Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Need help with malware/virus


  • Please log in to reply
13 replies to this topic

#1 gort

gort

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:16 PM

Posted 10 December 2009 - 01:39 PM

Hi Guys.

Malwarebytes' Anti-Malware, as detected this, but cannot delete it :thumbsup:

any idea's how to get rid of it.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Downloader) -> Data: c:\windows\system32\userinit.exe -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Downloader) -> Data: system32\userinit.exe -> No action taken.

Thanks in advance.

Edit: Moved topic from XP to the more appropriate forum. ~ Animal

Edited by Animal, 10 December 2009 - 01:42 PM.


BC AdBot (Login to Remove)

 


#2 azfreetech

azfreetech

  • Members
  • 182 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Mesa, AZ
  • Local time:02:16 PM

Posted 10 December 2009 - 02:46 PM

I would run ATF Cleaner next. Check the box for select all and then click the button for Empty Selected.

After that I would install, update and run SUPERAntiSpyware. Remove what it finds. Finally I would update and run whatever avtivirus software you are using and remove whatever it finds.

Edited by azfreetech, 10 December 2009 - 02:46 PM.

DJ Digital Gem

I gave up on computers and now I just DJ!

#3 gort

gort
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:16 PM

Posted 10 December 2009 - 03:07 PM

Many thanks replying so fast

I already have superantispyware.

sbybot search&destroy

AVG

Malwarebytes' Anti-Malware

I have run them all in safe mode

but it's only tMalwarebytes' Anti-Malware that picks it up, dose that mean it's a false positive ?

Edited by gort, 10 December 2009 - 03:47 PM.


#4 azfreetech

azfreetech

  • Members
  • 182 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Mesa, AZ
  • Local time:02:16 PM

Posted 10 December 2009 - 03:36 PM

If your AVG is up to date and SAS is up to date and neither are finding it then it's possible that it is a false positive. Make sure everything is up to date when running the scans.
DJ Digital Gem

I gave up on computers and now I just DJ!

#5 gort

gort
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:16 PM

Posted 10 December 2009 - 03:45 PM

would it help posting a hijackthis log file up here?, to see if you guys can see anything untoward going on.

Edited by gort, 10 December 2009 - 03:46 PM.


#6 azfreetech

azfreetech

  • Members
  • 182 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Mesa, AZ
  • Local time:02:16 PM

Posted 10 December 2009 - 04:51 PM

Sure!
DJ Digital Gem

I gave up on computers and now I just DJ!

#7 gort

gort
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:16 PM

Posted 10 December 2009 - 05:48 PM

Logfile of HijackThis v1.99.1
Scan saved at 22:01:39, on 10/12/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\AVG\AVG9\avgemc.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\VstaScan\VsAccess.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Documents and Settings\William Adams\Desktop\Billiam's Folder\Tools\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bbc.co.uk/
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - C:\Program Files\PicLensIE\cooliris.dll
O3 - Toolbar: Snagit - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\Snagit 9\SnagitIEAddin.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\Home Cinema\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [STManager] "C:\Program Files\SpeedTouch\Dr SpeedTouch\drst.exe" -b
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\William Adams\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Umax VistaAccess.lnk = ?
O8 - Extra context menu item: &ieSpell Options - res://C:\Program Files\ieSpell\iespell.dll/SPELLOPTION.HTM
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Check &Spelling - res://C:\Program Files\ieSpell\iespell.dll/SPELLCHECK.HTM
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell - {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: (no name) - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra 'Tools' menuitem: ieSpell Options - {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - C:\Program Files\ieSpell\iespell.dll
O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - C:\Program Files\PicLensIE\cooliris.dll
O9 - Extra button: (no name) - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.medion.com/
O15 - Trusted Zone: http://mail.live.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.4.1.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by140fd.bay140.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/...can8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/...lscbase8300.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1183486933500
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} (ContactExtractor Class) - http://www.facebook.com/controls/contactx.dll
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photo...ol/MSNPUpld.cab
O16 - DPF: {EAC139A9-D22D-4C29-8D1C-252BE63750F9} - http://www.cooliris.com/shared/plinstll.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\Home Cinema\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpdate.exe" /svc (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing)
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

#8 azfreetech

azfreetech

  • Members
  • 182 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Mesa, AZ
  • Local time:02:16 PM

Posted 10 December 2009 - 07:18 PM

ok here you go......

A newer version of service pack is available. Service packs increase the safety of your system. Visit Microsoft's windowsupdate site to download the newest version of the service pack.

No firewall activity found.

O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - (no file) - Unnecessary (deactivated) entry that can be fixed. SnagItBHO.dll - SnagIt, http://www.techsmith.com/products/snagit /default.asp

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - (no file) - Unknown application.
Unnecessary (deactivated) entry that can be fixed.

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file) - Unnecessary (deactivated) entry that can be fixed. swg.dll - Google Toolbar Notifier, http://googlesystem.blogspot.com/2006/07 /google-is-your-default-search.html

O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL - Not dangerous, but unnecessary. From Elaborate Bytes who make CloneCD - monitors the installed filters of CD-ROMs/DVD-ROMs. Note - under Win2K removing this from startup causes the CD drive in the computer to not be recognized in the OS and after rechecking it prompts that the driver has been corrupted and asks you to restart the computer to fix it

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime - Not dangerous, but unnecessary. QuickTime

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/vers...vex-2.2.4.1.cab - Check if you know this site and fix it if you do not. Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!

O16 - DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} (ContactExtractor Class) - http://www.facebook.com/controls/contactx.dll - Check if you know this site and fix it if you do not. Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!

O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.0...oUploader55.cab - Check if you know this site and fix it if you do not. Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photo...ol/MSNPUpld.cab - Check if you know this site and fix it if you do not. Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed!
DJ Digital Gem

I gave up on computers and now I just DJ!

#9 gort

gort
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:16 PM

Posted 12 December 2009 - 10:41 AM

Success :thumbsup:

I used a new version of Superantispyware, the one I had was hopelessly out of date

this is what it found :flowers:


SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 12/12/2009 at 11:06 AM

Application Version : 4.31.1000

Core Rules Database Version : 4363
Trace Rules Database Version: 2207

Scan type : Complete Scan
Total Scan Time : 00:23:50

Memory items scanned : 490
Memory threats detected : 0
Registry items scanned : 7505
Registry threats detected : 0
File items scanned : 22286
File threats detected : 1281

Adware.Tracking Cookie
C:\Documents and Settings\William Adams\Cookies\william_adams@chitika[1].txt
C:\Documents and Settings\William Adams\Cookies\william_adams@ad.yieldmanager[2].txt
C:\Documents and Settings\William Adams\Cookies\william_adams@ads.techguy[2].txt
C:\Documents and Settings\William Adams\Cookies\william_adams@socialmedia[1].txt
C:\Documents and Settings\William Adams\Cookies\william_adams@collective-media[1].txt
C:\Documents and Settings\William Adams\Cookies\william_adams@revsci[1].txt
C:\Documents and Settings\William Adams\Cookies\william_adams@content.yieldmanager[1].txt
C:\Documents and Settings\William Adams\Cookies\william_adams@ads.telegraph.co[1].txt
C:\Documents and Settings\William Adams\Cookies\william_adams@kontera[2].txt
C:\Documents and Settings\William Adams\Cookies\william_adams@statcounter[1].txt
C:\Documents and Settings\William Adams\Cookies\william_adams@www.googleadservices[1].txt
.collective-media.net [ C:\Documents and Settings\William Adams\Application Data\Mozilla\Firefox\Profiles\offpo0wk.default\cookies.txt ]

Adware.MovieLand/MediaPipe
C:\Program Files\MovieLand Terms.html
C:\Documents and Settings\William Adams\Desktop\MoviePass Terms.lnk
C:\Documents and Settings\William Adams\Desktop\moviepass.url
C:\Program Files\moviepass Terms.html

Adware.AlfaCleaner
C:\WINDOWS\warnhp.html

Adware.Ezula
C:\WINDOWS\system32\ezstub.exe
C:\WINDOWS\Downloaded Program Files\ezstub.dll
C:\WINDOWS\Downloaded Program Files\ezstub.INF
C:\WINDOWS\eZinstall.exe
C:\WINDOWS\LastGood\Downloaded Program Files\ezstub.INF

Trojan.Painter
C:\WINDOWS\system32\MSWINUP32.DLL
C:\WINDOWS\system32\MSWINXML.DLL
C:\WINDOWS\system32\WINLFL32.DLL

Adware.ZToolbar
C:\WINDOWS\azesearch.bmp
C:\WINDOWS\system32\azebar.xml
C:\WINDOWS\Downloaded Program Files\azesearch.inf

Adware.Apropos Media
C:\WINDOWS\system32\auto_update_uninstall.log
C:\WINDOWS\system32\auto_update_uninstall.exe

Trojan.SpySheriff
C:\WINDOWS\secure32.html
c:\secure32.html
C:\SpySheriff.lnk
C:\Documents and Settings\William Adams\Desktop\SpySheriff.lnk
\SpySheriff.lnk

Adware.180solutions/Search Assistant
C:\WINDOWS\Downloaded Program Files\ClientAX.dll
C:\WINDOWS\Downloaded Program Files\MediaGatewayX.dll
C:\WINDOWS\MediaGateway.exe.bin

Adware.WebNexus
C:\WINDOWS\LastGood\wupdt.exe
C:\WINDOWS\mynexus.exe
C:\WINDOWS\system32\pbvwb.dat
C:\WINDOWS\system32\vgactl.cpl
C:\WINDOWS\system32\wuauclt.dll
C:\WINDOWS\vlpnlp.dat
C:\WINDOWS\wupdt.exe
C:\installerwebnex.exe

Trojan.SmartFinder
C:\WINDOWS\system32\mfcgy32.dll
C:\WINDOWS\system32\owdwi.dll
C:\WINDOWS\system32\sdkok32.exe
C:\WINDOWS\sysvb.exe
C:\WINDOWS\mfcbh.exe
C:\WINDOWS\sdkhk.exe
C:\WINDOWS\system32\sdkmd32.dll
C:\WINDOWS\zkowf.dll

Trojan.SpyFalcon
C:\Documents and Settings\William Adams\Desktop\SpyFalcon.lnk
C:\WINDOWS\system32\oleext.dll
C:\WINDOWS\system32\oleext32.dll

Trojan.MalwareWipe
C:\Documents and Settings\William Adams\Desktop\MalwareWipe.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\MalwareWipe.com 4.2.lnk
\MalwareWipe.com.lnk
C:\Documents and Settings\William Adams\Desktop\MalwareWipe.com.lnk
C:\Documents and Settings\William Adams\Start Menu\MalwareWipe.com 4.2.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\MalwareWiped 5.2.lnk
C:\Documents and Settings\William Adams\Start Menu\MalwareWiped 5.2.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Malware-Wiped 5.2.lnk
C:\Documents and Settings\William Adams\Desktop\Malware-Wiped.lnk
C:\Documents and Settings\William Adams\Start Menu\Malware-Wiped 5.2.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\MalwareWiped 5.7.lnk
C:\Documents and Settings\William Adams\Desktop\MalwareWiped 5.7.lnk
C:\Documents and Settings\William Adams\Start Menu\MalwareWiped 5.7.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\MalwareWiped 5.8.lnk
C:\Documents and Settings\William Adams\Desktop\MalwareWiped 5.8.lnk
C:\Documents and Settings\William Adams\Start Menu\MalwareWiped 5.8.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\MalwareWiped 5.9.lnk
C:\Documents and Settings\William Adams\Desktop\MalwareWiped 5.9.lnk
C:\Documents and Settings\William Adams\Start Menu\MalwareWiped 5.9.lnk

Trojan.WinAntiSpyware/WinAntiVirus 2006/2007
C:\WINDOWS\system32\av.cpl
C:\WINDOWS\system32\drivers\FOPN.sys
C:\WINDOWS\system32\drivers\uwasfsd.sys
C:\WINDOWS\system32\stera.exe
C:\WINDOWS\system32\stera.job
C:\Documents and Settings\William Adams\Desktop\Install WinAntiVirus Pro 2006 .lnk
C:\Documents and Settings\William Adams\Cookies\administrator@www.winsoftware[2].txt
C:\Documents and Settings\William Adams\Desktop\Summary.txt
C:\Documents and Settings\William Adams\Desktop\WinAntiSpyware 2006 Scanner.lnk
C:\Documents and Settings\All Users\Desktop\WinAntiVirus Pro 2006.lnk
C:\Documents and Settings\All Users\Desktop\Look for answers in WinAntiVirus Pro 2007 Knowledge Base.lnk
C:\Documents and Settings\All Users\Desktop\WinAntiVirus Pro 2007.lnk

