mitch8

    Trusted Helper

  • Malware Removal
  • 1,356 posts
Rootkit UnHooker (RkU)
Please download Rootkit Unhooker from one of the following links and save it to your desktop.
Link 1 (.exe file)
Link 2 (zipped file)
Link 3 (.rar file)In order to use this tool if you downloaded from either of the second two links, you will need to extract the RKUnhookerLE.exe file using a program capable of extracing ZIP and RAR compressed files. If you don't have an extraction program, you can downlaod, install and use the free 7-zip utility.

  • Double-click on RKUnhookerLE.exe to start the program.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • Click the Report tab, then click Scan.
  • Check Drivers, Stealth, and uncheck the rest.
  • Click OK.
  • Wait until it's finished and then go to File > Save Report.
  • Save the report to your Desktop.
  • Copy and paste the contents of the report into your next reply.
-- Note: You may get this warning...just ignore it, click OK and continue: "Rootkit Unhooker has detected a parasite inside itself! It is recommended to remove parasite, okay?".
  • 0

#5
LesFo
Posted 08 February 2011 - 09:15 PM

LesFo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
RkU Version: 3.8.388.590, Type LE (SR2)
==============================================
OS Name: Windows XP
Version 5.1.2600 (Service Pack 3)
Number of processors #1
==============================================
>Drivers
==============================================
0x804D7000 C:\WINDOWS\system32\ntkrnlpa.exe 2066816 bytes (Microsoft Corporation, NT Kernel & System)
0x804D7000 PnpManager 2066816 bytes
0x804D7000 RAW 2066816 bytes
0x804D7000 WMIxWDM 2066816 bytes
0xBF800000 Win32k 1855488 bytes
0xBF800000 C:\WINDOWS\System32\win32k.sys 1855488 bytes (Microsoft Corporation, Multi-User Win32 Driver)
0xF16C5000 C:\WINDOWS\system32\DRIVERS\HSF_DP.sys 1040384 bytes (Conexant Systems, Inc., HSF_DP driver)
0xBF06B000 C:\WINDOWS\System32\ialmdd5.DLL 905216 bytes (Intel Corporation, DirectDraw® Driver for Intel® Graphics Technology)
0xF1972000 C:\WINDOWS\system32\DRIVERS\ialmnt5.sys 806912 bytes (Intel Corporation, Intel Graphics Miniport Driver)
0xF1619000 C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys 704512 bytes (Conexant Systems, Inc., HSF_CNXT driver)
0xF7209000 Ntfs.sys 577536 bytes (Microsoft Corporation, NT File System Driver)
0xAA5CB000 C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 458752 bytes (Microsoft Corporation, Windows NT SMB Minirdr)
0xF153A000 C:\WINDOWS\system32\DRIVERS\update.sys 385024 bytes (Microsoft Corporation, Update Driver)
0xF18CD000 C:\WINDOWS\system32\DRIVERS\bcmwl5.sys 372736 bytes (Broadcom Corporation, Broadcom 802.11 Network Adapter wireless driver)
0xAA6FB000 C:\WINDOWS\system32\DRIVERS\tcpip.sys 364544 bytes (Microsoft Corporation, TCP/IP Protocol Driver)
0xA9570000 C:\WINDOWS\system32\DRIVERS\srv.sys 360448 bytes (Microsoft Corporation, Server driver)
0xF183D000 C:\WINDOWS\system32\drivers\camc6hal.sys 348160 bytes (Conexant Systems Inc., Conexant AmcHal Driver)
0xAA584000 C:\WINDOWS\System32\Drivers\aswSP.SYS 290816 bytes (AVAST Software, avast! self protection module)
0xBFFA0000 C:\WINDOWS\System32\ATMFD.DLL 290816 bytes (Adobe Systems Incorporated, Windows NT OpenType/Type 1 Font Driver)
0xA8E04000 C:\WINDOWS\System32\Drivers\HTTP.sys 266240 bytes (Microsoft Corporation, HTTP Protocol Stack)
0xAA787000 C:\WINDOWS\System32\DRIVERS\cmdguard.sys 233472 bytes (COMODO, COMODO Internet Security Sandbox Driver)
0xF17C3000 C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys 208896 bytes (Conexant Systems, Inc., HSFHWICH WDM driver)
0xF7358000 ACPI.sys 188416 bytes (Microsoft Corporation, ACPI Driver for NT)
0xF15EB000 C:\WINDOWS\system32\DRIVERS\SynTP.sys 188416 bytes (Synaptics, Inc., Synaptics Touchpad Driver)
0xA9CBA000 C:\WINDOWS\system32\DRIVERS\mrxdav.sys 184320 bytes (Microsoft Corporation, Windows NT WebDav Minirdr)
0xF71C6000 C:\WINDOWS\System32\DRIVERS\NDIS.SYS 184320 bytes (Microsoft Corporation, NDIS 5.1 wrapper driver)
0xBF03F000 C:\WINDOWS\System32\ialmdev5.DLL 180224 bytes (Intel Corporation, Component GHAL Driver)
0xF1598000 C:\WINDOWS\system32\DRIVERS\odysseyIM4.sys 176128 bytes (Funk Software, Inc., Odyssey Network Driver (EAPOL Only))
0xAA63B000 C:\WINDOWS\system32\DRIVERS\rdbss.sys 176128 bytes (Microsoft Corporation, Redirected Drive Buffering SubSystem Driver)
0xAA6AD000 C:\WINDOWS\system32\DRIVERS\netbt.sys 163840 bytes (Microsoft Corporation, MBT Transport driver)
0xF18A6000 C:\WINDOWS\system32\drivers\tifm21.sys 159744 bytes (Texas Instruments, tifm21.sys)
0xAA6D5000 C:\WINDOWS\system32\DRIVERS\ipnat.sys 155648 bytes (Microsoft Corporation, IP Network Address Translator)
0xAA666000 C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys 151552 bytes (SUPERAdBlocker.com and SUPERAntiSpyware.com, SASKUTIL.SYS)
0xF1819000 C:\WINDOWS\system32\drivers\portcls.sys 147456 bytes (Microsoft Corporation, Port Class (Class Driver for Port/Miniport Devices))
0xF193A000 C:\WINDOWS\system32\DRIVERS\USBPORT.SYS 147456 bytes (Microsoft Corporation, USB 1.1 & 2.0 Port Driver)
0xF17F6000 C:\WINDOWS\system32\drivers\ks.sys 143360 bytes (Microsoft Corporation, Kernel CSA Library)
0xAA68B000 C:\WINDOWS\System32\drivers\afd.sys 139264 bytes (Microsoft Corporation, Ancillary Function Driver for WinSock)
0x806D0000 ACPI_HAL 131840 bytes
0x806D0000 C:\WINDOWS\system32\hal.dll 131840 bytes (Microsoft Corporation, Hardware Abstraction Layer DLL)
0xF72D2000 fltmgr.sys 131072 bytes (Microsoft Corporation, Microsoft Filesystem Filter Manager)
0xF730A000 ftdisk.sys 126976 bytes (Microsoft Corporation, FT Disk Driver)
0xBF020000 C:\WINDOWS\System32\ialmdnt5.dll 126976 bytes (Intel Corporation, Controller Hub for Intel Graphics Driver)
0xF7329000 pcmcia.sys 122880 bytes (Microsoft Corporation, PCMCIA Bus Driver)
0xF71AC000 Mup.sys 106496 bytes (Microsoft Corporation, Multiple UNC Provider driver)
0xF72F2000 atapi.sys 98304 bytes (Microsoft Corporation, IDE/ATAPI Port Driver)
0xAA544000 C:\WINDOWS\System32\Drivers\dump_atapi.sys 98304 bytes
0xAA072000 C:\WINDOWS\System32\Drivers\aswMon2.SYS 94208 bytes (AVAST Software, avast! File System Filter Driver for Windows XP)
0xF72A9000 KSecDD.sys 94208 bytes (Microsoft Corporation, Kernel Security Support Provider Interface)
0xF15D4000 C:\WINDOWS\system32\DRIVERS\ndiswan.sys 94208 bytes (Microsoft Corporation, MS PPP Framing Driver (Strong Encryption))
0xF71F3000 inspect.sys 90112 bytes (COMODO, COMODO Internet Security Firewall Driver)
0xA9ECD000 C:\WINDOWS\system32\drivers\wdmaud.sys 86016 bytes (Microsoft Corporation, MMSYSTEM Wave/Midi API mapper)
0xF1892000 C:\WINDOWS\system32\DRIVERS\sdbus.sys 81920 bytes (Microsoft Corporation, SecureDigital Bus Driver)
0xF195E000 C:\WINDOWS\system32\DRIVERS\VIDEOPRT.SYS 81920 bytes (Microsoft Corporation, Video Port Driver)
0xAA754000 C:\WINDOWS\system32\DRIVERS\ipsec.sys 77824 bytes (Microsoft Corporation, IPSec Driver)
0xF7296000 WudfPf.sys 77824 bytes (Microsoft Corporation, Windows Driver Foundation - User-mode Driver Framework Platform Driver)
0xBF000000 C:\WINDOWS\System32\drivers\dxg.sys 73728 bytes (Microsoft Corporation, DirectX Graphics Driver)
0xF1928000 C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys 73728 bytes (Realtek Semiconductor Corporation , Realtek 10/100/1000 NDIS 5.1 Driver )
