I am all out of ideas and quite computer illiterate so anything you can do to help me at this point would be greatly appreciated.
________________________________________________________________________________________
Logfile of HijackThis v1.99.1
Scan saved at 1:58:10 PM, on 12/1/2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\csrss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
F:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
F:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
F:\Program Files\dnetc\dnetc.exe
F:\Program Files\ewido\security suite\ewidoctrl.exe
F:\WINDOWS\SYSTEM32\GEARSEC.EXE
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\wdfmgr.exe
F:\WINDOWS\System32\alg.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\SOUNDMAN.EXE
F:\Program Files\PowerDVD\PDVDServ.exe
F:\Program Files\HP DVD\Umbrella\DVDTray.exe
F:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
F:\Program Files\Winamp\winampa.exe
G:\program files\HP Share-to-Web\hpgs2wnd.exe
G:\program files\Photo Imaging\Hpi_Monitor.exe
F:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
F:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe
F:\Program Files\AIM\aim.exe
F:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
F:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
g:\PROGRA~1\HPSHAR~1\hpgs2wnf.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
F:\WINDOWS\system32\wuauclt.exe
F:\Program Files\Internet Explorer\iexplore.exe
F:\Documents and Settings\Melissa J\Local Settings\Temporary Internet Files\Content.IE5\JACJR90X\HijackThis[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - f:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - f:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "F:\Program Files\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [DVDTray] "F:\Program Files\HP DVD\Umbrella\DVDTray.exe"
O4 - HKLM\..\Run: [DVDBitSet] "F:\Program Files\HP DVD\Umbrella\DVDBitSet.exe" /NOUI
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] F:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WinampAgent] F:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] g:\program files\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [CXMon] "g:\program files\Photo Imaging\Hpi_Monitor.exe"
O4 - HKLM\..\Run: [AVG7_CC] F:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [bxproxy] F:\WINDOWS\bxproxy.exe
O4 - HKLM\..\Run: [PayTime] F:\WINDOWS\system32\paytime.exe
O4 - HKLM\..\Run: [THGuard] "F:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [DW4] "F:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
O4 - HKCU\..\Run: [AIM] F:\Program Files\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 - HKCU\..\Run: [bxproxy] F:\WINDOWS\bxproxy.exe
O4 - HKCU\..\Run: [PayTime] F:\WINDOWS\system32\paytime.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = F:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = F:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = F:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Google Search - res://f:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://f:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://f:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://f:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://f:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://f:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - F:\Program Files\AIM\aim.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - F:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - F:\Program Files\PartyPoker\PartyPoker.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - F:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - F:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O21 - SSODL: SysTray.Exys - {7368D5FC-6F5C-4f5b-B964-E67214F67852} - F:\WINDOWS\system32\panmbmpb.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: distributed.net client (dnetc) - Distributed Computing Technologies, Inc. - F:\Program Files\dnetc\dnetc.exe
O23 - Service: ewido security suite control - ewido networks - F:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: GEARSecurity - GEAR Software - F:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32
\nvsvc32.exe
___________________________________________________________________________
I also ran Spyware Doctor and got the following results. I would not let me remove any of the files without purchasing the program. I did not purchase the program at this time. Results are below.