Adware.SurfSideKick
C:\Documents and Settings\William Adams\Application Data\Sskcwrd.dll
C:\Documents and Settings\William Adams\Application Data\Sskdmns.dll
C:\Documents and Settings\William Adams\Application Data\Sskuknwrd.dll
C:\Documents and Settings\William Adams\Application Data\Sskknwrd.dll

Trojan.WinFixer 2006
C:\WINDOWS\Downloaded Program Files\UWFX6_0001_N68M2301NetInstaller.exe
C:\WINDOWS\system32\dfe1.exe
C:\WINDOWS\system32\drivers\d_kmd.sys

Trojan.AdwarePunisher
C:\WINDOWS\adw.htm

Registry Cleaner Trial
C:\Documents and Settings\William Adams\Desktop\Registry Cleaner.lnk

Trojan.Windows Overlay Components/SysMon
C:\WINDOWS\offun.exe

Trojan.ZenoSearch
C:\WINDOWS\system32\msnav32.ax
C:\Documents and Settings\William Adams\Start Menu\Z_Start.lnk
C:\Documents and Settings\William Adams\Start Menu\Programs\Startup\Zeno.lnk

Adware.IST/ISTBar (Slotch Bar)
C:\WINDOWS\Downloaded Program Files\ISTactivex.dll

Trojan.Avpe64/32
C:\WINDOWS\system32\klgcptini.dat
C:\WINDOWS\system32\stt82.ini

Adware.Adservs
C:\WINDOWS\system32\atmtd.dll
C:\WINDOWS\system32\atmtd.dll._

Trojan.DCOM Server
C:\WINDOWS\system32\dcom_14.dll

Trojan.Malware
C:\WINDOWS\back.gif
C:\WINDOWS\bg.gif
C:\WINDOWS\buy-btn.gif
C:\WINDOWS\download-btn.gif
C:\WINDOWS\security.html
C:\Documents and Settings\William Adams\Desktop\Adware Reviews.url
C:\Documents and Settings\William Adams\Desktop\Play Poker.url
C:\Documents and Settings\William Adams\Desktop\domains
C:\Documents and Settings\William Adams\Desktop\map.txt
C:\asdf.txt

Adware.HotBar (Low Risk)
C:\WINDOWS\Downloaded Program Files\HbInstIE.dll

Adware.HotBar/SpamBlockerUtility (Low Risk)
C:\WINDOWS\Downloaded Program Files\SpamBlockerUtility.inf

Trojan.UnSpyPC Spyware Scanner
C:\Documents and Settings\William Adams\Desktop\UnSpyPC Scanner & Monitor.lnk
C:\Documents and Settings\William Adams\Desktop\SafeAndClean_report.htm

Adware.MediaMediatickets
C:\WINDOWS\Downloaded Program Files\MediaTicketsInstaller.INF
C:\WINDOWS\Downloaded Program Files\MediaTicketsInstaller.ocx

Adware.MediaMotor
C:\WINDOWS\Downloaded Program Files\mm83.ocx
C:\WINDOWS\Downloaded Program Files\amm06.inf
C:\WINDOWS\Downloaded Program Files\amm06.ocx
C:\WINDOWS\System32\safe.tlb
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\amm06.inf
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\amm06.ocx
C:\WINDOWS\mm06y.ini
C:\WINDOWS\Downloaded Program Files\motorsix.inf

Trojan.ISA32
C:\WINDOWS\system32\drivers\isa32.sys

Trojan.PestTrap
C:\Documents and Settings\William Adams\Desktop\PestTrap.lnk

Parasite.SpyAxe
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpywareAxe 3.0.lnk
C:\Documents and Settings\William Adams\Desktop\SpywareAxe.lnk

Trojan.RazeSpyware
C:\Documents and Settings\William Adams\Desktop\RazeSpyware.lnk

Trojan.AdwareSheriff
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\AdwareSheriff.lnk
C:\Documents and Settings\William Adams\Desktop\AdwareSheriff.lnk
C:\Documents and Settings\William Adams\Start Menu\asheriff.lnk

Trojan.RemedyAntiSpy
C:\Documents and Settings\William Adams\Desktop\RemedyAntispy.lnk

Trojan.HitVirus
C:\Documents and Settings\William Adams\Desktop\HitVirus.lnk

Trojan.Anti-Virus Pro
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Start Anti-Virus-Pro.lnk
C:\Documents and Settings\William Adams\Desktop\Anti-Virus-Pro.lnk
C:\Documents and Settings\William Adams\Desktop\Anti-Virus-Pro.pkg

Trojan.PSGuard
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\P.S.Guard spyware remover.lnk

Trojan.ADWareBazooka
C:\Documents and Settings\William Adams\Desktop\ADWareBazooka.lnk

Trojan.RegiFast
C:\regifast.log
C:\RFManager.log
C:\RFSilentInstaller.log

Browser Hijacker.Favorites
C:\Documents and Settings\William Adams\Favorites\Favorites\Cars.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Domain Names.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Finance.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Games.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Humor.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Movies.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Music and Movies
C:\Documents and Settings\William Adams\Favorites\Favorites\Music and Movies\Albums.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Music and Movies\Artists.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Music and Movies\AudioBooks.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Music and Movies\Collections.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Music and Movies\Mp3 Search.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Music and Movies\New releases.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Music and Movies\Ratings.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Music and Movies\Soundtracks.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Online Pharmacy.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Sex Personals.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Sports.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Spyware Removers
C:\Documents and Settings\William Adams\Favorites\Favorites\Spyware Removers\ADWare Bazooka.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Spyware Removers\Adware Punisher.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Spyware Removers\Adware Sheriff.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Spyware Removers\HIT Virus.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Spyware Removers\Raze Spyware.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Spyware Removers\Reg Freeze.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Spyware Removers\Remedy AntiSpy.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Spyware Removers\SPY iBlock.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Spyware Removers\The Spy Guard Site.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Viagra.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Weather.url
C:\Documents and Settings\William Adams\Favorites\Favorites\Web Hosting.url
C:\Documents and Settings\William Adams\Favorites\Games\Carnival Casino.url
C:\Documents and Settings\William Adams\Favorites\Games\Club Dice Casino.url
C:\Documents and Settings\William Adams\Favorites\Games\New York Casino.url
C:\Documents and Settings\William Adams\Favorites\Games\USA Casino.url
C:\Documents and Settings\William Adams\Favorites\Games\You Bingo.url
C:\Documents and Settings\William Adams\Favorites\Games\Gambling\Aces & Faces.url
C:\Documents and Settings\William Adams\Favorites\Games\Gambling\Baccarat.url
C:\Documents and Settings\William Adams\Favorites\Games\Gambling\Black Jack.url
C:\Documents and Settings\William Adams\Favorites\Games\Gambling\Caribbean Poker.url
C:\Documents and Settings\William Adams\Favorites\Games\Gambling\Casino War.url
C:\Documents and Settings\William Adams\Favorites\Games\Gambling\Cinerama.url
C:\Documents and Settings\William Adams\Favorites\Games\Gambling\Craps.url
C:\Documents and Settings\William Adams\Favorites\Games\Gambling\Deuces Wild.url
C:\Documents and Settings\William Adams\Favorites\Games\Gambling\Diamond Valley.url
C:\Documents and Settings\William Adams\Favorites\Games\Gambling\Fruit Mania.url
C:\Documents and Settings\William Adams\Favorites\Games\Gambling\Gold Rally.url
C:\Documents and Settings\William Adams\Favorites\Games\Gambling\Jacks or Better.url
C:\Documents and Settings\William Adams\Favorites\Games\Gambling\Magic Slots.url
C:\Documents and Settings\William Adams\Favorites\Games\Gambling\Mega Jacks.url
C:\Documents and Settings\William Adams\Favorites\Games\Gambling\Pai Gow Poker.url
C:\Documents and Settings\William Adams\Favorites\Games\Gambling\Red Dog Poker.url
C:\Documents and Settings\William Adams\Favorites\Games\Gambling\Roulette.url
C:\Documents and Settings\William Adams\Favorites\Games\Gambling\SafeCracer.url
C:\Documents and Settings\William Adams\Favorites\Games\Gambling\Sic Bo.url
C:\Documents and Settings\William Adams\Favorites\Games\Gambling\Wall St. Fever.url
C:\Documents and Settings\William Adams\Favorites\Games\Monaco Gold Casino.url
C:\Documents and Settings\William Adams\Favorites\Travel\Adventure Travel.url
C:\Documents and Settings\William Adams\Favorites\Travel\Air Travel.url
C:\Documents and Settings\William Adams\Favorites\Travel\Business Travel.url
C:\Documents and Settings\William Adams\Favorites\Travel\Discount Travel.url
C:\Documents and Settings\William Adams\Favorites\Travel\Food.url
C:\Documents and Settings\William Adams\Favorites\Travel\Hawaii Travel.url
C:\Documents and Settings\William Adams\Favorites\Travel\Lodging.url
C:\Documents and Settings\William Adams\Favorites\Travel\London Travel.url
C:\Documents and Settings\William Adams\Favorites\Travel\Travel Agent.url
C:\Documents and Settings\William Adams\Favorites\Travel\Travel Insurance.url
C:\Documents and Settings\William Adams\Favorites\Travel\Travel package.url
C:\Documents and Settings\William Adams\Favorites\Travel\Travel Reservation.url
C:\Documents and Settings\William Adams\Favorites\Travel\Travel Spain.url
C:\Documents and Settings\William Adams\Favorites\Travel\Travel Web site.url
C:\Documents and Settings\William Adams\Favorites\Travel\Vacation Cruises.url
C:\Documents and Settings\William Adams\Favorites\Travel\Vacations.url
C:\Documents and Settings\William Adams\Favorites\Download Free Spyware Remover.url
C:\Documents and Settings\All Users\Favorites\Download Free Spyware Remover.url
C:\Documents and Settings\William Adams\Favorites\NEW VIAGRA at Half Price!.url
C:\Documents and Settings\All Users\Favorites\NEW VIAGRA at Half Price!.url
C:\Documents and Settings\William Adams\Favorites\Online Chat With Nude Girls.url
C:\Documents and Settings\All Users\Favorites\Online Chat With Nude Girls.url
C:\Documents and Settings\William Adams\Favorites\Order CIALIS online without leaving home..url
C:\Documents and Settings\All Users\Favorites\Order CIALIS online without leaving home..url
C:\Documents and Settings\William Adams\Favorites\PC protection in under 2 minutes!.url
C:\Documents and Settings\All Users\Favorites\PC protection in under 2 minutes!.url
C:\Documents and Settings\William Adams\Favorites\SEX Dating - Real Girls For Real SEX.url
C:\Documents and Settings\All Users\Favorites\SEX Dating - Real Girls For Real SEX.url
C:\Documents and Settings\William Adams\Favorites\Stop PopUps On Your Computer.url
C:\Documents and Settings\All Users\Favorites\Stop PopUps On Your Computer.url
C:\Documents and Settings\William Adams\Favorites\VIAGRA at incredible low price. Bonus Pills!.url
C:\Documents and Settings\All Users\Favorites\VIAGRA at incredible low price. Bonus Pills!.url
C:\Documents and Settings\William Adams\Favorites\View ADULT photos of REAL GIRLS!.url
C:\Documents and Settings\All Users\Favorites\View ADULT photos of REAL GIRLS!.url
C:\Documents and Settings\William Adams\Favorites\Dating\Adult Gay Personals.url
C:\Documents and Settings\William Adams\Favorites\Dating\Adult Personals.url
C:\Documents and Settings\William Adams\Favorites\Dating\Bondage Personals.url
C:\Documents and Settings\William Adams\Favorites\Dating\Chinese Personals.url
C:\Documents and Settings\William Adams\Favorites\Dating\Christian Personals.url
C:\Documents and Settings\William Adams\Favorites\Dating\Dating & Marriage.url
C:\Documents and Settings\William Adams\Favorites\Dating\Dating Gay Personals.url
C:\Documents and Settings\William Adams\Favorites\Dating\Fillipina Personals.url
C:\Documents and Settings\William Adams\Favorites\Dating\Find Sex Partner.url
C:\Documents and Settings\William Adams\Favorites\Dating\French Personals.url
C:\Documents and Settings\William Adams\Favorites\Dating\German Personals.url
C:\Documents and Settings\William Adams\Favorites\Dating\Indian Personals.url
C:\Documents and Settings\William Adams\Favorites\Dating\Italian Personals.url
C:\Documents and Settings\William Adams\Favorites\Dating\Jewish Personals.url
C:\Documents and Settings\William Adams\Favorites\Dating\Senior Personals.url
C:\Documents and Settings\William Adams\Favorites\Dating\Sex Personals.url
C:\Documents and Settings\William Adams\Favorites\Dating\Spanish & Portuguese.url