0xF72C0000 sr.sys 73728 bytes (Microsoft Corporation, System Restore Filesystem Filter Driver)
0xF7347000 pci.sys 69632 bytes (Microsoft Corporation, NT Plug and Play PCI Enumerator)
0xF15C3000 C:\WINDOWS\system32\DRIVERS\psched.sys 69632 bytes (Microsoft Corporation, MS QoS Packet Scheduler)
0xF75E7000 C:\WINDOWS\System32\Drivers\Cdfs.SYS 65536 bytes (Microsoft Corporation, CD-ROM File System Driver)
0xF2514000 C:\WINDOWS\system32\DRIVERS\cdrom.sys 65536 bytes (Microsoft Corporation, SCSI CD-ROM Driver)
0xF74A7000 ohci1394.sys 65536 bytes (Microsoft Corporation, 1394 OpenHCI Port Driver)
0xF2544000 C:\WINDOWS\system32\drivers\drmk.sys 61440 bytes (Microsoft Corporation, Microsoft Kernel DRM Descrambler Filter)
0xF7507000 Lbd.sys 61440 bytes (Lavasoft AB, Boot Driver)
0xF2504000 C:\WINDOWS\system32\DRIVERS\redbook.sys 61440 bytes (Microsoft Corporation, Redbook Audio Filter Driver)
0xF5603000 C:\WINDOWS\system32\drivers\sysaudio.sys 61440 bytes (Microsoft Corporation, System Audio WDM Filter)
0xF7567000 C:\WINDOWS\system32\DRIVERS\usbhub.sys 61440 bytes (Microsoft Corporation, Default Hub Driver for USB)
0xF74B7000 C:\WINDOWS\system32\DRIVERS\1394BUS.SYS 57344 bytes (Microsoft Corporation, 1394 Bus Device Driver)
0xBF012000 C:\WINDOWS\System32\ialmrnt5.dll 57344 bytes (Intel Corporation, Controller Hub for Intel Graphics Driver)
0xF7487000 owxmp.sys 57344 bytes
0xF74F7000 C:\WINDOWS\system32\DRIVERS\CLASSPNP.SYS 53248 bytes (Microsoft Corporation, SCSI Class System Dll)
0xF2534000 C:\WINDOWS\system32\DRIVERS\i8042prt.sys 53248 bytes (Microsoft Corporation, i8042 Port Driver)
0xF6B8D000 C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 53248 bytes (Microsoft Corporation, RAS L2TP mini-port/call-manager driver)
0xF74D7000 VolSnap.sys 53248 bytes (Microsoft Corporation, Volume Shadow Copy Driver)
0xF6B6D000 C:\WINDOWS\system32\DRIVERS\raspptp.sys 49152 bytes (Microsoft Corporation, Peer-to-Peer Tunneling Protocol)
0xF75B7000 C:\WINDOWS\System32\Drivers\Fips.SYS 45056 bytes (Microsoft Corporation, FIPS Crypto Driver)
0xF2524000 C:\WINDOWS\system32\DRIVERS\imapi.sys 45056 bytes (Microsoft Corporation, IMAPI Kernel Driver)
0xF74C7000 MountMgr.sys 45056 bytes (Microsoft Corporation, Mount Manager)
0xF6B7D000 C:\WINDOWS\system32\DRIVERS\raspppoe.sys 45056 bytes (Microsoft Corporation, RAS PPPoE mini-port/call-manager driver)
0xF7597000 C:\WINDOWS\System32\Drivers\aswTdi.SYS 40960 bytes (AVAST Software, avast! TDI Filter Driver)
0xF2554000 C:\WINDOWS\system32\drivers\camc6aud.sys 40960 bytes (Conexant Systems Inc., Conexant WDM AC97 Audio Driver)
0xF7497000 isapnp.sys 40960 bytes (Microsoft Corporation, PNP ISA Bus Driver)
0xF7547000 C:\WINDOWS\System32\Drivers\NDProxy.SYS 40960 bytes (Microsoft Corporation, NDIS Proxy)
0xA9658000 C:\WINDOWS\system32\DRIVERS\secdrv.sys 40960 bytes (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K., Macrovision SECURITY Driver)
0xF6B4D000 C:\WINDOWS\system32\DRIVERS\termdd.sys 40960 bytes (Microsoft Corporation, Terminal Server Driver)
0xF74E7000 disk.sys 36864 bytes (Microsoft Corporation, PnP Disk Driver)
0xF2574000 C:\WINDOWS\system32\DRIVERS\intelppm.sys 36864 bytes (Microsoft Corporation, Processor Device Driver)
0xF6B5D000 C:\WINDOWS\system32\DRIVERS\msgpc.sys 36864 bytes (Microsoft Corporation, MS General Packet Classifier)
0xF75A7000 C:\WINDOWS\system32\DRIVERS\netbios.sys 36864 bytes (Microsoft Corporation, NetBIOS interface driver)
0xA8A3C000 C:\WINDOWS\System32\Drivers\Normandy.SYS 36864 bytes (RKU Driver)
0xF7517000 PxHelp20.sys 36864 bytes (Sonic Solutions, Px Engine Device Driver for Windows 2000/XP)
0xF7587000 C:\WINDOWS\system32\DRIVERS\wanarp.sys 36864 bytes (Microsoft Corporation, MS Remote Access and Routing ARP Driver)
0xF77B7000 C:\WINDOWS\System32\Drivers\Modem.SYS 32768 bytes (Microsoft Corporation, Modem Device Driver)
0xF777F000 C:\WINDOWS\System32\Drivers\Npfs.SYS 32768 bytes (Microsoft Corporation, NPFS Driver)
0xF7737000 C:\WINDOWS\system32\DRIVERS\usbehci.sys 32768 bytes (Microsoft Corporation, EHCI eUSB Miniport Driver)
0xF7707000 C:\WINDOWS\system32\DRIVERS\PCIIDEX.SYS 28672 bytes (Microsoft Corporation, PCI IDE Bus Driver Extension)
0xF7847000 C:\WINDOWS\System32\Drivers\Aavmker4.SYS 24576 bytes (AVAST Software, avast! Base Kernel-Mode Device Driver for Windows NT/2000/XP)
0xF7887000 C:\WINDOWS\System32\DRIVERS\cmdhlp.sys 24576 bytes (COMODO, COMODO Internet Security Helper Driver)
0xF787F000 C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys 24576 bytes (GEAR Software Inc., CD DVD Filter)
0xF780F000 C:\WINDOWS\system32\DRIVERS\kbdclass.sys 24576 bytes (Microsoft Corporation, Keyboard Class Driver)
0xF774F000 C:\WINDOWS\system32\DRIVERS\mouclass.sys 24576 bytes (Microsoft Corporation, Mouse Class Driver)
0xF7857000 C:\WINDOWS\system32\DRIVERS\usbuhci.sys 24576 bytes (Microsoft Corporation, UHCI USB Miniport Driver)
0xF77CF000 C:\WINDOWS\System32\drivers\vga.sys 24576 bytes (Microsoft Corporation, VGA/Super VGA Video Driver)
0xF77BF000 C:\WINDOWS\System32\Drivers\aswRdr.SYS 20480 bytes (AVAST Software, avast! TDI RDR Driver)
0xF77D7000 C:\WINDOWS\System32\Drivers\Msfs.SYS 20480 bytes (Microsoft Corporation, Mailslot driver)
0xF770F000 PartMgr.sys 20480 bytes (Microsoft Corporation, Partition Manager)
0xF77A7000 C:\WINDOWS\system32\DRIVERS\ptilink.sys 20480 bytes (Parallel Technologies, Inc., Parallel Technologies DirectParallel IO Library)
0xF778F000 C:\WINDOWS\system32\DRIVERS\raspti.sys 20480 bytes (Microsoft Corporation, PTI DirectParallel® mini-port/call-manager driver)
0xAA191000 C:\Program Files\SUPERAntiSpyware\SASENUM.SYS 20480 bytes ( SUPERAdBlocker.com and SUPERAntiSpyware.com, SASENUM.SYS)
0xF7717000 C:\WINDOWS\System32\DRIVERS\TDI.SYS 20480 bytes (Microsoft Corporation, TDI Wrapper)
0xF7837000 C:\WINDOWS\System32\watchdog.sys 20480 bytes (Microsoft Corporation, Watchdog Driver)
0xAA0ED000 C:\WINDOWS\system32\DRIVERS\asyncmac.sys 16384 bytes (Microsoft Corporation, MS Remote Access serial network driver)
0xF789F000 C:\WINDOWS\system32\DRIVERS\BATTC.SYS 16384 bytes (Microsoft Corporation, Battery Class Driver)
0xF794B000 C:\WINDOWS\system32\DRIVERS\CmBatt.sys 16384 bytes (Microsoft Corporation, Control Method Battery Driver)
0xF713A000 C:\WINDOWS\system32\DRIVERS\mssmbios.sys 16384 bytes (Microsoft Corporation, System Management BIOS Driver)
0xAA161000 C:\WINDOWS\system32\DRIVERS\ndisuio.sys 16384 bytes (Microsoft Corporation, NDIS User mode I/O Driver)
0xF78A3000 ACPIEC.sys 12288 bytes (Microsoft Corporation, ACPI Embedded Controller Driver)
0xAA4DC000 C:\WINDOWS\System32\Drivers\aswFsBlk.SYS 12288 bytes (AVAST Software, avast! File System Access Blocking Driver)
0xF7897000 C:\WINDOWS\system32\BOOTVID.dll 12288 bytes (Microsoft Corporation, VGA Boot Driver)
0xF789B000 compbatt.sys 12288 bytes (Microsoft Corporation, Composite Battery Driver)
0xAA57C000 C:\WINDOWS\System32\drivers\Dxapi.sys 12288 bytes (Microsoft Corporation, DirectX API Driver)
0xA9905000 C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys 12288 bytes (Conexant, Diagnostic Interface DRIVER)
0xF712A000 C:\WINDOWS\system32\DRIVERS\ndistapi.sys 12288 bytes (Microsoft Corporation, NDIS 3.0 connection wrapper driver)
0xF68EA000 C:\WINDOWS\system32\DRIVERS\rasacd.sys 12288 bytes (Microsoft Corporation, RAS Automatic Connection Driver)
0xF715F000 C:\WINDOWS\system32\DRIVERS\wmiacpi.sys 12288 bytes (Microsoft Corporation, Windows Management Interface for ACPI)