Spyware Doctor Activity Report
Generated on 12/1/2005 2:16:03 PM Spyware Doctor Homepage PC Tools Homepage Technical Support
Scans (basic information only):
Scan Results:
scan start: 12/1/2005 2:17:01 PM
scan stop: 12/1/2005 3:06:02 PM
scanned items: 139496
found items: 100
found and ignored: 0
tools used: General Scanner, Process Scanner, Hosts scanner, LSP Scanner, Registry Scanner, Browser Defaults, Favorites and ZoneMap Scanner, ActiveX Scanner, Browser Activity Scanner, Disk Scanner
Infection Name Location Risk
DropSpam ToolBar HKCR\Interface\{1E98666F-6260-42C9-B846-32B20FDEFE7B} Medium
DropSpam ToolBar HKCR\Interface\{1E98666F-6260-42C9-B846-32B20FDEFE7B}## Medium
DropSpam ToolBar HKCR\Interface\{1E98666F-6260-42C9-B846-32B20FDEFE7B}\ProxyStubClsid Medium
DropSpam ToolBar HKCR\Interface\{1E98666F-6260-42C9-B846-32B20FDEFE7B}\ProxyStubClsid## Medium
DropSpam ToolBar HKCR\Interface\{1E98666F-6260-42C9-B846-32B20FDEFE7B}\ProxyStubClsid32 Medium
DropSpam ToolBar HKCR\Interface\{1E98666F-6260-42C9-B846-32B20FDEFE7B}\ProxyStubClsid32## Medium
DropSpam ToolBar HKCR\Interface\{1E98666F-6260-42C9-B846-32B20FDEFE7B}\TypeLib Medium
DropSpam ToolBar HKCR\Interface\{1E98666F-6260-42C9-B846-32B20FDEFE7B}\TypeLib## Medium
DropSpam ToolBar HKCR\Interface\{1E98666F-6260-42C9-B846-32B20FDEFE7B}\TypeLib##Version Medium
DropSpam ToolBar HKCR\Interface\{68B8DCDB-EFA4-420A-BB8A-71B9892A2063} Medium
DropSpam ToolBar HKCR\Interface\{68B8DCDB-EFA4-420A-BB8A-71B9892A2063}## Medium
DropSpam ToolBar HKCR\Interface\{68B8DCDB-EFA4-420A-BB8A-71B9892A2063}\ProxyStubClsid Medium
DropSpam ToolBar HKCR\Interface\{68B8DCDB-EFA4-420A-BB8A-71B9892A2063}\ProxyStubClsid## Medium
DropSpam ToolBar HKCR\Interface\{68B8DCDB-EFA4-420A-BB8A-71B9892A2063}\ProxyStubClsid32 Medium
DropSpam ToolBar HKCR\Interface\{68B8DCDB-EFA4-420A-BB8A-71B9892A2063}\ProxyStubClsid32## Medium
DropSpam ToolBar HKCR\Interface\{68B8DCDB-EFA4-420A-BB8A-71B9892A2063}\TypeLib Medium
DropSpam ToolBar HKCR\Interface\{68B8DCDB-EFA4-420A-BB8A-71B9892A2063}\TypeLib## Medium
DropSpam ToolBar HKCR\Interface\{68B8DCDB-EFA4-420A-BB8A-71B9892A2063}\TypeLib##Version Medium
DropSpam ToolBar HKCR\Interface\{B13281CF-8778-4C98-AE23-ABBA4637A33D} Medium
DropSpam ToolBar HKCR\Interface\{B13281CF-8778-4C98-AE23-ABBA4637A33D}## Medium
DropSpam ToolBar HKCR\Interface\{B13281CF-8778-4C98-AE23-ABBA4637A33D}\ProxyStubClsid Medium
DropSpam ToolBar HKCR\Interface\{B13281CF-8778-4C98-AE23-ABBA4637A33D}\ProxyStubClsid## Medium
DropSpam ToolBar HKCR\Interface\{B13281CF-8778-4C98-AE23-ABBA4637A33D}\ProxyStubClsid32 Medium
DropSpam ToolBar HKCR\Interface\{B13281CF-8778-4C98-AE23-ABBA4637A33D}\ProxyStubClsid32## Medium
DropSpam ToolBar HKCR\Interface\{B13281CF-8778-4C98-AE23-ABBA4637A33D}\TypeLib Medium
DropSpam ToolBar HKCR\Interface\{B13281CF-8778-4C98-AE23-ABBA4637A33D}\TypeLib## Medium
DropSpam ToolBar HKCR\Interface\{B13281CF-8778-4C98-AE23-ABBA4637A33D}\TypeLib##Version Medium
DropSpam ToolBar HKCR\Interface\{A5F6C90C-ABE4-4C57-A421-8C5A202AA9F8} Medium
DropSpam ToolBar HKCR\Interface\{A5F6C90C-ABE4-4C57-A421-8C5A202AA9F8}## Medium
DropSpam ToolBar HKCR\Interface\{A5F6C90C-ABE4-4C57-A421-8C5A202AA9F8}\ProxyStubClsid Medium