Adware.Elite Media
C:\WINDOWS\Downloaded Program Files\elite.inf
C:\WINDOWS\Downloaded Program Files\elite.ocx
C:\WINDOWS\elitemediagroup.ini
C:\Program Files\Common Files\EliteMediaGroupOinUninstaller.exe
C:\WINDOWS\em06y.ini

Trojan.Freeprod
C:\Documents and Settings\William Adams\Desktop\freeprodtb.exe

Adware.IEPlugin
C:\Documents and Settings\William Adams\Desktop\Desktop Toolbar
C:\WINDOWS\isp.ico
C:\WINDOWS\lu.dat

Trojan.RieMon
C:\WINDOWS\system32\unirimon.exe

Adware.BookedSpace
C:\WINDOWS\bsx32.ini
C:\WINDOWS\bs2.dll
C:\WINDOWS\bs3.dll
C:\WINDOWS\bsx5.dll
C:\WINDOWS\bxxs5.dll
C:\WINDOWS\oo4.dll
C:\WINDOWS\system32\acd.dll
C:\WINDOWS\system32\anaamon.dll
C:\WINDOWS\system32\bs2.dll
C:\WINDOWS\system32\bs3.dll
C:\WINDOWS\system32\bsx5.dll
C:\WINDOWS\system32\bxsx5.dll
C:\WINDOWS\system32\bxxs5.dll
C:\WINDOWS\system32\oo4.dll
C:\WINDOWS\system32\rem00001.dll

Trojan.Security Toolbar
C:\Documents and Settings\All Users\Start Menu\Online Security Guide.url
C:\Documents and Settings\All Users\Start Menu\Security Troubleshooting.url
C:\Documents and Settings\William Adams\Favorites\Antivirus Test Online.url
C:\Documents and Settings\All Users\Desktop\Security Troubleshooting.url
C:\Documents and Settings\All Users\Desktop\Online Security Guide.url
C:\Documents and Settings\All Users\Desktop\Find And Fix Errors.lnk

Adware.IST/YourSiteBar
C:\WINDOWS\Downloaded Program Files\ysbactivex.dll
C:\WINDOWS\Downloaded Program Files\ysbactivex.inf

Adware.HotBar/WOWPapers (Low Risk)
C:\Documents and Settings\All Users\Desktop\Free PC Wallpapers.lnk

Adware.Casino Games (Golden Palace Casino)
\Best Casino. $200 signup bonus!.url
C:\Documents and Settings\William Adams\Favorites\Best Casino. $200 signup bonus!.url

Trojan.BraveSentry
C:\Documents and Settings\William Adams\Desktop\BraveSentry.lnk

Trojan.Spy-Shield/BON
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Spy-Shield v4.1.lnk
C:\Documents and Settings\William Adams\Desktop\Spy-Shield v4.1.lnk

Adware.Best Offers Network
C:\WINDOWS\tboninst.cfg

Trojan.ZQuest
C:\WINDOWS\dh.ini

Adware.Mirar/NetNucleus
C:\WINDOWS\Downloaded Program Files\WinATS.inf
C:\WINDOWS\Downloaded Program Files\Winwcd.inf

Trojan.PKL/Malware
C:\WINDOWS\system32\bpkwb.dll
C:\WINDOWS\system32\johnwb.dll
C:\WINDOWS\system32\systemwb.dll

Adware.WebHancer
C:\WINDOWS\whAgent.inf
C:\WINDOWS\whInstaller.ini

Malware.SpywareQuake
C:\Documents and Settings\William Adams\Desktop\SpywareQuake.lnk
C:\Documents and Settings\William Adams\Start Menu\SpywareQuake 2.0.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpywareQuake 2.0.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpyQuake2.com 2.3.lnk
\SpyQuake2.com.lnk
C:\Documents and Settings\William Adams\Desktop\SpyQuake2.com.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpywareQuaked 2.4.lnk
\SpywareQuaked.lnk
C:\Documents and Settings\William Adams\Desktop\SpywareQuaked.lnk
C:\Documents and Settings\William Adams\Start Menu\SpywareQuaked 2.4.lnk

Adware.TrustInCash
C:\WINDOWS\system32\tisa.cnf

Adware.GloboLook
C:\WINDOWS\system32\Air Tickets.ico
C:\WINDOWS\system32\Big Tits.ico
C:\WINDOWS\system32\BlackJack.ico
C:\WINDOWS\system32\Britney Spears.ico
C:\WINDOWS\system32\Car Insurance.ico
C:\WINDOWS\system32\Cheap Cigarettes.ico
C:\WINDOWS\system32\Credit Card.ico
C:\WINDOWS\system32\Cruises.ico
C:\WINDOWS\system32\Lesbian Sex.ico
C:\WINDOWS\system32\Online Betting.ico
C:\WINDOWS\system32\Online Gambling.ico
C:\WINDOWS\system32\Oral Sex.ico
C:\WINDOWS\system32\Party Poker.ico
C:\WINDOWS\system32\Pharmacy.ico
C:\WINDOWS\system32\Phentermine.ico
C:\WINDOWS\system32\Pornstars.ico
C:\WINDOWS\system32\Remove Spyware.ico
C:\WINDOWS\system32\Viagra.ico

Adware.ClickSpring/Yazzle
C:\WINDOWS\Downloaded Program Files\YazzleActiveX.inf
C:\WINDOWS\Downloaded Program Files\YazzleActiveX.ocx

Trojan.SysProtect
C:\Documents and Settings\William Adams\Desktop\SysProtect.lnk

Trojan.CDSC63R
C:\WINDOWS\system32\cdscsix3.dll
C:\WINDOWS\system32\cdscsix3r.sys

Adware.Tesla Plus
C:\Program Files\secure32.html

Malware.SpyCut
C:\Documents and Settings\William Adams\Desktop\SpyCut.lnk

Malware.Spyware Soft Stop
C:\Documents and Settings\William Adams\Desktop\Spyware Soft Stop.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Spyware Soft Stop.lnk

Malware.SpywareSheriff
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpywareSheriff.lnk
\SpywareSheriff.lnk

Trojan.Hackarmy Variant
C:\WINDOWS\system32\MsnMsr.exe

Trojan.XptpMM
C:\WINDOWS\system32\fux87.ini

Malware.Spyware Vanisher
C:\WINDOWS\Spyware Vanisher Setup Log.txt
\Spyware Vanisher Free Scan.lnk
C:\Documents and Settings\William Adams\Desktop\Spyware Vanisher Free Scan.lnk

Malware.Ultimate Defender
\Ultimate Defender.lnk
\Ultimate Defender.pkg
C:\Documents and Settings\William Adams\Desktop\Ultimate Defender.lnk
C:\Documents and Settings\William Adams\Desktop\Ultimate Defender.pkg

Adware.TV Media
C:\WINDOWS\Downloaded Program Files\APInstall_Tiny.dll

DIaler.Super-Adult
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Night Club - Foto Annunci Video - VM18.lnk
\Night Club - Foto Annunci Video - VM18.lnk
C:\Documents and Settings\William Adams\Desktop\Night Club - Foto Annunci Video - VM18.lnk
C:\Documents and Settings\William Adams\Start Menu\Programs\Night Club - Foto Annunci Video - VM18.lnk

Malware.SystemDoctor
\SystemDoctor 2006.lnk
C:\Documents and Settings\William Adams\Desktop\SystemDoctor 2006.lnk
C:\WINDOWS\Downloaded Program Files\USDR6_0001_D08M0404NetInstaller.exe

Dialer.VacPro
C:\WINDOWS\Downloaded Program Files\int_ver34.INF
C:\WINDOWS\Downloaded Program Files\int_ver34.ocx

Malware.AlertSpy
\AlertSpy.lnk
C:\Documents and Settings\William Adams\Desktop\AlertSpy.lnk

Malware.Trust Cleaner
\Trust Cleaner.lnk
C:\Documents and Settings\William Adams\Desktop\Trust Cleaner.lnk

Adware.Desktop Hijacker
C:\Program Files\Google\nicobitop.html

Malware.GreatMemo
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\GreatMemo.lnk
\GreatMemo.lnk
C:\Documents and Settings\William Adams\Desktop\GreatMemo.lnk
C:\Documents and Settings\William Adams\Start Menu\Programs\Startup\GreatMemo.lnk

Malware.TitanShield
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\TitanShield Antispyware.lnk
\TitanShield Antispyware.lnk
C:\Documents and Settings\William Adams\Desktop\TitanShield Antispyware.lnk

Malware.RegFreeze
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\RegFreeze.lnk
\RegFreeze.lnk
C:\Documents and Settings\William Adams\Start Menu\Programs\Startup\RegFreeze.lnk

Malware.Adware Finder
\AdwareFinder.lnk
C:\Documents and Settings\William Adams\Desktop\AdwareFinder.lnk

Malware.SpyHeal
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpyHeal 2.1.lnk
C:\Documents and Settings\William Adams\Desktop\SpyHeal.lnk
C:\Documents and Settings\William Adams\Start Menu\SpyHeal 2.1.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Spy-Heal 2.1.lnk
C:\Documents and Settings\William Adams\Desktop\Spy-Heal.lnk
C:\Documents and Settings\William Adams\Start Menu\Spy-Heal 2.1.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpyHealer 2.2.lnk
\SpyHealer.lnk
C:\Documents and Settings\William Adams\Start Menu\SpyHealer 2.2.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpyHeals 2.3.lnk
\SpyHeals.lnk
C:\Documents and Settings\William Adams\Desktop\SpyHeals.lnk
C:\Documents and Settings\William Adams\Start Menu\SpyHeals 2.3.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpyHeal 2.7.lnk
\SpyHeal 2.7.lnk
C:\Documents and Settings\William Adams\Desktop\SpyHeal 2.7.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpyHeal 3.5.lnk
\SpyHeal 3.5.lnk
C:\Documents and Settings\William Adams\Desktop\SpyHeal 3.5.lnk
C:\Documents and Settings\William Adams\Start Menu\SpyHeal 3.5.lnk

Trojan.DollarRevenue
C:\WINDOWS\newname.dat
C:\WINDOWS\keyboard1.dat

Spyware.IEToolbar
C:\Program Files\IEToolbar\inst.bat
C:\Program Files\IEToolbar\searchbarus.dll
C:\Program Files\IEToolbar\searchbarus.inf

Malware.AntiVirusGolden
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\AntivirusGolden 3.3.lnk
\AntivirusGolden.lnk
C:\Documents and Settings\William Adams\Desktop\AntivirusGolden.lnk
C:\Documents and Settings\William Adams\Start Menu\AntivirusGolden 3.3.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiviralGolden 3.5.lnk
\AntiviralGolden.lnk
C:\Documents and Settings\William Adams\Desktop\AntiviralGolden.lnk
C:\Documents and Settings\William Adams\Start Menu\AntiviralGolden 3.5.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\AntivirusGolden 4.0.lnk
\AntivirusGolden 4.0.lnk
C:\Documents and Settings\William Adams\Desktop\AntivirusGolden 4.0.lnk
C:\Documents and Settings\William Adams\Start Menu\AntivirusGolden 4.0.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\AntivirusGold 4.4.lnk
\AntivirusGold 4.4.lnk
C:\Documents and Settings\William Adams\Desktop\AntivirusGold 4.4.lnk
C:\Documents and Settings\William Adams\Start Menu\AntivirusGold 4.4.lnk

Malware.VirusBlast
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\VirusBlast v5.0.lnk
\VirusBlast v5.0.lnk
C:\Documents and Settings\William Adams\Desktop\VirusBlast v5.0.lnk
C:\Documents and Settings\William Adams\Start Menu\VirusBlast v5.0.lnk

Trojan.Media-Codec
\PornMag Pass.lnk
C:\Documents and Settings\William Adams\Desktop\PornMag Pass.lnk
\X Password Generator.lnk
C:\Documents and Settings\William Adams\Desktop\X Password Generator.lnk
\PornPass Manager.lnk
C:\Documents and Settings\William Adams\Desktop\PornPass Manager.lnk
\Key Generator.lnk
C:\Documents and Settings\William Adams\Desktop\Key Generator.lnk
C:\Documents and Settings\William Adams\Favorites\Online Security Test.url