0xF7999000 C:\WINDOWS\System32\Drivers\Beep.SYS 8192 bytes (Microsoft Corporation, BEEP Driver)
0xF79EB000 C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS 8192 bytes
0xF79A9000 C:\WINDOWS\system32\drivers\EABFiltr.sys 8192 bytes (Hewlett-Packard Company, QLB PS/2 Keyboard filter driver)
0xF7995000 C:\WINDOWS\System32\Drivers\Fs_Rec.SYS 8192 bytes (Microsoft Corporation, File System Recognizer Driver)
0xF7987000 C:\WINDOWS\system32\KDCOM.DLL 8192 bytes (Microsoft Corporation, Kernel Debugger HW Extension DLL)
0xF799D000 C:\WINDOWS\System32\Drivers\mnmdd.SYS 8192 bytes (Microsoft Corporation, Frame buffer simulator)
0xF79A1000 C:\WINDOWS\System32\DRIVERS\RDPCDD.sys 8192 bytes (Microsoft Corporation, RDP Miniport)
0xF7A49000 C:\WINDOWS\system32\DRIVERS\swenum.sys 8192 bytes (Microsoft Corporation, Plug and Play Software Device Enumerator)
0xF7A43000 C:\WINDOWS\system32\DRIVERS\USBD.SYS 8192 bytes (Microsoft Corporation, Universal Serial Bus Driver)
0xF7989000 C:\WINDOWS\system32\DRIVERS\WMILIB.SYS 8192 bytes (Microsoft Corporation, WMILIB WMI support library Dll)
0xF7B83000 C:\WINDOWS\system32\DRIVERS\audstub.sys 4096 bytes (Microsoft Corporation, AudStub Driver)
0xF7A94000 C:\WINDOWS\System32\drivers\dxgthk.sys 4096 bytes (Microsoft Corporation, DirectX Graphics Driver Thunk)
0xF7AC0000 C:\WINDOWS\System32\Drivers\Null.SYS 4096 bytes (Microsoft Corporation, NULL Driver)
0xF7A50000 C:\WINDOWS\system32\DRIVERS\OPRGHDLR.SYS 4096 bytes (Microsoft Corporation, ACPI Operation Registration Driver)
0xF7A4F000 pciide.sys 4096 bytes (Microsoft Corporation, Generic PCI IDE Bus Driver)
==============================================
>Stealth
==============================================
WARNING: Virus alike driver modification [ndistapi.sys]
WARNING: Virus alike driver modification [HSF_DP.sys]
WARNING: Virus alike driver modification [dxapi.sys]
WARNING: Virus alike driver modification [sfloppy.sys]
WARNING: Virus alike driver modification [cpqdap01.sys]
WARNING: Virus alike driver modification [nikedrv.sys]
WARNING: Virus alike driver modification [rio8drv.sys]
WARNING: Virus alike driver modification [riodrv.sys]
WARNING: Virus alike driver modification [ws2ifsl.sys]
WARNING: Virus alike driver modification [fsvga.sys]
WARNING: Virus alike driver modification [mdmxsdk.sys]
WARNING: Virus alike driver modification [afd.sys]
WARNING: Virus alike driver modification [cmbatt.sys]
WARNING: Virus alike driver modification [ks.sys]
WARNING: Virus alike driver modification [battc.sys]
WARNING: Virus alike driver modification [usbport.sys]
WARNING: Virus alike driver modification [ndisuio.sys]
WARNING: Virus alike driver modification [smclib.sys]
WARNING: Virus alike driver modification [portcls.sys]
WARNING: Virus alike driver modification [ipnat.sys]
WARNING: Virus alike driver modification [mssmbios.sys]
WARNING: Virus alike driver modification [tifm21.sys]
WARNING: Virus alike driver modification [netbt.sys]
WARNING: Virus alike driver modification [raspti.sys]
WARNING: Virus alike driver modification [kmixer.sys]
WARNING: Virus alike driver modification [odysseyIM4.sys]
WARNING: Virus alike driver modification [rdbss.sys]
WARNING: Virus alike driver modification [ptilink.sys]
WARNING: Virus alike driver modification [bcm42rly.sys]
WARNING: Virus alike driver modification [mrxdav.sys]
WARNING: Virus alike driver modification [SynTP.sys]
WARNING: Virus alike driver modification [cdaudio.sys]
WARNING: Virus alike driver modification [acpi.sys]
WARNING: Virus alike driver modification [msfs.sys]
WARNING: Virus alike driver modification [secdrv.sys]
WARNING: Virus alike driver modification [usbuhci.sys]
WARNING: Virus alike driver modification [HSFHWICH.sys]
WARNING: Virus alike driver modification [vga.sys]
WARNING: Virus alike driver modification [tsbvcap.sys]
WARNING: Virus alike driver modification [PnkBstrK.sys]
WARNING: Virus alike driver modification [mouclass.sys]
WARNING: Virus alike driver modification [kbdclass.sys]
WARNING: Virus alike driver modification [cinemst2.sys]
WARNING: Virus alike driver modification [GEARAspiWDM.sys]
WARNING: Virus alike driver modification [modem.sys]
WARNING: Virus alike driver modification [usbehci.sys]
WARNING: Virus alike driver modification [npfs.sys]
WARNING: Virus alike driver modification [atmepvc.sys]
WARNING: Virus alike driver modification [rawwan.sys]
WARNING: Virus alike driver modification [wanarp.sys]
WARNING: Virus alike driver modification [camc6hal.sys]
WARNING: Virus alike driver modification [netbios.sys]
WARNING: Virus alike driver modification [msgpc.sys]
WARNING: Virus alike driver modification [atmuni.sys]
WARNING: Virus alike driver modification [tcpip.sys]
WARNING: Virus alike driver modification [intelppm.sys]
WARNING: Virus alike driver modification [BCMWL5.SYS]
WARNING: Virus alike driver modification [camc6aud.sys]
WARNING: Virus alike driver modification [update.sys]
WARNING: Virus alike driver modification [termdd.sys]
WARNING: Virus alike driver modification [raspppoe.sys]
WARNING: Virus alike driver modification [imapi.sys]
WARNING: Virus alike driver modification [beep.sys]
WARNING: Virus alike driver modification [mnmdd.sys]
WARNING: Virus alike driver modification [rdpcdd.sys]
WARNING: Virus alike driver modification [swenum.sys]
WARNING: Virus alike driver modification [wmilib.sys]
WARNING: Virus alike driver modification [fips.sys]
WARNING: Virus alike driver modification [usbd.sys]
WARNING: Virus alike driver modification [raspptp.sys]
WARNING: Virus alike driver modification [classpnp.sys]
WARNING: Virus alike driver modification [rasl2tp.sys]
WARNING: Virus alike driver modification [tosdvd.sys]
WARNING: Virus alike driver modification [i8042prt.sys]
WARNING: Virus alike driver modification [dmusic.sys]
WARNING: Virus alike driver modification [nwlnkspx.sys]
WARNING: Virus alike driver modification [swmidi.sys]
WARNING: Virus alike driver modification [redbook.sys]
WARNING: Virus alike driver modification [vdmindvd.sys]
WARNING: Virus alike driver modification [rootmdm.sys]
WARNING: Virus alike driver modification [usbhub.sys]
WARNING: Virus alike driver modification [drmk.sys]
WARNING: Virus alike driver modification [sysaudio.sys]
WARNING: Virus alike driver modification [ohci1394.sys]
WARNING: Virus alike driver modification [splitter.sys]
WARNING: Virus alike driver modification [cdrom.sys]
WARNING: Virus alike driver modification [nwlnknb.sys]
WARNING: Virus alike driver modification [cdfs.sys]
WARNING: Virus alike driver modification [enum1394.sys]
WARNING: Virus alike driver modification [psched.sys]
WARNING: Virus alike driver modification [HSF_CNXT.sys]
WARNING: Virus alike driver modification [Rtlnicxp.sys]
WARNING: Virus alike driver modification [eabfiltr.sys]
WARNING: Virus alike driver modification [ipsec.sys]
WARNING: Virus alike driver modification [mcd.sys]
WARNING: Virus alike driver modification [sdbus.sys]
WARNING: Virus alike driver modification [fs_rec.sys]
WARNING: Virus alike driver modification [videoprt.sys]
WARNING: Virus alike driver modification [wdmaud.sys]
WARNING: Virus alike driver modification [rasacd.sys]
WARNING: Virus alike driver modification [wmiacpi.sys]
WARNING: Virus alike driver modification [ndiswan.sys]
WARNING: Virus alike driver modification [atapi.sys]
  • 0