DropSpam ToolBar HKCR\Interface\{A5F6C90C-ABE4-4C57-A421-8C5A202AA9F8}\ProxyStubClsid## Medium
DropSpam ToolBar HKCR\Interface\{A5F6C90C-ABE4-4C57-A421-8C5A202AA9F8}\ProxyStubClsid32 Medium
DropSpam ToolBar HKCR\Interface\{A5F6C90C-ABE4-4C57-A421-8C5A202AA9F8}\ProxyStubClsid32## Medium
DropSpam ToolBar HKCR\Interface\{A5F6C90C-ABE4-4C57-A421-8C5A202AA9F8}\TypeLib Medium
DropSpam ToolBar HKCR\Interface\{A5F6C90C-ABE4-4C57-A421-8C5A202AA9F8}\TypeLib## Medium
DropSpam ToolBar HKCR\Interface\{A5F6C90C-ABE4-4C57-A421-8C5A202AA9F8}\TypeLib##Version Medium
DropSpam ToolBar HKCR\TypeLib\{DE6317F7-6EF0-45C2-88D1-8E09415817F1} Medium
DropSpam ToolBar HKCR\TypeLib\{DE6317F7-6EF0-45C2-88D1-8E09415817F1}## Medium
DropSpam ToolBar HKCR\TypeLib\{DE6317F7-6EF0-45C2-88D1-8E09415817F1}\1.0 Medium
DropSpam ToolBar HKCR\TypeLib\{DE6317F7-6EF0-45C2-88D1-8E09415817F1}\1.0## Medium
DropSpam ToolBar HKCR\TypeLib\{DE6317F7-6EF0-45C2-88D1-8E09415817F1}\1.0\0 Medium
DropSpam ToolBar HKCR\TypeLib\{DE6317F7-6EF0-45C2-88D1-8E09415817F1}\1.0\0## Medium
DropSpam ToolBar HKCR\TypeLib\{DE6317F7-6EF0-45C2-88D1-8E09415817F1}\1.0\0\win32 Medium
DropSpam ToolBar HKCR\TypeLib\{DE6317F7-6EF0-45C2-88D1-8E09415817F1}\1.0\0\win32## Medium
DropSpam ToolBar HKCR\TypeLib\{DE6317F7-6EF0-45C2-88D1-8E09415817F1}\1.0\FLAGS Medium
DropSpam ToolBar HKCR\TypeLib\{DE6317F7-6EF0-45C2-88D1-8E09415817F1}\1.0\FLAGS## Medium
DropSpam ToolBar HKCR\TypeLib\{DE6317F7-6EF0-45C2-88D1-8E09415817F1}\1.0\HELPDIR Medium
DropSpam ToolBar HKCR\TypeLib\{DE6317F7-6EF0-45C2-88D1-8E09415817F1}\1.0\HELPDIR## Medium
Grokster HKCU\Software\Softwrap\Adtracker________ Medium
Grokster HKCU\Software\Softwrap\Adtracker________## Medium
Grokster HKCU\Software\Softwrap\Adtracker________\mp3wav Medium
Grokster HKCU\Software\Softwrap\Adtracker________\mp3wav## Medium
Grokster HKCU\Software\Softwrap\Adtracker________\mp3wav##cookie Medium
Trojan.Downloader.Small.BWS HKCU\Software\Microsoft\Windows\CurrentVersion##adv698 High
Trojan.FakeAlert HKCU\Software\Microsoft\Windows\CurrentVersion\Run##Windows Installer High
Trojan.SpamBot HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_I386P High
Trojan.SpamBot HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_I386P## High
Trojan.SpamBot HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_I386P##NextInstance High
Trojan.SpamBot HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_I386P\0000 High
Trojan.SpamBot HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_I386P\0000## High
Trojan.SpamBot HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_I386P\0000##Service High
Trojan.SpamBot HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_I386P\0000##Legacy High
Trojan.SpamBot HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_I386P\0000##ConfigFlags High
Trojan.SpamBot HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_I386P\0000##Class High
Trojan.SpamBot HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_I386P\0000##ClassGUID High
Trojan.SpamBot HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_I386P\0000##DeviceDesc High
Trojan.SpamBot HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_I386P\0000##Capabilities High
Trojan.SpamBot HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_I386P\0000\Control High