Trojan.ErrorSafe
C:\Documents and Settings\All Users\Start Menu\Programs\ErrorSafe\ErrorSafe on the Web.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\ErrorSafe\Uninstall ErrorSafe.lnk

Malware.Antispyware Soldier
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Antispyware Soldier.lnk
\Antispyware Soldier.lnk
C:\Documents and Settings\William Adams\Start Menu\Programs\Startup\antispysoldier.lnk

Trojan.StoneDrv
C:\WINDOWS\system32\inistone.ini

Malware.VirusBurst
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\VirusBurst 6.1.lnk
\VirusBurst.lnk
C:\Documents and Settings\William Adams\Desktop\VirusBurst.lnk
C:\Documents and Settings\William Adams\Start Menu\VirusBurst 6.1.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Virus-Burst 6.1.lnk
\Virus-Burst.lnk
C:\Documents and Settings\William Adams\Desktop\Virus-Burst.lnk
C:\Documents and Settings\William Adams\Start Menu\Virus-Burst 6.1.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\VirusBurster 6.2.lnk
\VirusBurster.lnk
C:\Documents and Settings\William Adams\Desktop\VirusBurster.lnk
C:\Documents and Settings\William Adams\Start Menu\VirusBurster 6.2.lnk

Malware.AdProtect
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Ad-Protect v6.3.lnk
\Ad-Protect v6.3.lnk
C:\Documents and Settings\William Adams\Desktop\Ad-Protect v6.3.lnk
C:\Documents and Settings\William Adams\Start Menu\Ad-Protect v6.3.lnk

Malware.DriveCleaner
\DriveCleaner 2006 Free.lnk
C:\Documents and Settings\William Adams\Desktop\DriveCleaner 2006 Free.lnk
C:\Program Files\Common Files\DriveCleaner Freeware
C:\Program Files\DriveCleaner Freeware
C:\Documents and Settings\William Adams\Application Data\DriveCleaner Freeware
C:\Documents and Settings\All Users\Start Menu\Programs\DriveCleaner Freeware

Malware.VirusRescue
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\VirusRescue v3.0.1.lnk
\VirusRescue v3.0.1.lnk
C:\Documents and Settings\William Adams\Desktop\VirusRescue v3.0.1.lnk
C:\Documents and Settings\William Adams\Start Menu\VirusRescue v3.0.1.lnk

Malware.RepairRegistryPro
\Repair Registry Pro.lnk
C:\Documents and Settings\William Adams\Desktop\Repair Registry Pro.lnk

Unclassified.SpywareBot (Not A Threat)
\SpywareBot.lnk
C:\Documents and Settings\William Adams\Desktop\SpywareBot.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpywareBot.lnk

Malware.PestCapture
\PestCapture.lnk
C:\Documents and Settings\William Adams\Desktop\PestCapture.lnk

Malware.AntiVermins
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiVermins 2.1.lnk
C:\Documents and Settings\William Adams\Start Menu\AntiVermins 2.1.lnk
\AntiVermins.lnk
C:\Documents and Settings\William Adams\Desktop\AntiVermins.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiVermins 2.5.lnk
\AntiVermins 2.5.lnk
C:\Documents and Settings\William Adams\Desktop\AntiVermins 2.5.lnk
C:\Documents and Settings\William Adams\Start Menu\AntiVermins 2.5.lnk

Worm.Spam-Strato
C:\WINDOWS\msserrv32.dat
C:\WINDOWS\msserrv32.s
C:\WINDOWS\msserrv32.wax
C:\WINDOWS\msserrv32.z
C:\WINDOWS\msserv32.dat
C:\WINDOWS\msserv32.s
C:\WINDOWS\msserv32.wax
C:\WINDOWS\msserv32.z
C:\WINDOWS\mswiizz32.dat
C:\WINDOWS\mswiizz32.s
C:\WINDOWS\mswiizz32.wax
C:\WINDOWS\mswiizz32.z
C:\WINDOWS\mswiz32.dat
C:\WINDOWS\mswiz32.s
C:\WINDOWS\mswiz32.wax

Trojan.Bagle Variant
C:\WINDOWS\system32\winupd.exeopen
C:\WINDOWS\system32\winupd.exeopenopen
C:\WINDOWS\system32\winupd.exeopenopenopen

Malware.SpyiBlock
\SpyiBlock.lnk
C:\Documents and Settings\William Adams\Desktop\SpyiBlock.lnk

Malware.BreakSpyware
\BreakSpyware.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Break Spyware.lnk

Malware.SpyMarshal
C:\Documents and Settings\William Adams\Desktop\SpyMarshal.lnk

Malware.MrAntiSpy
C:\Documents and Settings\William Adams\Desktop\MrAntispy.lnk
\MrAntispy.lnk

Malware.MalwareAlarm
\MalwareAlarm.lnk
C:\Documents and Settings\William Adams\Desktop\MalwareAlarm.lnk

Malware.SpywareKnight
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpywareKnight.lnk
C:\Documents and Settings\William Adams\Desktop\SpywareKnight.lnk

Malware.SpySoldier
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpySoldier.lnk
\SpySoldier.lnk
C:\Documents and Settings\William Adams\Desktop\SpySoldier.lnk

Malware.ContraVirus
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\ContraVirus 2.0.lnk
C:\Documents and Settings\William Adams\Desktop\ContraVirus 2.0.lnk
C:\Documents and Settings\William Adams\Start Menu\ContraVirus 2.0.lnk

Trojan.Rustock/LZX32
C:\WINDOWS\system32:lzx32.sys

Trojan.Rustock/HUY32
C:\WINDOWS\system32:huy32.sys

Malware.SpyDawn
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpyDawn 3.1.lnk
C:\Documents and Settings\William Adams\Desktop\SpyDawn.lnk
C:\Documents and Settings\William Adams\Start Menu\SpyDawn 3.1.lnk

Malware.SpyLocked
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpyLocked 3.1.lnk
\SpyLocked.lnk
C:\Documents and Settings\William Adams\Start Menu\SpyLocked 3.1.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpywareLocked 3.2.lnk
\SpywareLocked.lnk
C:\Documents and Settings\William Adams\Start Menu\SpywareLocked 3.2.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpywareLocked 3.3.lnk
\SpywareLocked 3.3.lnk
C:\Documents and Settings\William Adams\Desktop\SpywareLocked 3.3.lnk
C:\Documents and Settings\William Adams\Start Menu\SpywareLocked 3.3.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpywareLocked 3.4.lnk
\SpywareLocked 3.4.lnk
C:\Documents and Settings\William Adams\Desktop\SpywareLocked 3.4.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpywareLocked 3.5.lnk
\SpywareLocked 3.5.lnk
C:\Documents and Settings\William Adams\Desktop\SpywareLocked 3.5.lnk
C:\Documents and Settings\William Adams\Start Menu\SpywareLocked 3.5.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpyLocked 3.6.lnk
\SpyLocked 3.6.lnk
C:\Documents and Settings\William Adams\Desktop\SpyLocked 3.6.lnk
C:\Documents and Settings\William Adams\Start Menu\SpyLocked 3.6.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpyLocked 3.7.lnk
\SpyLocked 3.7.lnk
C:\Documents and Settings\William Adams\Desktop\SpyLocked 3.7.lnk
C:\Documents and Settings\William Adams\Start Menu\SpyLocked 3.7.lnk

Malware.MalwareStopper
\MalwareStopper.lnk

Dialer.InfoDialer
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\e1xplorer.lnk
\e1xplorer.lnk
C:\Documents and Settings\William Adams\Desktop\e1xplorer.lnk
C:\Documents and Settings\William Adams\Favorites\e1xplorer.lnk
C:\Documents and Settings\William Adams\My Documents\e1xplorer.lnk
C:\Documents and Settings\William Adams\Start Menu\Programs\e1xplorer.lnk
C:\Documents and Settings\William Adams\Start Menu\e1xplorer.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\exsplorer.lnk
\exsplorer.lnk
C:\Documents and Settings\William Adams\Desktop\exsplorer.lnk
C:\Documents and Settings\William Adams\Favorites\exsplorer.lnk
C:\Documents and Settings\William Adams\My Documents\exsplorer.lnk
C:\Documents and Settings\William Adams\Start Menu\Programs\exsplorer.lnk
C:\Documents and Settings\William Adams\Start Menu\exsplorer.lnk

Malware.SpyAnalyst
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Spy Analyst.lnk
\SpyAnalyst.lnk
C:\Documents and Settings\William Adams\Desktop\SpyAnalyst.lnk

Malware.SpyOfficer
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Spy Officer.lnk
\SpyOfficer.lnk
C:\Documents and Settings\William Adams\Desktop\SpyOfficer.lnk

Malware.SpywareSoftStop
\SpywareSoftStop.lnk
C:\Documents and Settings\William Adams\Desktop\SpywareSoftStop.lnk

Malware.DrAntiSpy
\DrAntispy.lnk
C:\Documents and Settings\William Adams\Desktop\DrAntispy.lnk

Malware.Ultimate Fixer
C:\Documents and Settings\William Adams\Desktop\UltimateFixer 2007.lnk

Malware.VirusLocker
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\VirusLocker 3.1.lnk
\VirusLocker.lnk
C:\Documents and Settings\William Adams\Desktop\VirusLocker.lnk
C:\Documents and Settings\William Adams\Start Menu\VirusLocker 3.1.lnk

Malware.SpyCrush
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpyCrush 3.2.lnk
\SpyCrush 3.2.lnk
C:\Documents and Settings\William Adams\Desktop\SpyCrush 3.2.lnk
C:\Documents and Settings\William Adams\Start Menu\SpyCrush 3.2.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpyCrush 3.3.lnk
\SpyCrush 3.3.lnk
C:\Documents and Settings\William Adams\Desktop\SpyCrush 3.3.lnk
C:\Documents and Settings\William Adams\Start Menu\SpyCrush 3.3.lnk

Unclassified.System Live Protect
C:\Documents and Settings\William Adams\Desktop\System Live Protect.lnk

Malware.Spyware Sweeper
\Spyware Sweeper.lnk
C:\Documents and Settings\William Adams\Desktop\Spyware Sweeper.lnk

Malware.VirusHeal
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\VirusHeal 3.7.lnk
\VirusHeal 3.7.lnk
C:\Documents and Settings\William Adams\Desktop\VirusHeal 3.7.lnk
C:\Documents and Settings\William Adams\Start Menu\VirusHeal 3.7.lnk

Malware.VirusProtectPro
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\VirusProtectPro 3.3.lnk
\VirusProtectPro 3.3.lnk
C:\Documents and Settings\William Adams\Desktop\VirusProtectPro 3.3.lnk
C:\Documents and Settings\William Adams\Start Menu\VirusProtectPro 3.3.lnk

Desktop Hijacker.AboutYourPrivacy
\Error Cleaner.url
\Privacy Protector.url
\Spyware&Malware Protection.url
C:\Documents and Settings\William Adams\Desktop\Error Cleaner.url
C:\Documents and Settings\William Adams\Desktop\Privacy Protector.url
C:\Documents and Settings\William Adams\Desktop\Spyware&Malware Protection.url
C:\Documents and Settings\William Adams\Favorites\Error Cleaner.url
C:\Documents and Settings\William Adams\Favorites\Privacy Protector.url
C:\Documents and Settings\William Adams\Favorites\Spyware&Malware Protection.url

Keylogger.Actual Spy
C:\WINDOWS\system\actualspystart.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Actual Spy.lnk
\ActualSpy.lnk
C:\Documents and Settings\William Adams\Desktop\ActualSpy.lnk

Malware.VirusRanger
C:\Documents and Settings\William Adams\Start Menu\VirusRanger v3.1.0.lnk

Malware.SpyShredder
\SpyShredder.lnk
C:\Documents and Settings\William Adams\Desktop\SpyShredder.lnk

Malware.Ultimate Cleaner
C:\Documents and Settings\All Users\Start Menu\Programs\UltimateCleaner 2007\Uninstall UltimateCleaner 2007.lnk

Malware.MalwareBurn
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\MalwareBurn 7.1.lnk
\MalwareBurn 7.1.lnk
C:\Documents and Settings\William Adams\Desktop\MalwareBurn 7.1.lnk
C:\Documents and Settings\William Adams\Start Menu\MalwareBurn 7.1.lnk

Malware.LocusSoftware Inc/BestSellerAntivirus
C:\Documents and Settings\All Users\Start Menu\Programs\BestsellerAntivirus\BestsellerAntivirus.lnk
C:\Documents and Settings\All Users\Desktop\BestsellerAntivirus.lnk
\Install AVSystemCare .lnk
C:\Documents and Settings\William Adams\Desktop\Install AVSystemCare .lnk