#6
mitch8
Posted 09 February 2011 - 03:55 PM

mitch8

    Trusted Helper

  • Malware Removal
  • 1,356 posts
Hi,

Try to boot into Last Known Good Configuration, as the computer is booting press and hold your "F8 Key" which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to move to "Last Known Good Configuration " and press your Enter key. Do the weird error messages stop? Is your computer still freezing?
  • 0

#7
LesFo
Posted 10 February 2011 - 07:05 PM

LesFo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
I booted to last known config. I've had to restart a few times since then since it's still acting weird. In those restarts, I let windows boot normally. It does, VERY slowly. The malware cleaner you recommended still freezes up the computer. Still won't run, even tho we disabled all the firewalls, etc. We've run lots of other malware and spyware programs with what seemed to be good success. At my last 2 restarts, I had an active desktop recovery message on the desktop, but the desktop was not setup as a web page. I changed the desktop to a new graphic and that problem seems to be gone on the next restart. I've had some chrome/google unresponsive script errors with mozilla also. Also my audio driver is messed up. The sound is REALLY weird. Scarier/distorted.
  • 0

#8
mitch8
Posted 10 February 2011 - 09:07 PM

mitch8

    Trusted Helper

  • Malware Removal
  • 1,356 posts
OK,

Download ComboFix here :

Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop


  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you don't know how to disable them then just continue on.

  • Double click on ComboFix.exe & follow the prompts.

  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.

  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Posted Image



Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:

Posted Image


Click on Yes, to continue scanning for malware.

When finished, it shall produce a log for you. Please include the C:\ComboFix.txt log in your next reply.
  • 0

#9
LesFo
Posted 11 February 2011 - 10:13 PM

LesFo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
We finally got the combofix to run after several tries. Emsisoft was running when we couldn't tell. The bluescreen says it will be about 10 minutes or double that if there is a lot of malware. BUT it's been about 1.5-2 hrs. Should we hold down the power button or wait or what? The sound was really weird earlier today. Those drivers are sure messed up. :D Thanks a lot for your help.
  • 0

#10
mitch8
Posted 12 February 2011 - 10:16 AM

mitch8

    Trusted Helper

  • Malware Removal
  • 1,356 posts
Yes, I would kill the power.

Restart it and do this:

Press the windows key and the R key. This will open up the run dialog. Type in sfc /scannow and press enter.

Also check to see if there is a log at C:\ComboFix.txt
  • 0

Advertisements

#11
LesFo
Posted 12 February 2011 - 04:05 PM

LesFo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
We have run the scannow 3 times because there is never any sign that it has finished. We finally watched as the protected windows files check progress bar disappeared after about an hr and still no finishing message. Also there is no combofix log file in C:.
  • 0

#12
mitch8
Posted 12 February 2011 - 04:45 PM

mitch8

    Trusted Helper

  • Malware Removal
  • 1,356 posts
Save these instructions so you can have access to them while in Safe Mode.

Please click here to download AVP Tool by Kaspersky.
  • Save it to your desktop.
  • Reboot your computer into SafeMode.

    You can do this by restarting your computer and continually tapping the F8 key until a menu appears.
    Use your up arrow key to highlight SafeMode then hit enter    .

  • Double click the setup file to run it.
  • Click Next to continue.
  • Accept the Licence agreement and click on next
  • It will by default install it to your desktop folder.Click Next.
  • It will then open a box There will be a tab that says Automatic scan.
  • Under Automatic scan make sure these are checked.

  • Hidden Startup Objects
  • System Memory
  • Disk Boot Sectors.
  • My Computer.
  • Also any other drives (Removable that you may have)


Leave the rest of the settings as they appear as default.

  • Then click on Scan at the to right hand Corner.
  • It will automatically Neutralize any objects found.
  • If some objects are left un-neutralized then click the button that says Neutralize all
  • If it says it cannot be Neutralized then choose The delete option when prompted.
  • After that is done click on the reports button at the bottom and save it to file name it Kas.
  • Save it somewhere convenient like your desktop and just post only the detected Virus\malware in the report it will be at the very top under Detected post those results in your next reply.

    Note: This tool will self uninstall when you close it so please save the log before closing it.


  • 0

#13
LesFo
Posted 12 February 2011 - 10:52 PM

LesFo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
We did not find anything like "detected" like you said to paste. Nothing showed up on critical or important events. WE pasted all the events except "ok" and packed" and archived. We pasted corrupted, not processed and password protected. There is no password on my operating system, so that was strange. Also while we were in safe mode we tried to run gmer and combofix to no avail. They freeze. It won't boot up normally still. Just in last known config.