Trojan.SpamBot HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_I386P\0000\Control## High
Trojan.SpamBot HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_I386P\0000\Control##ActiveService High
Trojan.Win32.StartPage.pu HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run##PayTime High
Trojan.Win32.StartPage.pu HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run##PayTime High
YourSiteBar HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs##F:\WINDOWS\Downloaded Program Files\YSBactivex.dll High
YourSiteBar HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\F:/WINDOWS/Downloaded Program Files/YSBactivex.dll High
YourSiteBar HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\F:/WINDOWS/Downloaded Program Files/YSBactivex.dll## High
YourSiteBar HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\F:/WINDOWS/Downloaded Program Files/YSBactivex.dll##.Owner High
YourSiteBar HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\F:/WINDOWS/Downloaded Program Files/YSBactivex.dll##{42F2C9BA-614F-47C0-B3E3-ECFD34EED658} High
DropSpam ToolBar HKCR\CLSID\{887A577B-406B-48FF-80CB-70752BFCD7B4} Medium
DropSpam ToolBar HKCR\CLSID\{887A577B-406B-48FF-80CB-70752BFCD7B4}\InprocServer32 Medium
DropSpam ToolBar HKCR\CLSID\{887A577B-406B-48FF-80CB-70752BFCD7B4}\ProgID Medium
DropSpam ToolBar HKCR\CLSID\{887A577B-406B-48FF-80CB-70752BFCD7B4}\Programmable Medium
DropSpam ToolBar HKCR\CLSID\{887A577B-406B-48FF-80CB-70752BFCD7B4}\TypeLib Medium
DropSpam ToolBar HKCR\CLSID\{887A577B-406B-48FF-80CB-70752BFCD7B4}\VersionIndependentProgID Medium
DropSpam ToolBar HKLM\Software\Classes\CLSID\{887A577B-406B-48FF-80CB-70752BFCD7B4} Medium
DropSpam ToolBar HKLM\Software\Classes\CLSID\{887A577B-406B-48FF-80CB-70752BFCD7B4}\InprocServer32 Medium
DropSpam ToolBar HKLM\Software\Classes\CLSID\{887A577B-406B-48FF-80CB-70752BFCD7B4}\ProgID Medium
DropSpam ToolBar HKLM\Software\Classes\CLSID\{887A577B-406B-48FF-80CB-70752BFCD7B4}\Programmable Medium
DropSpam ToolBar HKLM\Software\Classes\CLSID\{887A577B-406B-48FF-80CB-70752BFCD7B4}\TypeLib Medium
DropSpam ToolBar HKLM\Software\Classes\CLSID\{887A577B-406B-48FF-80CB-70752BFCD7B4}\VersionIndependentProgID Medium
Tracking Cookie(s) F:\Documents and Settings\Melissa J\Cookies\melissa [email protected][1].txt Medium
Tracking Cookie(s) F:\Documents and Settings\Melissa J\Cookies\melissa j@atwola[1].txt Medium
Tracking Cookie(s) F:\Documents and Settings\Melissa J\Cookies\melissa j@geekstogo[2].txt Medium
Tracking Cookie(s) F:\Documents and Settings\Melissa J\Cookies\melissa j@questionmarket[1].txt Medium
Trojan.FakeAlert F:\Documents and Settings\Melissa J\Application Data\Install.dat High
Trojan.Dropper.Small.AEK F:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.dll High
Trojan.Dropper.Small.AEK F:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00002.dll High
Joltid P2P Networking F:\WINDOWS\Downloaded Program Files\WebP2PInstaller.dll.tcf Elevated
SahAgent F:\WINDOWS\system32\08pm0jpl.ini Elevated
SahAgent F:\WINDOWS\system32\ejn6nsft.ini Elevated
SahAgent F:\WINDOWS\system32\sgo49do5.dat Elevated
Other Sections:
Edited by pand0ra37, 01 December 2005 - 02:10 PM.