Malware.LocusSoftware Inc/ErrClean
\ErrClean.lnk
C:\Documents and Settings\William Adams\Desktop\ErrClean.lnk

Rogue.XP AntiVirus
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\XPAntivirus.lnk
\XPAntivirus.lnk
C:\Documents and Settings\William Adams\Desktop\XPAntivirus.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\XP Antivirus 2008.lnk
\XP Antivirus 2008.lnk
C:\Documents and Settings\William Adams\Desktop\XP Antivirus 2008.lnk

Rogue.WinPerformance
C:\Documents and Settings\All Users\Start Menu\Programs\WinPerformance.lnk
\WinPerformance.lnk
C:\Documents and Settings\William Adams\Desktop\WinPerformance.lnk

Rogue.VirusRay
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\VirusRay 3.8.lnk
\VirusRay 3.8.lnk
C:\Documents and Settings\William Adams\Desktop\VirusRay 3.8.lnk
C:\Documents and Settings\William Adams\Start Menu\VirusRay 3.8.lnk

Rogue.AdvancedCleaner
\AdvancedCleaner Free.lnk
C:\Documents and Settings\William Adams\Desktop\AdvancedCleaner Free.lnk

Rogue.AntiSpyStorm
C:\Documents and Settings\All Users\Desktop\AntispyStorm.lnk

Rogue.AntiSpyGuard
C:\Documents and Settings\All Users\Start Menu\AntiSpyGuard 2007.lnk
C:\Documents and Settings\All Users\Desktop\AntiSpyGuard 2007.lnk

Rogue.IEDefender
\IE Defender 2.2.lnk
C:\Documents and Settings\William Adams\Desktop\IE Defender 2.2.lnk
C:\Documents and Settings\William Adams\Start Menu\Programs\IE Defender 2.2.lnk

Malware.VirusProtect
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\VirusProtect 3.8.lnk
C:\Documents and Settings\William Adams\Desktop\VirusProtect 3.8.lnk
C:\Documents and Settings\William Adams\Start Menu\VirusProtect 3.8.lnk

Rogue.AntiSpywareShield
\AntiSpywareShield.lnk

Rogue.WinXDefender
\WinXDefender.lnk
C:\Documents and Settings\William Adams\Desktop\WinXDefender.lnk

Rogue.SunshineSpy
\Sunshine Spy.lnk
C:\Documents and Settings\William Adams\Desktop\Sunshine Spy.lnk
C:\Documents and Settings\William Adams\Start Menu\Programs\Startup\Sunshine.lnk

Malware.LocusSoftware Inc/ConfidentSurf
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\ConfidentSurf unregistered.lnk
\ConfidentSurf unregistered.lnk
C:\Documents and Settings\William Adams\Desktop\ConfidentSurf unregistered.lnk

Rogue.DrProtection
\DrProtection.lnk
C:\Documents and Settings\William Adams\Desktop\DrProtection.lnk

Rogue.OnlineGuard
\OnlineGuard.lnk
C:\Documents and Settings\William Adams\Desktop\OnlineGuard.lnk

Rogue.LiveAntiSpy
\LiveAntispy.lnk
C:\Documents and Settings\William Adams\Desktop\LiveAntispy.lnk

Rogue.GuardCenter
\GuardCenter.lnk
C:\Documents and Settings\William Adams\Desktop\GuardCenter.lnk

Rogue.WinSpyKiller
\WinSpyKiller.lnk

Malware.MalwareCrush
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\MalwareCrush 3.7.lnk
\MalwareCrush.lnk
C:\Documents and Settings\William Adams\Desktop\MalwareCrush.lnk
C:\Documents and Settings\William Adams\Start Menu\MalwareCrush 3.7.lnk

Adware.Unclassified/Spruce
C:\Documents and Settings\William Adams\Start Menu\Programs\Startup\Spruce - Auto Update.lnk

RootKit.TnCore/Trace
C:\WINDOWS\system32\drivers\core.cache.dsk
C:\WINDOWS\system32\drivers\core.sys
C:\WINDOWS\system32\drivers\swenumm.sys

Rogue.Installer/Trace
C:\WINDOWS\Spyware Remover.ico
C:\WINDOWS\Casino.ico
C:\WINDOWS\Free Online Dating.ico
C:\WINDOWS\system32\k86.bin
C:\WINDOWS\system32\tremir.bin

Rogue.Files-Secure
C:\Documents and Settings\William Adams\Start Menu\Programs\Files Secure 2.1.lnk
C:\Documents and Settings\William Adams\Desktop\Files Secure 2.1.lnk
\Files Secure 2.1.lnk

Trojan.Unclassified/Crypt32RT-SD
C:\Documents and Settings\William Adams\Application Data\acstrlsp.ocx
C:\Documents and Settings\William Adams\Application Data\odbcbase.ocx

Rogue.AntiSpyBoss
C:\Documents and Settings\All Users\Start Menu\Programs\AntiSpyBoss\AntiSpyBoss.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\AntiSpyBoss\Uninstall AntiSpyBoss.ln

Rogue.SpyDefender Pro
\SpyDefender Pro.lnk
C:\Documents and Settings\William Adams\Desktop\SpyDefender Pro.lnk

Rootkit.Unclassified/NDISUiOO
C:\WINDOWS\system32\drivers\ndisuioo.sys

Rogue.AntiSpyKit
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiSpyKit 5.2.lnk
\AntiSpyKit 5.2.lnk
C:\Documents and Settings\William Adams\Desktop\AntiSpyKit 5.2.lnk
C:\Documents and Settings\William Adams\Start Menu\AntiSpyKit 5.2.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiSpyKit 5.3.lnk
\AntiSpyKit 5.3.lnk
C:\Documents and Settings\William Adams\Desktop\AntiSpyKit 5.3.lnk
C:\Documents and Settings\William Adams\Start Menu\AntiSpyKit 5.3.lnk

Rootkit.Unclassified/USBStorR
C:\WINDOWS\system32\drivers\USBSTORR.SYS

Rootkit.Unclassified/ADPU160MM
C:\WINDOWS\system32\drivers\ADPU160MM.SYS

Rootkit.Unclassified/SysDamp-Traces
C:\WINDOWS\system32\svchost.tmp
C:\WINDOWS\system32\svchost.t__
C:\WINDOWS\system32\svcp.csv
C:\WINDOWS\system32\burito.ini
C:\WINDOWS\system32\diperto.ini

Malware.LocusSoftware Inc/AVSystemCare
C:\Documents and Settings\All Users\Desktop\AVSystemCare.lnk

Malware.LocusSoftware Inc/WinSpyControl
C:\Documents and Settings\All Users\Desktop\WinSpyControl.lnk

Rootkit.Unclassified/AudStubB
C:\WINDOWS\system32\drivers\audstubb.sys

Rootkit.Unclassified/KR_Done
C:\WINDOWS\system32\kr_done1
C:\WINDOWS\system32\vx.tll

Rogue.VirusHeat
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\VirusHeat 3.9.lnk
\VirusHeat 3.9.lnk
C:\Documents and Settings\William Adams\Desktop\VirusHeat 3.9.lnk
C:\Documents and Settings\William Adams\Start Menu\VirusHeat 3.9.lnk

Rogue.MalwareDestructor
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\MalwareDestructor 4.5.lnk
\MalwareDestructor 4.5.lnk
C:\Documents and Settings\William Adams\Desktop\MalwareDestructor 4.5.lnk
C:\Documents and Settings\William Adams\Start Menu\MalwareDestructor 4.5.lnk

Rogue.MalwareCore
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\MalwareCore 7.3.lnk
\MalwareCore 7.3.lnk
C:\Documents and Settings\William Adams\Desktop\MalwareCore 7.3.lnk
C:\Documents and Settings\William Adams\Start Menu\MalwareCore 7.3.lnk

Adware.MMHRen-Trace
C:\WINDOWS\mmax_hren2.ini
C:\WINDOWS\mmhren2.jpg
C:\WINDOWS\system32\winlogans.tmp

Rogue.WinReanimator
C:\Documents and Settings\All Users\Desktop\WinReanimator.lnk

Rogue.Immunizr
C:\Documents and Settings\William Adams\Desktop\Immunizr.lnk

Rootkit.Unclassified/DMBootT
C:\WINDOWS\system32\drivers\DMBOOTT.SYS

Rogue.SpywareIsolator
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\spywareisolator.lnk
\spywareisolator.lnk
C:\Documents and Settings\William Adams\Desktop\spywareisolator.lnk
C:\WINDOWS\system32\spywarewarning.mht
c:\winxplogon.sys

Rogue.SpySnipe
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpySnipe 1.0.lnk
\SpySnipe 1.0.lnk
C:\Documents and Settings\William Adams\Desktop\SpySnipe 1.0.lnk

Adware.JavaCore/NoDNS
C:\WINDOWS\system32\cmds.txt
C:\WINDOWS\system32\cs.dat
C:\WINDOWS\system32\ps1.dat
C:\WINDOWS\system32\rc.dat
C:\WINDOWS\system32\suns.dat

Rogue.AntiVirusProtection
\Antivirus Protection.lnk
C:\Documents and Settings\William Adams\Desktop\Antivirus Protection.lnk

Rogue.SearchAndDestroy
C:\Documents and Settings\All Users\Desktop\Search And Destroy.lnk

Rogue.TrustedAntiVirus
C:\Documents and Settings\All Users\Start Menu\Programs\TrustedAntivirus\Contact Customer Support.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\TrustedAntivirus\Uninstall TrustedAntivirus.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\TrustedAntivirus\TrustedAntivirus.lnk

Rogue.SpywareRemover
\Spyware Remover.lnk
C:\Documents and Settings\William Adams\Desktop\Spyware Remover.lnk

Rogue.Netcom3/SpyClean
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Netcom3 Cleaner.lnk
\Netcom3 Cleaner.lnk
C:\Documents and Settings\William Adams\Desktop\Netcom3 Cleaner.lnk

Rootkit.Unclassified/IRBUSS
C:\WINDOWS\system32\drivers\IRBUSS.SYS

Rootkit.Unclassified/SRR
C:\WINDOWS\system32\drivers\SRR.SYS

Rogue.SpyMaxx
C:\Documents and Settings\All Users\Desktop\SpyMaxx.lnk

Rogue.SpyBurner
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpyBurner.lnk
C:\Documents and Settings\William Adams\Desktop\SpyBurner.lnk

Rogue.AntiSpyCheck
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiSpyCheck v2.4.lnk
\AntiSpyCheck v2.4.lnk
C:\Documents and Settings\William Adams\Desktop\AntiSpyCheck v2.4.lnk
C:\Documents and Settings\William Adams\Start Menu\AntiSpyCheck v2.4.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiSpyCheck 2.1.lnk
\AntiSpyCheck 2.1.lnk
C:\Documents and Settings\William Adams\Start Menu\AntiSpyCheck 2.1.lnk

Rogue.MalwareWar
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\MalwareWar 7.3.lnk
\MalwareWar 7.3.lnk
C:\Documents and Settings\William Adams\Desktop\MalwareWar 7.3.lnk
C:\Documents and Settings\William Adams\Start Menu\MalwareWar 7.3.lnk

Rogue.PC-Antispyware
C:\WINDOWS\system32\drivers\pca-firewall.sys

Rootkit.Unclassified/IANSWXPP
C:\WINDOWS\system32\drivers\IANSWXPP.SYS

Rogue.SpyWatchE
\SpyWatchE.lnk
C:\Documents and Settings\William Adams\Desktop\SpyWatchE.lnk

Rogue.MalwareBell
\Malware Bell 3.2.lnk
C:\Documents and Settings\William Adams\Desktop\Malware Bell 3.2.lnk
C:\Documents and Settings\William Adams\Start Menu\Programs\Malware Bell 3.2.lnk

Rogue.VirusIsolator
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\virusisolator.lnk
\virusisolator.lnk
C:\Documents and Settings\William Adams\Desktop\virusisolator.lnk

Rootkit.Unclassified/USBHubB
C:\WINDOWS\system32\drivers\usbhubb.sys

Rogue.WinIFixer
C:\Documents and Settings\All Users\Desktop\WinIFixer.lnk

Rogue.WinXPProtector
\WinXProtector.lnk
C:\Documents and Settings\William Adams\Desktop\WinXProtector.lnk