Result: Corrupted (events: 1)
2/12/2011 4:26:23 PM C:\Documents and Settings\Leslie Schooling\Local Settings\Temporary Internet Files\Content.IE5\APNOVO4C\6002373291492_4_92315763[1].png
Result: Not processed (events: 21)
2/12/2011 3:32:05 PM C:\pagefile.sys Object is locked
2/12/2011 3:45:53 PM C:\Documents and Settings\Leslie Schooling\NTUSER.DAT Object is locked
2/12/2011 3:45:53 PM C:\Documents and Settings\Leslie Schooling\ntuser.dat.LOG Object is locked
2/12/2011 4:13:30 PM C:\Documents and Settings\Leslie Schooling\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked
2/12/2011 4:13:30 PM C:\Documents and Settings\Leslie Schooling\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked
2/12/2011 4:44:07 PM C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked
2/12/2011 4:44:07 PM C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked
2/12/2011 4:44:08 PM C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked
2/12/2011 4:44:08 PM C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked
2/12/2011 7:08:24 PM C:\WINDOWS\system32\CatRoot2\edb.log Object is locked
2/12/2011 7:08:25 PM C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked
2/12/2011 7:08:26 PM C:\WINDOWS\system32\config\default Object is locked
2/12/2011 7:08:26 PM C:\WINDOWS\system32\config\default.LOG Object is locked
2/12/2011 7:08:26 PM C:\WINDOWS\system32\config\SAM Object is locked
2/12/2011 7:08:26 PM C:\WINDOWS\system32\config\SAM.LOG Object is locked
2/12/2011 7:08:26 PM C:\WINDOWS\system32\config\SECURITY Object is locked
2/12/2011 7:08:26 PM C:\WINDOWS\system32\config\SECURITY.LOG Object is locked
2/12/2011 7:08:26 PM C:\WINDOWS\system32\config\software Object is locked
2/12/2011 7:08:26 PM C:\WINDOWS\system32\config\software.LOG Object is locked
2/12/2011 7:08:27 PM C:\WINDOWS\system32\config\system Object is locked
2/12/2011 7:08:27 PM C:\WINDOWS\system32\config\system.LOG Object is locked
Result: Password protected (events: 293)
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{044F5AB9-7C14-4AA2-B2E8-31AAAA0894EE}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{180708CF-31CD-456E-B8EB-E573B61CA420}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{1C2E961D-10BB-47AA-B1EF-EC217D354000}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{281B771A-1B75-4BF8-B379-E4A80C8D45B4}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{2CFA040A-EFEA-4C0D-9279-957721C16C87}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{2F9B7E49-502D-4778-ABC9-4D47668AFF7B}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{35BACDD9-622F-4DF9-9192-717ACCDF073F}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{3BF50029-39CF-4902-9060-6E3C67B019F5}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{43449F64-0F30-42E4-A2B9-66BEE60FD9E0}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{45D7E28C-32CA-4DF6-AD36-F0DABAFD65CD}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{4AC48E74-09A4-4B1D-98C8-B3601E69AEA7}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{5245EF38-E929-4171-8BB3-4D602F516E05}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{56FA68B7-C90E-447A-A601-FF410105458C}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{630AA5AA-AA69-4013-8307-BE1802968B85}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{6815DB18-3FB1-48C9-8810-4FCA2048712D}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{71B2CB72-29FE-4411-B6E1-8A01E1C5F1A2}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{721385F5-A3BA-46C0-B8D6-435FD028B125}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{742CB3A6-EA44-4FB4-BBF1-1C90ED4BBBC6}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{7BD12060-F9DE-4E42-BB26-6B3830D31DBD}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{8456B3FA-4155-48F5-97D8-089FB7F212C1}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{8D99499B-BD08-4A33-8952-748F82BFF73B}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{8E7330D4-6AB3-4590-A05E-C54B03699AE9}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{931587DD-2BCC-44B2-82AC-A5E511BC19FC}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{94723FD0-C150-42A7-A48E-E6E2F666AB38}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{9921214C-8589-46E5-BC93-55A3818923CB}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{A5C686A0-4DB6-44F9-835D-8D3AAB5B890C}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{BCF8053F-3F1B-4194-9A64-26DED21B99A1}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{BFFA85D7-712F-4C02-8E67-0323C068F84E}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{D6CC74D8-84C7-49BB-BC2B-8FB476AFA2F3}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{D7B78B3F-309C-405E-9435-BC8F6ECC3F72}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{E85A2BB5-3403-43E3-AAA3-73189319433C}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{E8F59B6C-A18D-478D-8246-A28ADD515243}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{EA78E069-54E6-4F12-9317-3D27D62BAF94}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/{FAEAA0AD-F348-4EE5-B6E5-513F7083C9C2}
2/12/2011 3:51:57 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 02-09-2011 - 06-37-43.SBU/backup.db
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{00F5F76A-F928-4B49-84CC-01FEB953925C}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{0121CEED-BE05-454C-A915-1718C9B4F5D3}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{02FA55A5-9965-4532-BF93-CA9E8A5933A5}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{04579CC5-2DF5-4774-8304-507B6A17BDB8}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{04DB2DE7-C345-4492-84DF-F15FE16276FE}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{050191F1-8BFA-41B2-96AE-AAEC2F52D838}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{065FE5E3-70D2-411A-8136-5815DC9C2303}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{06D7B3C6-E9CC-4569-BABD-A8A85B332E99}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{07FAE848-EA03-454B-90E3-A65716592DF9}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{08034DBC-5C65-46A7-983F-FE7781508995}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{0901CB10-FA59-4173-BD45-6AC4468F5749}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{0B03D7D5-707D-48ED-8F1E-A045B7B24C7E}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{0BC16213-C8E1-478F-9FE4-F83522509557}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{0E11C902-727C-45DF-9573-6E74EEB64C5B}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{0E943CB1-179D-4C93-9602-60D4F1332219}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{10829582-67D9-46D9-B8F4-7959EBB59920}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{11B11231-87AD-4FA5-819A-E42621D3C17C}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{12492249-1506-4078-9020-EE4F7BFB3BC2}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{14CB6AAD-D08A-4A47-AE48-C19C5681D7D5}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{15B1F616-69E1-4C84-AF18-C5D9B9F0176D}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{15C43393-54E9-4771-9E88-12741956FE27}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{18491AD3-5F6B-4338-B6AC-40DE89371EC6}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{18856B92-6254-4EBA-AADF-4BA752A8F9C9}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{19242CCB-376D-4D35-BA4F-C84CEF783565}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{198D11CF-81F5-46A5-A690-AF50DB9BE78F}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{1A0F2B67-0C1A-4807-B438-66E6085EBFC8}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{1AE6F6FA-3258-420B-B99D-544DC988922A}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{1DB03AFC-CD13-44B9-A797-1DC8EE011DB4}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{208D3292-57EA-4EAA-B786-9DA48DB237A9}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{20A1B507-7680-4FBE-AFCB-7820AE01F627}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{2222D587-DE24-436B-8895-4ADAB9C15A66}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{2480AE78-1CCD-4E22-85BC-6832C36902B8}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{25491CDD-3A07-4E35-ABCF-34BE956C6FF1}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{25A91AFD-0B2F-4231-8CAB-0E60CC27960A}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{27207006-EB42-434F-8D4D-F9438A37BA7D}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{27A66AC6-85BF-4B80-BD15-5CCE3E6D6EB1}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{281CDE1A-6E5D-4B82-804A-46A47EFD3D36}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{29DA39F3-B781-4514-AC0F-ADFB60C33903}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{29DD8648-E344-49B3-B57F-BF6C8085062D}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{2AA3ADDC-83DC-461B-9C38-B0BD0364DA5F}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{2BFA7E36-5A6E-4932-B9B9-C9A2ACD162DE}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{2C252BB0-FC18-4879-9BFD-80292984D550}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{2CF8628D-7DFF-496D-9C0A-97F580F53A05}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{2D287D36-C0C6-4E69-BBEA-7CF76B993B53}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{2DBA6755-A8CB-4515-8014-ECA5D3AA2701}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{2E627634-9FC8-445A-BA16-07EFC05C9733}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{2EEF49AF-9137-45B1-B91A-186D65721148}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{31B7713E-85B6-45CC-AB72-89901765D3C3}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{31DA6123-5331-4337-8914-6B1BB0C31E08