Trojan.Unknown Origin
C:\WINDOWS\system32\fets.dat
C:\WINDOWS\system32\hrpdcf.bin
C:\WINDOWS\system32\adult.txt
C:\WINDOWS\system32\esoyoweh.tmp
C:\WINDOWS\system32\WinCtrl32.dl_
C:\WINDOWS\system32\finance.txt
C:\WINDOWS\system32\lt.res
C:\WINDOWS\system32\other.txt
C:\WINDOWS\system32\pharma.txt
C:\WINDOWS\system32\sn.txt
C:\WINDOWS\promogif1.gif
C:\WINDOWS\promogif2.gif
C:\WINDOWS\promogif3.gif
C:\Documents and Settings\William Adams\Local Settings\Temporary Internet Files\bestwiner.stt
C:\Documents and Settings\William Adams\Local Settings\Temporary Internet Files\CPV.stt

Rogue.DataHealer
\DataHealer.lnk
C:\Documents and Settings\William Adams\Desktop\DataHealer.ln

Trojan.Multi-Dropper
C:\WINDOWS\..\ktgmhs.exe
C:\WINDOWS\..\rwhucv.exe
C:\WINDOWS\..\tvcfoviw.exe
C:\WINDOWS\..\wxebxbo.exe

Rogue.PrivacyWatcher
\Privacy Watcher.lnk
C:\Documents and Settings\William Adams\Desktop\Privacy Watcher.lnk

Rogue.PC-Cleaner
\PC-Cleaner.lnk
C:\Documents and Settings\William Adams\Desktop\PC-Cleaner.lnk
\blackbird.jpg
\EditorFKWP1.5.exe
\EditorFKWP2.0.exe
\filemanagerclient.exe
\fkwp1.5.exe
\fkwp2.0.exe
\fwebd.exe
\FWebdEditor.exe
\Trojan.Win32.BlackBird.exe
C:\Documents and Settings\William Adams\Desktop\EditorFKWP1.5.exe
C:\Documents and Settings\William Adams\Desktop\EditorFKWP2.0.exe
C:\Documents and Settings\William Adams\Desktop\fkwp1.5.exe
C:\Documents and Settings\William Adams\Desktop\fkwp2.0.exe
C:\Documents and Settings\William Adams\Desktop\FWebdEditor.exe
C:\Documents and Settings\William Adams\Desktop\Trojan.Win32.BlackBird.exe

Rogue.AntiSpywareMaster
\AntiSpywareMaster.lnk
C:\Documents and Settings\William Adams\Desktop\AntiSpywareMaster.lnk

Rogue.AntiVirProtect
\AntiVirProtect.lnk
C:\Documents and Settings\William Adams\Desktop\AntiVirProtect.lnk

Rogue.MasterAntiVirus
\master anti virus.lnk
C:\Documents and Settings\William Adams\Desktop\master anti virus.lnk

Rogue.Deus Cleaner
C:\Documents and Settings\All Users\Desktop\Deus Cleaner.lnk

Rogue.MyNetProtector
C:\Documents and Settings\William Adams\Desktop\MyNetProtector.lnk
C:\Documents and Settings\William Adams\Start Menu\MyNetProtector.lnk

Rogue.IEAntiVirus
\IE AntiVirus 3.2.lnk
C:\Documents and Settings\William Adams\Desktop\IE AntiVirus 3.2.lnk
C:\Documents and Settings\William Adams\Start Menu\Programs\IE AntiVirus 3.2.lnk
C:\Documents and Settings\William Adams\Desktop\IE AntiVirus 3.3.lnk
C:\Documents and Settings\William Adams\Start Menu\Programs\IE AntiVirus 3.3.lnk

Rogue.XP-Shield
C:\Documents and Settings\William Adams\Desktop\XP-Shield.lnk
\XP-Shield.lnk

Rogue.AdvancedXPDefender
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\AXPDefender.lnk
C:\Documents and Settings\All Users\Desktop\AXPDefender.lnk

Rogue.VipAntiSpyware
\vipantispyware.lnk
C:\Documents and Settings\William Adams\Desktop\vipantispyware.lnk

Rogue.AdvancedXPFixer
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\AXPFixer.lnk
C:\Documents and Settings\All Users\Desktop\AXPFixer.lnk

Rootkit.TNCore-Variant/A
C:\WINDOWS\system32\drivers\VCHH.SYS

Rogue.CrisysTecSentry
C:\Documents and Settings\William Adams\Desktop\CrisysTec Sentry 3.0.lnk

Rogue.ETDScanner
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\ETD Security Scanner.lnk
\ETD Security Scanner.lnk
C:\Documents and Settings\William Adams\Desktop\ETD Security Scanner.lnk

Rogue.MalwareMonitor
\MalwareMonitor.lnk
C:\Documents and Settings\William Adams\Desktop\MalwareMonitor.lnk

Rogue.MySpyProtector
\MySpyProtector.lnk
C:\Documents and Settings\William Adams\Desktop\MySpyProtector.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\MySpyProtector.lnk

Rogue.PCHealthPlan
C:\Documents and Settings\William Adams\Desktop\PC Health Plan.lnk
C:\Documents and Settings\William Adams\Start Menu\PC Health Plan.lnk
C:\WINDOWS\PCHP.exe.lnk
\PC Health Plan.lnk

Rogue.PrivacyGuarantor
C:\Documents and Settings\William Adams\Start Menu\Privacy Guarantor v2.0.lnk
\Privacy Guarantor v2.0.lnk
C:\Documents and Settings\William Adams\Desktop\Privacy Guarantor v2.0.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Privacy Guarantor v2.0.lnk

Rogue.PrivacyRedeemer
\Privacy Redeemer.lnk
C:\Documents and Settings\William Adams\Desktop\Privacy Redeemer.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Privacy Redeemer.lnk

Rogue.RaptorDefence
\RaptorDefence.lnk
C:\Documents and Settings\William Adams\Desktop\RaptorDefence.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\RaptorDefence.lnk

Rogue.MalwarePatrolPro
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\MPatrolPRO.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Malware Patrol PRO.lnk
C:\Documents and Settings\All Users\Desktop\MPatrolPRO.lnk

Rogue.PCPrivacyCleaner
\PCPrivacyCleaner.lnk
C:\Documents and Settings\William Adams\Desktop\PCPrivacyCleaner.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\PCPrivacyCleaner.lnk

Rogue.AntiVirus 2008 Pro
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus-2008pro.lnk
C:\Documents and Settings\William Adams\Application Data\TmpRecentIcons\Advanced XP Defender.lnk
C:\Documents and Settings\William Adams\Application Data\TmpRecentIcons\Advanced XP Fixer.lnk
C:\Documents and Settings\William Adams\Application Data\TmpRecentIcons\antivirus-2008pro.lnk
C:\Documents and Settings\William Adams\Application Data\TmpRecentIcons\SystemDefender.lnk
\antivirus-2008pro.lnk
C:\Documents and Settings\William Adams\Desktop\antivirus-2008pro.lnk

Rogue.AntiSpywareExpert
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiSpywareExpert.lnk
\AntiSpywareExpert.lnk
C:\Documents and Settings\William Adams\Desktop\AntiSpywareExpert.lnk

Rogue.UltimateAntiVirus
C:\Documents and Settings\William Adams\Desktop\Ultimate Antivirus.lnk
\Ultimate Antivirus.lnk

Rogue.Malware Protector 2008
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Malware Protector 2008.lnk

Rogue.Advanced AntiVirus 2008
\Advanced Antivirus.lnk
C:\Documents and Settings\William Adams\Desktop\Advanced Antivirus.lnk
C:\WINDOWS\system32\aav.cpl
C:\WINDOWS\system32\wav.cpl

Rogue.System AntiVirus 2008
\System Antivirus 2008.lnk
C:\Documents and Settings\William Adams\Desktop\System Antivirus 2008.lnk

Rogue.MandelEnterprise/Variants
C:\Documents and Settings\William Adams\Desktop\Adware Deluxe.lnk
C:\Documents and Settings\William Adams\Desktop\Adware Patrol.lnk
C:\Documents and Settings\William Adams\Desktop\Doctor Adware Pro.lnk
C:\Documents and Settings\William Adams\Desktop\Doctor Adware.lnk

Rogue.AntiVirus 2009
C:\Documents and Settings\William Adams\Desktop\Antivirus 2009.lnk
\Antivirus 2009.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus 2009.lnk

Rogue.WinAntiSpyware2008
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\WinAntispyware2008.lnk
C:\Documents and Settings\William Adams\Application Data\yhohynyd.bat
\WinAntispyware2008.lnk
C:\Documents and Settings\William Adams\Cookies\emyvixe._sy
C:\Documents and Settings\William Adams\Cookies\kabim.db
C:\Documents and Settings\William Adams\Cookies\libibozo.inf
C:\Documents and Settings\William Adams\Cookies\moqe.sys
C:\Documents and Settings\William Adams\Cookies\visudu._dl
C:\Documents and Settings\William Adams\Local Settings\Application Data\nirirokewi._dl
C:\Program Files\Common Files\canaj.inf
C:\Program Files\Common Files\igifeqyre.inf
C:\Program Files\Common Files\rylovewubu.scr
C:\Program Files\Common Files\sugu._dl
C:\Program Files\Common Files\zugy.db
C:\Documents and Settings\William Adams\Application Data\fyta.bin
C:\WINDOWS\wipfw.conf
C:\WINDOWS\zugykuzyd.exe
C:\WINDOWS\system32\cuco.reg
C:\WINDOWS\simu.dat
C:\WINDOWS\ruvovo.com
C:\WINDOWS\nyfinazom.dll
C:\WINDOWS\ekukomu.exe

Rogue.PestSweeper
C:\WINDOWS\system\cmsd.exe
C:\WINDOWS\system\MsWin000.exe
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\pestsweeper.lnk
\pestsweeper.lnk
C:\Documents and Settings\William Adams\Desktop\pestsweeper.lnk
C:\Documents and Settings\William Adams\Local Settings\Application Data\Microsoft\Windows\sav.exe

Rogue.AntiVirus XP 2008
C:\Documents and Settings\All Users\Start Menu\Programs\Antivirus XP 2008.lnk
C:\Documents and Settings\All Users\Desktop\Antivirus XP 2008.lnk

Rogue.WistaAntiVirus
\WistaAntivirus.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\WistaAntivirus.lnk
C:\Documents and Settings\William Adams\Desktop\WistaAntivirus.lnk

Rogue.PCCleanPro
\PC Clean Pro.lnk
C:\Documents and Settings\William Adams\Desktop\PC Clean Pro.lnk

Rogue.PCAntiSpy
C:\WINDOWS\system32\drivers\pcantispy.sys

Rogue.Doctor AntiVirus 2008
\antvr.exe
C:\Documents and Settings\William Adams\Desktop\antvr.exe

Rogue.PCTotalDefender
C:\Documents and Settings\All Users\Desktop\PCTotalDefender.lnk

Rogue.Web/Registry Sentinel
C:\WINDOWS\AttentionEX.html
C:\WINDOWS\BadUrl.txt
C:\WINDOWS\delete.jpg
C:\WINDOWS\delete1.jpg
C:\WINDOWS\locked.ico
C:\WINDOWS\opened.ico
C:\WINDOWS\paths.jpg
C:\WINDOWS\prgrsbar.gif
C:\WINDOWS\refs.jpg
C:\WINDOWS\Sentinel1.jpg
C:\WINDOWS\Sentinel2.jpg
C:\WINDOWS\Sentinel3.jpg
C:\WINDOWS\Sentinel4.jpg
C:\WINDOWS\setts.jpg
C:\WINDOWS\stores.jpg
C:\WINDOWS\uid.tmp
C:\WINDOWS\vals.jpg
C:\WINDOWS\www.jpg
\The Registry Sentinel.lnk
\The Web Sentinel.lnk
C:\Documents and Settings\William Adams\Desktop\The Registry Sentinel.lnk
C:\Documents and Settings\William Adams\Desktop\The Web Sentinel.lnk

Rogue.VirusRemover2008
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\VirusRemover2008.lnk
\Viruses.bdt
\VirusRemover2008.lnk
C:\Documents and Settings\William Adams\Desktop\Viruses.bdt
C:\Documents and Settings\William Adams\Desktop\VirusRemover2008.lnk

Rogue.AntiSpyware 2008
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Antispyware-2008.lnk
\Antispyware-2008.lnk
C:\Documents and Settings\William Adams\Desktop\Antispyware-2008.lnk

Rootkit.Agent/Gen
C:\WINDOWS\system32\msliksurcredo.dll
C:\WINDOWS\system32\msliksurdns.dll
C:\WINDOWS\system32\drivers\msliksurserv.sys
C:\WINDOWS\system32\drivers\UACeylkklmnjdohlxe.sys
C:\WINDOWS\system32\UACcbaklqrpjaurtsn.dat
C:\WINDOWS\system32\UACmgspalpmbxppwbm.log
C:\WINDOWS\system32\UACytlrltonwkwooxj.dll
C:\WINDOWS\system32\UACjbpytnvwrilnifu.dll
C:\WINDOWS\system32\MSIVXcount
C:\WINDOWS\system32\MSIVXcount.exe