}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{3320775A-E730-4B3F-836F-2E3111CE00E1}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{3351323C-BCC5-48EF-A82B-E5AAD2841390}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{33ABDB46-1781-4809-8CB5-7C7EF3A077A7}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{3635B8EE-B479-4691-B12F-F5BA49EAE76D}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{37FD1E23-7915-4A37-84EA-9C4B079259EE}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{3855D45A-54ED-4423-91C6-C7808D24EB94}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{38C78448-F3E3-444D-B1D1-777518EC3DBD}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{39176B79-889A-4177-A081-C743F30C1182}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{3942596E-9A53-409C-AE2E-0224127E91BC}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{3949C04F-D0D9-4F81-9C34-294A8768A2A9}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{39D26B8F-5589-4EC1-BA8E-F92A0F1A8042}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{3A9FF922-61FE-4E60-9173-08B2E0793F0F}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{3B05DC1E-3489-4176-A633-BB6DF3C77764}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{3C5C1E84-A929-436C-B7CD-57033F14E7F6}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{4098FCEB-452B-425A-912E-8C2DCF83AB47}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{46126C69-B207-40B1-ADCB-168DD36A4B82}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{4690AF56-64A3-4D23-97A6-28BDFB15CFDA}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{4693B897-9326-4A13-BA3C-5194A636E27E}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{4706C03A-2997-4E26-8E5F-21A186A6563C}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{4708F073-83C1-404C-8747-5C8CD21DEB70}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{472703F5-EAD7-4D8B-98A3-9F4A14B8D5C7}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{47A183EC-6CAB-4CBE-9EB3-503D0BA99C96}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{47B5EABA-D5D8-4E26-98D1-843633094F84}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{48911730-64DE-4247-BA04-E2FA59B42BCD}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{49C37C87-BB58-4966-AFF6-9453B40C9438}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{4A00C615-5F1F-4A7D-9EDA-B83A07B49AF4}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{4ABEE2FB-E638-429F-8286-FA08107AD5D6}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{4E4D5E93-B94F-4F95-A20E-A68FE0F72930}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{4EB334EF-2AEA-4827-BE84-5A8BA4010A39}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{4FC3541D-E44B-482C-821D-62EB3AA0B7F7}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{51D1BDFE-AE91-4F33-8AA7-BF74E0A102B6}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{52F63BD0-90CE-4CC0-AD91-DB95FB0BC7B0}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{531ABBC8-0808-4052-B5F1-FAAE690DD654}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{5332FC3A-12EA-4AE5-8D1E-B2B2ACA0F7A2}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{53762F35-48D6-469D-8426-EFA89E5029EC}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{541BB836-3511-42FE-9BD6-E40BB8611273}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{549123F1-0978-4301-AF79-CDDF9F02FC79}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{54A42130-F782-4873-BB17-47201DA4A144}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{55013674-87F7-4EE1-8EBA-7DC80BE03571}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{568DF6A9-B34A-482F-90FE-24A5F5136FBC}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{587D184B-A4AB-4E82-ADB4-04D6E9BFE9F9}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{591E3A43-ECC3-4CF3-8152-3451178011FD}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{593F96E4-1A02-4CB2-92F5-A12D5413BEAD}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{5A2D56AE-4EF0-4B7E-A3E9-3C2D9069FB66}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{5B674957-F1E1-47E8-9CE3-B2BB82A844E5}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{5C24ABBE-43B7-4E6D-A5AB-CF1D9C99BD5C}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{5C8701AA-D925-4E10-B722-0419AA9C5762}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{5E4FE5BD-AC4E-4106-96C0-B46C7BCF57D1}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{5E8EEAD3-132F-40E1-886A-F0A8763CA23B}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{60197028-2C5A-470F-96B6-5555EEFDACB9}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{612FCD25-222B-4CC7-8978-162A1B5101F6}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{615B5818-0325-4F50-8C62-B17CE8E41001}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{618B63F2-7C58-4200-8CEF-EACBE29F44D3}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{63C72B0E-431F-4087-A55F-FD72FB9758B4}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{667480F4-4B8E-4585-A937-6401AA6BADBD}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{66AC9D9A-A66D-4DFA-9408-6E8ECD79DF64}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{66F8B15B-A0A7-4C3F-8E25-DC2EB3C6CA33}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{681D905B-5A92-401F-90F0-E5D42B1A5B04}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{68A5B70D-1EC3-4E05-9B88-488DCAADD144}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{6B06D84B-8046-47CC-8282-AD209C39CC57}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{6B40A738-C9F5-4E0E-A900-CA41D6524888}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{6E40BCB5-E5D7-431F-B2C0-2A4DAC853BD1}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{6EC3426A-8B23-4E10-92A4-4F22BC00E61A}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{6F1CCC5C-DA1E-475F-824D-4987AF15E2B2}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{7067363A-9D79-4B15-9ECD-B1C4DF1CAC96}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{71E36D21-4B1A-4C7F-82C6-8EDD705CB431}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{72DDEF68-6487-48A5-8601-4B861C8411F5}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{72F54512-3A2F-47BD-B8C5-A53DC7ADC191}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{73029803-F796-4939-8ABE-B08ACA2C04D7}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{74AA22D7-5833-476B-96F7-2B166A0D89B7}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{75331AE0-C672-40DC-86FB-1E1240249B0B}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{790C9085-27BD-4F06-8A00-4DC3719DCE50}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{796D7F19-941F-4E83-BB7B-C0CB9F3ED8E4}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{7AB5F779-8719-412F-A33D-4F11A3FDA2EA}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{7AD33BD0-E597-4893-B810-2E4B9638621E}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{7D214F5E-5646-46F5-BDCB-531A7A3460A5}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{7D2F288E-D1A9-4E29-9132-425DB5B1C7B4}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{7DA4C0F3-2C60-466F-AD65-C648828230B2}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{7DFE1493-1BF3-4C5F-A20D-503A3F35F599}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{7E763316-24D7-40CE-A32E-82175EB1F4CD}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{7EF0A242-F210-43E4-9C3C-FEE741F2692B}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{7F2FDBFD-F155-4C7C-96F8-F9180BF3E6B0}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{801EDD16-C6FA-4FA3-AD2B-02B11A4FB524}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{80A16D02-87AE-4703-902A-0DE5D53DC930}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{830F8E71-172A-463F-B370-D51387400AAA}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{84852EE7-37FB-4547-8E18-7398DA7C9CFC}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{85B2BC06-E3D3-4CB4-9E6A-FDF14C790C25}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{86F3F35E-76D1-4C99-B925-157F8F62B3A4}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{8726D7C9-4618-41D1-BD30-BFFD174661DF}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{87E45127-B564-44AF-ABD5-C872794F0168}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{8832F96C-D010-432D-9277-B19F1C80B5B4}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{8895CB1B-08B8-4FAC-A507-3055F143F164}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{89121E2C-4A99-43DC-9A2A-C75C3B490049}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{8A60E876-1444-4888-BBE2-E0AA722620CE}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{8CD335B5-2078-4124-88B6-2D6DDF6468F5}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{8FCACFA2-40E7-4F91-8B2C-7CC4A1FC2691}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{90375437-74F5-4CE4-94D0-E03AE18BE461}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{907AF292-8444-4A22-BBD4-929ED8B3BB05}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{935AB566-47E6-4499-84E1-6A3FB3FF59A1}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{937D98D7-B301-46A7-989C-8EE07FF01DD7}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{9479830A-B1B2-4EAB-95BD-D89AC85175B5}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{94EED49B-AA62-48CA-BAF8-35187DC2CBCF}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{9693451E-E014-4A44-89FD-CE0C8C892A9A}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{986A5D52-8A45-4A41-8D5A-37AED851DCD4}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{99A7E35F-7C5F-4D84-88CA-9FB396AFB52E}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{9A107F03-9F31