Rogue.AntiMalwareGuard
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiMalwareGuard.lnk
\AntiMalwareGuard.lnk
C:\Documents and Settings\William Adams\Desktop\AntiMalwareGuard.lnk

Rogue.XP Cleaner
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\XP Cleaner.lnk
\XP Cleaner.lnk
C:\Documents and Settings\William Adams\Desktop\XP Cleaner.lnk

Rogue.RegistryDoctor2008
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\RegistryDoctor2008.lnk
\RegistryDoctor2008.lnk
C:\Documents and Settings\William Adams\Desktop\RegistryDoctor2008.lnk

Rogue.Win AntiVir 2008
\Win Antivir 2008.lnk
C:\Documents and Settings\William Adams\Desktop\Win Antivir 2008.lnk

Rogue.Power-Antivirus-2009
\Power-Antivirus-2009.lnk
C:\Documents and Settings\William Adams\Desktop\Power-Antivirus-2009.lnk

Adware.Media-Codec/ZLob
C:\Program Files\Applications\IEBTM.EXE
C:\Program Files\Applications\IEBTMM.EXE
C:\Program Files\Applications\WCM.EXE
C:\Program Files\Applications\WCS.EXE
C:\Program Files\Applications\IEBR.DLL

Rogue.WinAntiVirus2008
\Win Antivirus 2008.lnk
C:\Documents and Settings\William Adams\Desktop\Win Antivirus 2008.lnk

Rogue.WinDefender2008
\Launch WinDefender 2008.lnk
C:\Documents and Settings\William Adams\Desktop\Launch WinDefender 2008.lnk

Rogue.TraceSweeper
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Trace Sweeper.lnk
\Trace Sweeper.lnk
C:\Documents and Settings\William Adams\Desktop\Trace Sweeper.lnk

Rogue.PyroAntiSpy
C:\Documents and Settings\William Adams\Start Menu\PyroAntiSpy 2.2.lnk
\PyroAntiSpy.lnk
C:\Documents and Settings\William Adams\Desktop\PyroAntiSpy.lnk

Rogue.Internet Antivirus
C:\Documents and Settings\All Users\Desktop\Internet Antivirus.lnk

Rogue.XP-Guard
\XP-Guard.lnk
C:\Documents and Settings\William Adams\Desktop\XP-Guard.lnk

Rogue.AntiVir64
C:\Documents and Settings\William Adams\Start Menu\Programs\Startup\Antivir64.lnk

Rogue.TheSpyBot
\TheSpyBot.lnk
C:\Documents and Settings\William Adams\Desktop\TheSpyBot.lnk

Rogue.SpyGuarder
\SpyGuarder.lnk
C:\Documents and Settings\William Adams\Desktop\SpyGuarder.lnk

Rogue.SpyDevastator
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SpyDevastator 1.32.lnk
\SpyDevastator.lnk
C:\Documents and Settings\William Adams\Desktop\SpyDevastator.lnk
C:\Documents and Settings\William Adams\Start Menu\SpyDevastator 1.32.lnk

Rogue.Windows AntiVirus 2008
\Windows Antivirus 2008.lnk
C:\Documents and Settings\William Adams\Desktop\Windows Antivirus 2008.lnk

Rogue.XP Protector 2009
C:\Documents and Settings\All Users\Desktop\XP Protector 2009.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\XP Protector 2009.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\XP Protector 2009.lnk

Rogue.VirusResponseLab2009
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\VirusResponse Lab 2009 2.1.lnk
\VirusResponse Lab 2009 2.1.lnk
C:\Documents and Settings\William Adams\Desktop\VirusResponse Lab 2009 2.1.lnk
C:\Documents and Settings\William Adams\Start Menu\VirusResponse Lab 2009 2.1.lnk

Rogue.SecureExpertCleaner
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SecureExpertCleaner.lnk
C:\Documents and Settings\All Users\Desktop\Secure ExpertCleaner.lnk
C:\Documents and Settings\William Adams\Desktop\QuickInstallPack.lnk

Rogue.eAntivirusPro
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\eAntivirusPro.lnk
C:\Documents and Settings\All Users\Desktop\eAntivirusPro.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\eAntivirusPro.lnk

Rogue.VirtualPCGuard
C:\Documents and Settings\All Users\Desktop\VirtualPCGuard.lnk

Rogue.SystemOptimizer2008
C:\Documents and Settings\All Users\Desktop\SystemOptimizer2008.lnk

Rogue.TotalSecure2009
C:\WINDOWS\k.txt
C:\WINDOWS\system32\c.ico
C:\WINDOWS\system32\m.ico
C:\WINDOWS\system32\p.ico
C:\WINDOWS\system32\s.ico
\Free MP3 Search.url
\Free Porn.url
\readme.bat
\Search Online.url
\Total Secure 2009.lnk
\VIP Casino.url
C:\Documents and Settings\William Adams\Desktop\Free MP3 Search.url
C:\Documents and Settings\William Adams\Desktop\Free Porn.url
C:\Documents and Settings\William Adams\Desktop\Search Online.url
C:\Documents and Settings\William Adams\Desktop\Total Secure 2009.lnk
C:\Documents and Settings\William Adams\Desktop\VIP Casino.url
C:\Documents and Settings\William Adams\Favorites\Free MP3 Search.url
C:\Documents and Settings\William Adams\Favorites\Free Porn.url
C:\Documents and Settings\William Adams\Favorites\Search Online.url
C:\Documents and Settings\William Adams\Favorites\VIP Casino.url
C:\Documents and Settings\William Adams\Start Menu\Programs\Total Secure 2009.lnk
C:\Documents and Settings\William Adams\Start Menu\Free MP3 Search.url
C:\Documents and Settings\William Adams\Start Menu\Free Porn.url
C:\Documents and Settings\William Adams\Start Menu\Search Online.url
C:\Documents and Settings\William Adams\Start Menu\VIP Casino.url

Rogue.SpywareGuard2008
C:\WINDOWS\reged.exe
C:\WINDOWS\spoolsystem.exe
C:\WINDOWS\sys.com
C:\WINDOWS\syscert.exe
C:\WINDOWS\sysexplorer.exe
C:\WINDOWS\vmreg.dll
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\olesys.dll
\Spyware Guard 2008.lnk
C:\Documents and Settings\William Adams\Desktop\Spyware Guard 2008.lnk

Rogue.PCProtectionCenter2008
C:\Documents and Settings\All Users\Desktop\PC Protection Center 2008.lnk

Rogue.XP AntiSpyware 2009
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\XP_AntiSpyware.lnk
\XP_AntiSpyware.lnk
C:\Documents and Settings\William Adams\Desktop\XP_AntiSpyware.lnk

Rogue.XP AntiSpyware2009-Trace
C:\WINDOWS\karna.dat
C:\WINDOWS\system32\karna.dat
C:\WINDOWS\system32\_scui.cpl
\delself.bat
C:\Documents and Settings\William Adams\Desktop\delself.bat

Rogue.PCDefender2008
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\PC Defender 2008.lnk

Rogue.AntiSpywareXP2009
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiSpywareXP2009.lnk
\AntiSpywareXP2009.lnk
C:\Documents and Settings\William Adams\Desktop\AntiSpywareXP2009.lnk

Rogue.AntiVirusSentry
\AntiVirus Sentry.lnk
C:\Documents and Settings\William Adams\Desktop\AntiVirus Sentry.lnk

Rogue.RealAntiVirus
C:\Documents and Settings\William Adams\Desktop\RealAV.lnk
\RealAV.lnk

Rogue.PersonalDefender2009
C:\Documents and Settings\William Adams\Start Menu\Personal Defender 2009.lnk

Rogue.AntiVirusPro2009
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\AntivirusPro2009.lnk
\AntivirusPro2009.lnk
C:\Documents and Settings\William Adams\Desktop\AntivirusPro2009.lnk

Rogue.SecureFileShredder
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\SecureFileShredder.lnk

Trojan.Fake-Alert/Trace
C:\WINDOWS\system32\cont_mxlivemedia-remove.exe
C:\WINDOWS\system32\ounxvwyoaewekvp.exe
\Rapid Antivirus.lnk
C:\Documents and Settings\William Adams\Start Menu\Programs\Startup\Rapid Antivirus.lnk
C:\Documents and Settings\William Adams\Local Settings\Temporary Internet Files\fbk.sts
C:\Documents and Settings\All Users\Desktop\Best BDSM P0rn.url
C:\Documents and Settings\All Users\Desktop\Gay Fetish Sex.url
C:\WINDOWS\aol.com-error.html
C:\WINDOWS\gmail.com-error.html
C:\WINDOWS\google.com-error.html
C:\WINDOWS\system32\TDSSfpmp.dll

Rogue.VirusTrigger
C:\Documents and Settings\William Adams\Start Menu\Programs\VirusTrigger 2.1\VirusTrigger 2.1.lnk
C:\Documents and Settings\William Adams\Start Menu\VirusTrigger 2.1.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\VirusTrigger 2.1.lnk

Rogue.WinDefender2009
\WinDefender 2009.lnk
C:\Documents and Settings\William Adams\Desktop\WinDefender 2009.lnk
C:\Documents and Settings\William Adams\Start Menu\Programs\WinDefender 2009.lnk

Rogue.XPProtectionCenter
C:\WINDOWS\alaheb.dat
C:\WINDOWS\ocenuxos.bin
C:\WINDOWS\sufaku.dat
C:\WINDOWS\system32\otejywy._dl
C:\WINDOWS\system32\vojebeva._dl
C:\Program Files\Common Files\ecejacopoj.vbs
C:\Program Files\Common Files\ejihy.sys
C:\Program Files\Common Files\ezadylol._dl
C:\Documents and Settings\William Adams\Application Data\kecufuvyb.dll
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\XPProtectionCenter.lnk
C:\Documents and Settings\William Adams\Application Data\yfijoba.inf
C:\Documents and Settings\All Users\Application Data\hebyrenazi.sys
C:\Documents and Settings\All Users\Application Data\hyvicoh.inf
C:\Documents and Settings\All Users\Application Data\ibiregy.inf
C:\Documents and Settings\All Users\Application Data\oxinyj.dll
C:\Documents and Settings\All Users\Documents\jyjylej.pif
C:\Documents and Settings\All Users\Documents\ydyk._sy
\XPProtectionCenter.lnk
C:\Documents and Settings\William Adams\Cookies\bofexedy.inf
C:\Documents and Settings\William Adams\Cookies\foras.scr
C:\Documents and Settings\William Adams\Cookies\wacudut.ban
C:\Documents and Settings\William Adams\Cookies\yvymuj.com
C:\Documents and Settings\William Adams\Desktop\XPProtectionCenter.lnk
C:\Documents and Settings\William Adams\Local Settings\Application Data\yqozucifil.dl

Rogue.AntiSpywareGuard
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiSpywareGuard.lnk
\AntiSpywareGuard.lnk
C:\Documents and Settings\William Adams\Desktop\AntiSpywareGuard.lnk

Rogue.PerfectDefender2009
C:\Documents and Settings\William Adams\Start Menu\Perfect Defender 2009.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Perfect Defender 2009\Uninstall Perfect Defender 2009.lnk

Rogue.AntiVirus360
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus 360.lnk
\Antivirus 360.lnk
C:\Documents and Settings\William Adams\Desktop\Antivirus 360.lnk

Rogue.SystemBooster2009
C:\Documents and Settings\All Users\Desktop\SystemBooster2009 (Free Edition).lnk

Rogue.ISafeAntiVirus
C:\Documents and Settings\William Adams\Start Menu\iSafe AntiVirus 2.1.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\iSafe AntiVirus 2.1.lnk
\iSafe AntiVirus 2.1.lnk

Trojan.DNSChanger-Codec
C:\Documents and Settings\William Adams\Local Settings\Application Data\cygfs.dat
C:\Documents and Settings\William Adams\Local Settings\Application Data\cygfs.exe
C:\Documents and Settings\William Adams\Local Settings\Application Data\cygfs_nav.dat
C:\Documents and Settings\William Adams\Local Settings\Application Data\cygfs_navps.dat

Rogue.XPPolice
C:\Documents and Settings\William Adams\Start Menu\XP Police Antivirus.LNK

Rogue.TotalVirusProtection
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Total Virus Protection.lnk