-41BC-8CFB-8B510927A7AB}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{9C71E7AE-42C3-4C6B-B8E9-A7C66C3F5B26}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{9E0BA399-CE95-4275-9501-CBD44D91509F}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{A0878594-5316-4370-BC2F-E3A409287E4F}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{A08BAF5D-6502-493F-9DEB-2E6B77C928D5}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{A18B8C8D-AAB8-49CD-819E-F6CE64A71A48}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{A1981487-64DD-4150-8F7D-C0E4D6E07822}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{A24E1E6B-9560-490A-8650-59063E1304F3}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{A3504ABA-72AC-41C2-A6FF-893326C27B08}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{A64E99A2-F297-4F3C-83DF-E37B1E0B2926}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{A91C332D-DA69-4614-9248-ECEEC08E2795}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{A91F707E-7176-4A32-895B-EA88C10C4CFB}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{A9234512-D1E4-4F60-A2D3-529E74C14295}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{A94D359D-54DB-499C-A884-DF1939185DEF}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{A9A2FC91-DDC1-4E85-8C41-AB5C8492C3C7}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{AA741E49-E34B-4525-B691-BD7EDBFFE772}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{AB57969B-EC62-4E88-B75C-80B1168770EF}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{AB5C0A62-7A38-4891-94FA-A605324C661D}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{AB715455-E7AE-41A0-898C-AF0213D77E7F}
2/12/2011 3:51:58 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{ACB9D04F-FB44-4412-B4D4-5E716D97CA0A}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{AF11CCB2-75E9-433D-9676-14FEFDDBDE4D}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{B1251FCB-6964-42F7-B06C-9396764229F3}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{B4B31832-782F-4BD7-B464-C06D9E12A476}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{B4D195DD-2C50-4E99-8A42-88D978FBC568}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{B7646FD5-4020-4C7B-86FB-514C10A995FE}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{B8A2DCD8-FEA6-4605-A726-AD52DD74FDBD}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{B8D5B66E-62AB-4E58-8C81-0865AFF7F67B}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{BA9E076A-5511-4521-9AFA-E7C9DF4E9F27}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{BAF1D1BC-74FF-41C1-BE95-774A1A837239}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{BB79CCBE-6185-4F34-9DB0-042B3CCC30B8}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{BB8671BB-E0BA-4954-9F81-673E742DCD24}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{BC12AC72-D9D0-4538-B1E5-DD77EACD22DC}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{BC71C8E7-AEC6-4D10-A409-3C293B8DA283}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{BC846417-DE31-425B-8501-3014989D61A0}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{BCBEB8FC-A4DE-4619-A3D6-1AB1ECC561A0}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{BEE6A9F5-E34D-4B0F-B283-5F89CC28EFA9}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{BF05E0A1-4A89-40D2-8EC1-5BD1D7EB174D}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{BFB97FBB-7225-4A75-BD08-C1F944A0CBD2}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{C04BD151-7C58-450B-B99D-A285A50E9624}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{C258D273-720F-4D84-B9CF-DFF63CBC7F69}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{C2E3519E-DF49-46EA-BB1A-0B6285903073}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{C3270319-1874-45A1-BEEA-BC8A997F8BB9}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{C5DC93A6-5289-443C-AA74-0B458BA913B9}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{C734598C-3E69-45BE-A29A-C3F3E204B392}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{C7D38E27-DB37-412C-9BEB-17C46CF59457}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{C7FB5750-217D-44EA-99CF-09189A0E34BA}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{C86BB718-B169-4A81-BCE8-8415160B781A}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{C8B79608-AC1D-42AC-9183-D8C77036A72F}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{C9F7216E-7875-4267-B4B9-67F824F2A2A9}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{CA71E4F4-C2C7-41A6-B892-212D5125075A}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{CAD4E05F-0E78-435B-8E7A-BEDF169B4188}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{CC4B63D7-685F-4FE0-B817-91017B555BC0}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{CCC0E4DA-9D7D-4677-9916-585DA3207FF3}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{D0921505-4051-4CD5-B90B-252BB3F184DC}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{D1A8080F-4C17-4E3D-9A7B-A0E39BFACDE3}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{D2E08EE9-59ED-4C97-8450-8630F3C5C51B}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{D2F6E028-4C2F-4BF0-A31D-895D401A115C}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{D3CEAC95-674B-42DB-84A3-A62328278D3E}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{D3F38050-A585-4FC6-9CE1-A5EA5969DE63}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{D69E5D9B-CE70-4796-AD29-F2817641DFB7}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{D6BEEC26-D710-4028-ADED-3634F0FD4779}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{D74C2B7E-799B-4A9A-BB28-C4D403F29008}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{D8C2C4F6-0336-4009-B089-9B46A53C084D}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{D9F74454-5169-437A-A986-B7683D1EE421}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{DA663C58-86F7-4DE9-8D69-F3718E350322}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{DCB70D4B-91BA-479E-A23C-CF1CA131E080}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{DE4F4C0C-54E5-4145-9A2E-7FAC7C500D41}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{DECBAD53-1122-4005-AC4D-4D75AAC8E380}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{DFBDCEE1-DA6F-473D-B913-7851743EAD0C}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{E090E2C4-0E74-4586-8521-2AB3B1C1C470}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{E3B94F2C-D3FF-4188-A28E-25B48C8B3A91}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{E43B6D63-4963-49F9-9774-2D88C24F923D}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{E4CACBE0-D5BF-47F8-9519-812FECB4BDE1}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{E5502F1B-D3DD-43EB-B0EF-61625019CC45}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{E6E64C53-0B33-4B29-B6AB-66911C34A8CA}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{E7B34D7A-3F36-4135-BF31-197D3A5A2A82}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{E7D11929-1856-46AD-AE53-A75BD9CCD620}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{E821EFD9-1994-4E23-B529-9C80769583D0}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{E91FB417-2C83-48D4-87F8-AF682582DDAB}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{E9C2693B-5696-4B04-8C9A-D442E4062B2D}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{EA986F5D-EE86-4894-95E7-2B800F05C7EB}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{EAA1E245-3FC6-4AE4-A4D8-830954DEEA2A}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{EAC30DBD-4A27-4E25-ADE7-E845D1ED0108}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{EBC01032-471E-4A61-8115-43E8277CCBBE}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{EF24E259-6E9F-41E6-9BC5-8C5A7EA6814D}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{EF38F527-5641-4F0B-8A11-DC4D6A093ECE}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{F0155423-F153-4797-AC81-9AB36A4350EB}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{F08A9E19-8630-41DE-8D0F-04A71072C6DD}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{F0E1CD02-6E1C-43A4-8C85-F76B9E46FAE2}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{F110C306-7FCE-45A8-B978-149977F68A17}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{F1D3ECDB-8679-4423-B9A1-59B0EDE56517}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{F31DC38D-B99B-4546-AEBE-0B8BD113C8CD}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{F702C013-B8BD-48EE-877D-157B796AD805}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{FA22FF86-5461-4439-85B8-CB3226945D93}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{FB4F7C3A-B05F-47AB-9242-D89892183656}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{FC3EC452-FCA3-446A-8C84-118117F0AA20}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{FCA5025E-9CD5-4021-A82B-0CD4396CE02E}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{FCB704B8-CA8C-493E-BEF1-BD4CA0F06EA1}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{FD9AC36E-AFBF-411C-A139-FCB47D9C8565}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{FDF430F4-DF37-499B-9485-C662D3BA2BF9}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{FE292A22-9775-4D16-84A4-41CB7B0E5922}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{FE7AFF79-EAC3-4008-924F-439CE19EFC6B}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/{FED17F20-CB8B-4A69-8733-86ECD5C40E38}
2/12/2011 3:51:59 PM C:\Documents and Settings\Leslie Schooling\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\Quarantine\Quarantine - 09-20-2009 - 18-41-52.SBU/backup.db
Result: Task started (events: 1)
2/12/2011 3:20:58 PM
Result: Task completed (events: 1)
2/12/2011 7:17:13 PM
  • 0