Rogue.WinPCDefender
\WinPC Defender.LNK
C:\Documents and Settings\William Adams\Desktop\WinPC Defender.LNK
C:\Documents and Settings\William Adams\Start Menu\WinPC Defender.LNK

Rogue.AntiVirusPlus
C:\Documents and Settings\All Users\Desktop\Antivirus Plus.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus Plus.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\ANTIVIRUS PLUS.LNK
C:\Documents and Settings\William Adams\Desktop\ANTIVIRUS PLUS.LNK
C:\Documents and Settings\William Adams\Start Menu\Programs\Startup\ANTIVIRUS PLUS.LNK

Rogue.AntiVirusAgentPro
\Antivirus Agent Pro.lnk
C:\Documents and Settings\William Adams\Desktop\Antivirus Agent Pro.lnk

Rogue.PrivacyCenter
\Privacy center.lnk
C:\Documents and Settings\William Adams\Desktop\Privacy center.lnk
C:\Documents and Settings\William Adams\Desktop\PCenter.lnk
\PCenter.lnk
C:\Documents and Settings\William Adams\Application Data\pc\agent.exe
C:\Documents and Settings\William Adams\Application Data\pc\pc.exe
C:\Documents and Settings\William Adams\Application Data\pc\uninstall.exe
\Control center.lnk
C:\Documents and Settings\William Adams\Desktop\Control center.lnk

Rogue.WinPCAntiVirus
C:\Documents and Settings\William Adams\Desktop\WinPC Antivirus.LNK
C:\Documents and Settings\William Adams\Start Menu\WinPC Antivirus.LNK

Rogue.Cleaner2009
\Cleaner2009 Freeware.lnk
C:\Documents and Settings\William Adams\Desktop\Cleaner2009 Freeware.lnk

Rogue.AdvansedSpywareDetector
\Manual scanner.lnk
C:\Documents and Settings\William Adams\Desktop\Manual scanner.lnk

Rootkit.SENEKA-Trace
C:\WINDOWS\system32\drivers\seneka.sys
C:\WINDOWS\system32\senekalog.dat

Rogue.CoreGuardAntiVirus2009
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Coreguard 2009.lnk
\Coreguard 2009.lnk
C:\Documents and Settings\William Adams\Desktop\Coreguard 2009.lnk

Rogue.MalwareCatcher2009
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Malware Catcher 2009.lnk
C:\Documents and Settings\William Adams\Desktop\Malware Catcher 2009.lnk
C:\Documents and Settings\William Adams\Start Menu\Programs\Malware Catcher 2009.lnk
C:\Documents and Settings\William Adams\Start Menu\Malware Catcher 2009.lnk

Rogue.SystemSecurity
C:\Documents and Settings\William Adams\Desktop\System Security 2009.lnk

Rogue.AdwareAlert
C:\WINDOWS\Tasks\AdwareAlert Scheduled Scan.job
C:\Documents and Settings\All Users\Desktop\AdwareAlert.lnk

Rogue.AntiVirus_Pro
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\AntiVirus_Pro.lnk
C:\Documents and Settings\All Users\Desktop\AntiVirus_Pro.lnk
C:\Documents and Settings\William Adams\A_VPSchedule.txt

Adware.Vundo Variant/Rel
C:\WINDOWS\system32\bulilija.dll
C:\WINDOWS\system32\SSQPIIHF.DLL

Rogue.TotalDefender
\Total Defender.lnk
C:\Documents and Settings\William Adams\Desktop\Total Defender.lnk

Rogue.TotalProtect2009
C:\Documents and Settings\All Users\Desktop\Run Total Protect 2009.lnk

Rogue.ProtectionSystem
C:\Documents and Settings\All Users\Desktop\Protection System.lnk

Adware.Agent/Gen
C:\Documents and Settings\All Users\Desktop\nudetube.com.lnk
C:\Documents and Settings\All Users\Desktop\pornotube.com.lnk
C:\Documents and Settings\All Users\Desktop\youporn.com.lnk
C:\Documents and Settings\William Adams\READER_S.EXE

Trojan.Downloader-DncYool
C:\WINDOWS\system32\DNCYOOL64.SYS
C:\WINDOWS\system32\DNCYOOL32.SYS

Rogue.AdvancedVirusRemover
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced Virus Remover.lnk
\Advanced Virus Remover.lnk
C:\Documents and Settings\William Adams\Desktop\Advanced Virus Remover.lnk
C:\Documents and Settings\William Adams\Start Menu\Advanced Virus Remover.lnk

Rogue.GeneralAntiVirus
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\General Antivirus.lnk
C:\Documents and Settings\All Users\Desktop\General Antivirus.lnk

Trojan.Agent/Gen-Sino/AutoR
C:\Documents and Settings\William Adams\Application Data\Spy009.dll
C:\Documents and Settings\William Adams\Application Data\Spy009.tmp

Rogue.PrivacyComponents
\Privacy components.lnk
C:\Documents and Settings\William Adams\Desktop\Privacy components.lnk

Rogue.LoarisTrojanRemover
C:\Documents and Settings\All Users\Desktop\Loaris Trojan Remover.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Loaris Trojan Remover.lnk

Trojan.Agent/Gen
C:\WINDOWS\system32\A.TMP
C:\WINDOWS\system32\B.TMP
C:\WINDOWS\system32\A99K.BIN
C:\WINDOWS\system32\dmns.cfg
C:\WINDOWS\system32\avp.id
C:\WINDOWS\system32\lowsec\local.ds
C:\WINDOWS\system32\lowsec\user.ds
C:\WINDOWS\system32\critical_warning.html
C:\WINDOWS\system32\config\systemprofile\Start Menu\Programs\Startup\scandisk.lnk
C:\WINDOWS\system32\winhelper86.dll

Rogue.AntiVirusBest
C:\Documents and Settings\All Users\Application Data\AB\QWPROTECT.DLL
C:\Documents and Settings\All Users\Application Data\AB\INSTALLER.EXE
C:\Documents and Settings\All Users\Application Data\AB\ABEST.EXE

Rogue.SmartDefenderPro
C:\Documents and Settings\All Users\Desktop\SMART DEFENDER PRO.LNK

Rogue.Contraviro
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Contraviro.lnk
C:\Documents and Settings\All Users\Start Menu\Programs\Contraviro.lnk
C:\Documents and Settings\All Users\Desktop\Contraviro.lnk

Rogue.WiniFighter
C:\Documents and Settings\All Users\Desktop\WINIFIGHTER.LNK

Rogue.PCSecurity2009
C:\Documents and Settings\William Adams\Desktop\PC_SECURITY2009.LNK

Rogue.AdwarePro
C:\Documents and Settings\All Users\Desktop\Adware_Pro.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Adware_Pro.lnk

Rogue.SmartProtector
\Smart Protector.lnk
C:\Documents and Settings\William Adams\Desktop\Smart Protector.lnk
C:\WINDOWS\certsystem.exe
C:\WINDOWS\microsoftdef.dll
C:\WINDOWS\regred.exe
C:\WINDOWS\securits.com
C:\WINDOWS\spoov.exe
C:\WINDOWS\system32\srcr.dat

Rogue.WindowsSecuritySuite
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Security Suite.lnk
\Windows Security Suite.lnk
C:\Documents and Settings\William Adams\Desktop\Windows Security Suite.lnk
C:\Documents and Settings\William Adams\Start Menu\Programs\Windows Security Suite.lnk
C:\Documents and Settings\William Adams\Start Menu\Windows Security Suite.lnk

Rogue.WindowsSystemSuite
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows System Suite.lnk
\Windows System Suite.lnk
C:\Documents and Settings\William Adams\Desktop\Windows System Suite.lnk
C:\Documents and Settings\William Adams\Start Menu\Programs\Windows System Suite.lnk
C:\Documents and Settings\William Adams\Start Menu\Windows System Suite.lnk

Rogue.PCAntiSpyware2010
C:\Documents and Settings\William Adams\Desktop\PC_ANTISPYWARE2010.LNK

Adware.MyWebSearch/FunWebProducts
C:\WINDOWS\SYSTEM32\F3PSSAVR.SCR

Trojan.ThunMail
C:\Program Files\ThunMail\testabd.dll

Rogue.AntispywareBot
C:\WINDOWS\Tasks\AntispywareBot Scheduled Scan.job

Rogue.GreenAntiVirus
C:\Documents and Settings\All Users\Application Data\GAV\GAV.EXE
C:\Documents and Settings\All Users\Application Data\GRA\GRA.EXE

Rogue.PersonalAntiVirus
C:\WINDOWS\Tasks\PersonalAV.job

Rogue.AntiVirusPro2010
C:\Documents and Settings\William Adams\Desktop\ANTIVIRUSPRO_2010.LNK

Rogue.SaveDefense
C:\Documents and Settings\All Users\Desktop\SAVEDEFENSE.LNK

Rogue.Windows PC Defender
C:\Documents and Settings\William Adams\Start Menu\WINDOWS PC DEFENDER.LNK
C:\Documents and Settings\William Adams\Start Menu\Programs\WINDOWS PC DEFENDER.LNK
C:\Documents and Settings\William Adams\Application Data\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\WINDOWS PC DEFENDER.LNK
C:\Documents and Settings\William Adams\Desktop\WINDOWS PC DEFENDER.LNK

Rogue.TrustFighter
C:\Documents and Settings\All Users\Desktop\TRUSTFIGHTER.LNK

Rogue.BlockProtector
\BlockProtector.lnk
C:\Documents and Settings\William Adams\Desktop\BlockProtector.lnk
C:\Documents and Settings\William Adams\Start Menu\Programs\BlockProtector.lnk

Rogue.SystemFighter
\SystemFighter.lnk
C:\Documents and Settings\William Adams\Desktop\SystemFighter.lnk
C:\Documents and Settings\William Adams\Start Menu\Programs\SystemFighter.lnk

Rogue.AntiAID
C:\Documents and Settings\All Users\Desktop\AntiAID.lnk

Rogue.KeepCop
C:\Documents and Settings\All Users\Desktop\KeepCop.lnk

Rogue.AntiAdd
C:\Documents and Settings\All Users\Desktop\AntiAdd.lnk

Rogue.AntiKeep
C:\Documents and Settings\All Users\Desktop\AntiKeep.lnk

Rogue.AntiTroy
C:\Documents and Settings\All Users\Desktop\AntiTroy.lnk

Rogue.SafetyAntiSpyware
C:\Documents and Settings\William Adams\Desktop\Safety Anti-Spyware 3.lnk
C:\Documents and Settings\William Adams\Application Data\Microsoft\Internet Explorer\Quick Launch\Safety Anti-Spyware 3.lnk

Rogue.IGuardPC
C:\Documents and Settings\All Users\Desktop\IGuardPc.lnk

Trojan.Dropper/UserInit-Fake
C:\WINDOWS\SYSTEM32\USERINIT.EXE

Edited by gort, 12 December 2009 - 10:43 AM.


#10 Fabio123

Fabio123

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:10:16 PM

Posted 12 December 2009 - 10:52 AM

i found winlogon on the taskmanager could it be the porblem which maybe download at me other trojan injectors?

#11 azfreetech

azfreetech

  • Members
  • 182 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Mesa, AZ
  • Local time:02:16 PM

Posted 12 December 2009 - 12:51 PM

Update and run the MBAM scan again, remove anything it finds and then post that log in your next response. It looks like SAS found and cleard a bunch of things though! That's one heck of a log with File threats detected : 1281 LOL
DJ Digital Gem

I gave up on computers and now I just DJ!

#12 gort

gort
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:16 PM

Posted 12 December 2009 - 01:21 PM

Didn't find anything :thumbsup:

I never thought of updating the SAS program (I've had for years), I only downloaded the new definitions.

It's a wonder the PC functioned, with all that sh1t on it.

Malwarebytes' Anti-Malware 1.42
Database version: 3349
Windows 5.1.2600 Service Pack 3
Internet Explorer 7.0.5730.11

12/12/2009 18:14:18
mbam-log-2009-12-12 (18-14-18).txt

Scan type: Quick Scan
Objects scanned: 124032
Time elapsed: 6 minute(s), 48 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Edited by gort, 12 December 2009 - 01:26 PM.


#13 azfreetech

azfreetech

  • Members
  • 182 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Mesa, AZ
  • Local time:02:16 PM

Posted 12 December 2009 - 01:29 PM

How is the computer running now?
DJ Digital Gem

I gave up on computers and now I just DJ!

#14 gort

gort
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:16 PM

Posted 13 December 2009 - 04:56 PM

OK, but it was running allright before, it was just it had all that rubbish on it




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users