#14
mitch8
Posted 12 February 2011 - 11:54 PM

mitch8

    Trusted Helper

  • Malware Removal
  • 1,356 posts
Ok,

This is getting weird. Try this:

Please download MBRCheck.exe to your desktop.

  • Double click to run it
  • It will prompt you with some text
  • A text file will be generated on your desktop
  • Now paste that text here for me.

  • 0

#15
LesFo
Posted 13 February 2011 - 12:16 AM

LesFo

    Member

  • Topic Starter
  • Member
  • PipPip
  • 35 posts
MBRCheck, version 1.2.3
© 2010, AD

Command-line:
Windows Version: Windows XP Home Edition
Windows Information: Service Pack 3 (build 2600)
Logical Drives Mask: 0x0000006c

Kernel Drivers (total 145):
0x804D7000 \WINDOWS\system32\ntkrnlpa.exe
0x806D1000 \WINDOWS\system32\hal.dll
0xF7987000 \WINDOWS\system32\KDCOM.DLL
0xF7897000 \WINDOWS\system32\BOOTVID.dll
0xF7358000 ACPI.sys
0xF7989000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
0xF7347000 pci.sys
0xF7487000 isapnp.sys
0xF7497000 ohci1394.sys
0xF74A7000 \WINDOWS\system32\DRIVERS\1394BUS.SYS
0xF789B000 compbatt.sys
0xF789F000 \WINDOWS\system32\DRIVERS\BATTC.SYS
0xF7A4F000 pciide.sys
0xF7707000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
0xF798B000 intelide.sys
0xF798D000 viaide.sys
0xF798F000 aliide.sys
0xF7329000 pcmcia.sys
0xF74B7000 MountMgr.sys
0xF730A000 ftdisk.sys
0xF78A3000 ACPIEC.sys
0xF7A50000 \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
0xF770F000 PartMgr.sys
0xF74C7000 VolSnap.sys
0xF72F2000 atapi.sys
0xF74D7000 disk.sys
0xF74E7000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
0xF72D2000 fltmgr.sys
0xF72C0000 sr.sys
0xF74F7000 PxHelp20.sys
0xF72A9000 KSecDD.sys
0xF7296000 WudfPf.sys
0xF7209000 Ntfs.sys
0xF71F3000 inspect.sys
0xF71C6000 \WINDOWS\System32\DRIVERS\NDIS.SYS
0xF7717000 \WINDOWS\System32\DRIVERS\TDI.SYS
0xF7507000 serial.sys
0xF71AC000 Mup.sys
0xF7517000 06660172.sys
0xF7937000 \SystemRoot\system32\DRIVERS\CmBatt.sys
0xF3CC6000 \SystemRoot\system32\DRIVERS\intelppm.sys
0xF36C6000 \SystemRoot\system32\DRIVERS\ialmnt5.sys
0xF36B2000 \SystemRoot\system32\DRIVERS\VIDEOPRT.SYS
0xF7827000 \SystemRoot\system32\DRIVERS\usbuhci.sys
0xF368E000 \SystemRoot\system32\DRIVERS\USBPORT.SYS
0xF786F000 \SystemRoot\system32\DRIVERS\usbehci.sys
0xF367C000 \SystemRoot\system32\DRIVERS\Rtlnicxp.sys
0xF3621000 \SystemRoot\system32\DRIVERS\bcmwl5.sys
0xF35FA000 \SystemRoot\system32\drivers\tifm21.sys
0xF35E6000 \SystemRoot\system32\DRIVERS\sdbus.sys
0xF3591000 \SystemRoot\system32\drivers\camc6hal.sys
0xF3CB6000 \SystemRoot\system32\drivers\camc6aud.sys
0xF356D000 \SystemRoot\system32\drivers\portcls.sys
0xF3CA6000 \SystemRoot\system32\drivers\drmk.sys
0xF354A000 \SystemRoot\system32\drivers\ks.sys
0xF3517000 \SystemRoot\system32\DRIVERS\HSFHWICH.sys
0xF3419000 \SystemRoot\system32\DRIVERS\HSF_DP.sys
0xF336D000 \SystemRoot\system32\DRIVERS\HSF_CNXT.sys
0xF77B7000 \SystemRoot\System32\Drivers\Modem.SYS
0xF3C96000 \SystemRoot\system32\DRIVERS\i8042prt.sys
0xF7787000 \SystemRoot\system32\DRIVERS\kbdclass.sys
0xF333F000 \SystemRoot\system32\DRIVERS\SynTP.sys
0xF7A11000 \SystemRoot\system32\DRIVERS\USBD.SYS
0xF7867000 \SystemRoot\system32\DRIVERS\mouclass.sys
0xF3C86000 \SystemRoot\system32\DRIVERS\imapi.sys
0xF3C76000 \SystemRoot\system32\DRIVERS\cdrom.sys
0xF3C66000 \SystemRoot\system32\DRIVERS\redbook.sys
0xF784F000 \SystemRoot\SYSTEM32\DRIVERS\GEARAspiWDM.sys
0xF37A3000 \SystemRoot\system32\DRIVERS\wmiacpi.sys
0xF7B73000 \SystemRoot\system32\DRIVERS\audstub.sys
0xF6C10000 \SystemRoot\system32\DRIVERS\rasl2tp.sys
0xF379B000 \SystemRoot\system32\DRIVERS\ndistapi.sys
0xF3328000 \SystemRoot\system32\DRIVERS\ndiswan.sys
0xF6C00000 \SystemRoot\system32\DRIVERS\raspppoe.sys
0xF6BF0000 \SystemRoot\system32\DRIVERS\raspptp.sys
0xF3317000 \SystemRoot\system32\DRIVERS\psched.sys
0xF6BE0000 \SystemRoot\system32\DRIVERS\msgpc.sys
0xF7777000 \SystemRoot\system32\DRIVERS\ptilink.sys
0xF7757000 \SystemRoot\system32\DRIVERS\raspti.sys
0xF32EC000 \SystemRoot\system32\DRIVERS\odysseyIM4.sys
0xF6BD0000 \SystemRoot\system32\DRIVERS\termdd.sys
0xF7A17000 \SystemRoot\system32\DRIVERS\swenum.sys
0xF328E000 \SystemRoot\system32\DRIVERS\update.sys
0xF797F000 \SystemRoot\system32\DRIVERS\mssmbios.sys
0xF76E7000 \SystemRoot\System32\Drivers\NDProxy.SYS
0xF7547000 \SystemRoot\system32\DRIVERS\usbhub.sys
0xF7567000 \??\C:\Program Files\Emsisoft Anti-Malware\a2dix86.sys
0xAA787000 \SystemRoot\System32\DRIVERS\cmdguard.sys
0xAA736000 \SystemRoot\system32\DRIVERS\0666017.sys
0xF7A25000 \SystemRoot\System32\Drivers\Fs_Rec.SYS
0xF7A5B000 \SystemRoot\System32\Drivers\Null.SYS
0xF7A29000 \SystemRoot\System32\Drivers\Beep.SYS
0xF772F000 \SystemRoot\System32\drivers\vga.sys
0xF7A2D000 \SystemRoot\System32\Drivers\mnmdd.SYS
0xF7A31000 \SystemRoot\System32\DRIVERS\RDPCDD.sys
0xF781F000 \SystemRoot\System32\Drivers\Msfs.SYS
0xF785F000 \SystemRoot\System32\Drivers\Npfs.SYS
0xF7157000 \SystemRoot\system32\DRIVERS\rasacd.sys
0xAA6DB000 \SystemRoot\system32\DRIVERS\ipsec.sys
0xAA682000 \SystemRoot\system32\DRIVERS\tcpip.sys
0xF77A7000 \SystemRoot\System32\DRIVERS\cmdhlp.sys
0xAA65C000 \SystemRoot\system32\DRIVERS\ipnat.sys
0xF7577000 \SystemRoot\system32\DRIVERS\wanarp.sys
0xF7587000 \SystemRoot\System32\Drivers\aswTdi.SYS
0xAA634000 \SystemRoot\system32\DRIVERS\netbt.sys
0xF783F000 \SystemRoot\System32\Drivers\aswRdr.SYS
0xAA612000 \SystemRoot\System32\drivers\afd.sys
0xF7597000 \SystemRoot\system32\DRIVERS\netbios.sys
0xAA5F0000 \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
0xF774F000 \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
0xAA5C5000 \SystemRoot\system32\DRIVERS\rdbss.sys
0xAA555000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0xF75A7000 \SystemRoot\System32\Drivers\Fips.SYS
0xF7A39000 \??\C:\WINDOWS\system32\drivers\EABFiltr.sys
0xAA50E000 \SystemRoot\System32\Drivers\aswSP.SYS
0xF77DF000 \SystemRoot\System32\Drivers\Aavmker4.SYS
0xF7A3B000 \??\C:\Program Files\Emsisoft Anti-Malware\a2util32.sys
0xA9FC6000 \SystemRoot\system32\DRIVERS\06660171.sys
0xF7627000 \SystemRoot\System32\Drivers\Cdfs.SYS
0xA9FAE000 \SystemRoot\System32\Drivers\dump_atapi.sys
0xF79A3000 \SystemRoot\System32\Drivers\dump_WMILIB.SYS
0xBF800000 \SystemRoot\System32\win32k.sys
0xAA506000 \SystemRoot\System32\drivers\Dxapi.sys
0xF77E7000 \SystemRoot\System32\watchdog.sys
0xBF000000 \SystemRoot\System32\drivers\dxg.sys
0xF7AF1000 \SystemRoot\System32\drivers\dxgthk.sys
0xBF020000 \SystemRoot\System32\ialmdnt5.dll
0xBF012000 \SystemRoot\System32\ialmrnt5.dll
0xBF03F000 \SystemRoot\System32\ialmdev5.DLL
0xBF06B000 \SystemRoot\System32\ialmdd5.DLL
0xBF148000 \SystemRoot\System32\ATMFD.DLL
0xA9F22000 \SystemRoot\System32\Drivers\aswFsBlk.SYS
0xF5D1B000 \??\C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys
0xA9B4F000 \SystemRoot\system32\DRIVERS\ndisuio.sys
0xA9A7C000 \SystemRoot\System32\Drivers\aswMon2.SYS
0xA98FF000 \SystemRoot\system32\drivers\wdmaud.sys
0xA995C000 \SystemRoot\system32\drivers\sysaudio.sys
0xA96EC000 \SystemRoot\system32\DRIVERS\mrxdav.sys
0xA9428000 \SystemRoot\system32\DRIVERS\srv.sys
0xA955C000 \SystemRoot\system32\DRIVERS\mdmxsdk.sys
0xA92E8000 \SystemRoot\system32\DRIVERS\secdrv.sys
0xA8E47000 \SystemRoot\System32\Drivers\HTTP.sys
0xA8B7B000 \SystemRoot\System32\Drivers\Fastfat.SYS
0xA8B50000 \SystemRoot\system32\drivers\kmixer.sys
0x7C900000 \WINDOWS\system32\ntdll.dll

Processes (total 41):
0 System Idle Process
4 System
1068 C:\WINDOWS\system32\smss.exe
1864 csrss.exe
2020 C:\WINDOWS\system32\winlogon.exe
396 C:\WINDOWS\system32\services.exe
416 C:\WINDOWS\system32\lsass.exe
1064 C:\Program Files\Emsisoft Anti-Malware\a2service.exe
1484 C:\WINDOWS\system32\svchost.exe
1656 svchost.exe
1724 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
1860 C:\WINDOWS\system32\svchost.exe
236 C:\WINDOWS\system32\svchost.exe
1152 svchost.exe
1308 svchost.exe
252 C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
1268 C:\WINDOWS\system32\spoolsv.exe
1500 svchost.exe
1912 C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
1616 C:\WINDOWS\explorer.exe
696 C:\Program Files\Bonjour\mDNSResponder.exe
844 C:\Program Files\Java\jre6\bin\jqs.exe
608 C:\Program Files\Common Files\LightScribe\LSSrvc.exe
1832 C:\Program Files\Linksys\Wireless-G Notebook Adapter\NICServ.exe
2756 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
2940 C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
3016 C:\Program Files\Hp\hpcoretech\hpcmpmgr.exe
3040 C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
3192 C:\Program Files\iTunes\iTunesHelper.exe
3264 C:\WINDOWS\system32\ctfmon.exe
1652 C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe
4044 C:\WINDOWS\system32\PnkBstrA.exe
2092 C:\WINDOWS\system32\PnkBstrB.exe
3028 C:\WINDOWS\system32\svchost.exe
1828 C:\Program Files\Hp\Digital Imaging\bin\hpqgalry.exe
3056 C:\Program Files\iPod\bin\iPodService.exe
3208 alg.exe
2588 C:\WINDOWS\system32\svchost.exe
3228 C:\Program Files\Mozilla Firefox\firefox.exe
1216 C:\Program Files\Mozilla Firefox\plugin-container.exe
1192 C:\Documents and Settings\Leslie Schooling\Desktop\MBRCheck.exe

\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`00007e00 (NTFS)

PhysicalDrive0 Model Number: ST9402113A, Rev: 3.02

Size Device Name MBR Status
--------------------------------------------
37 GB \\.\PhysicalDrive0 Windows 98 MBR code detected
SHA1: 48F01D7E76A0F3C038D08611E3FDC0EE4EF9FD3E


Done!
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP