*there is one thing I do not have and that is my original HJT log from the fist time I ran the program*
spybot report:
--- Report generated: 2007-09-10 22:24 ---
ISearchTech.PowerScan: [SBI $8C761F66] Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\BandRest
Keylogger-Pro: [SBI $38842E01] Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\IEPK
Perfect Keylogger: [SBI $C4657531] Program directory (Directory, nothing done)
C:\Program Files\BPK\
DyFuCA: [SBI $C0E9D215] Settings (Registry value, nothing done)
HKEY_USERS\S-1-5-21-86532585-3105783985-1982547305-1006\Software\Microsoft\Internet Explorer\Main\BandRest
DyFuCA.InternetOptimizer: [SBI $17CB3733] Settings (Registry key, nothing done)
HKEY_USERS\S-1-5-21-86532585-3105783985-1982547305-1006\Software\Microsoft\Windows\CurrentVersion\Policies\AMeOpt
DyFuCA.InternetOptimizer: [SBI $8156DB3F] Settings (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\AMeOpt
eAcceleration: [SBI $1919079E] Common application data folder (Directory, nothing done)
C:\Documents and Settings\All Users\Application Data\eAcceleration
eAcceleration: [SBI $1919079E] Application data folder (Directory, nothing done)
C:\Documents and Settings\Eric Zent\Application Data\eAcceleration
InternetWasher: [SBI $6F58FFFB] Library (File, nothing done)
C:\WINDOWS\Downloaded Program Files\IWCHECK.DLL
ISearchTech.YSB: [SBI $4B70DACB] Module usage (Registry key, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/YSBactivex.dll
ISearchTech.YSB: [SBI $67644A8D] Shared DLL (1 apps) (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\WINDOWS\Downloaded Program Files\YSBactivex.dll
FunWebProducts: [SBI $7AEE25A5] Class ID (Registry key, nothing done)
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
MiniBug: [SBI $EFF38791] Installer (File, nothing done)
C:\WINDOWS\Downloaded Program Files\minibuginstaller.inf
NewDotNet: [SBI $44A0B4A7] Uninstaller (File, nothing done)
C:\WINDOWS\NDNuninstall4_50.exe
Microsoft.WindowsSecurityCenter.AntiVirusDisableNotify: [SBI $5509538C] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify
Microsoft.WindowsSecurityCenter.FirewallDisableNotify: [SBI $8CFC8C85] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify
Microsoft.WindowsSecurityCenter.UpdateDisableNotify: [SBI $2FAA945D] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify
Microsoft.Windows.IEFirewallBypass: [SBI $FFF24D3C] Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\Program Files\Internet Explorer\IEXPLORE.EXE
Microsoft.Windows.IEFirewallBypass: [SBI $1721401B] Settings (Registry value, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\Program Files\Internet Explorer\IEXPLORE.EXE
Cassava: [SBI $63C16629] Settings (Registry key, nothing done)
HKEY_USERS\S-1-5-21-86532585-3105783985-1982547305-1006\Software\casinoonnet
Cassava: [SBI $1CE6337D] Settings (Registry key, nothing done)
HKEY_USERS\S-1-5-21-86532585-3105783985-1982547305-1006\Software\VHLD
DoubleClick: [SBI $4CDCC3D5] Tracking cookie (Internet Explorer: Eric) (Cookie, nothing done)
TagASaurus: [SBI $4CDCC3D5] Tracking cookie (Internet Explorer: Eric) (Cookie, nothing done)
MediaPlex: [SBI $4CDCC3D5] Tracking cookie (Internet Explorer: Eric) (Cookie, nothing done)
CasaleMedia: [SBI $4CDCC3D5] Tracking cookie (Internet Explorer: Eric) (Cookie, nothing done)
--- Spybot - Search & Destroy version: 1.5 (build: 20070830) ---
2007-08-31 blindman.exe (1.0.0.6)
2007-08-31 SDMain.exe (1.0.0.4)
2007-08-31 SDUpdate.exe (1.0.6.4)
2007-08-31 SDWinSec.exe (1.0.0.8)
2007-08-31 SpybotSD.exe (1.5.1.15)
2007-08-31 TeaTimer.exe (1.5.0.9)
2007-09-10 unins000.exe (51.46.0.0)
2007-08-31 Update.exe (1.4.0.5)
2007-08-31 advcheck.dll (1.5.3.0)
2007-04-02 aports.dll (2.1.0.0)
2007-04-02 DelZip179.dll (1.79.5.3)
2007-08-31 SDHelper.dll (1.5.0.8)
2007-08-31 Tools.dll (2.1.2.0)
2007-09-05 Includes\Cookies.sbi (*)
2007-07-25 Includes\Dialer.sbi (*)
2007-09-05 Includes\DialerC.sbi (*)
2007-08-29 Includes\Hijackers.sbi (*)
2007-09-05 Includes\HijackersC.sbi (*)
2007-07-25 Includes\Keyloggers.sbi (*)
2007-09-05 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2007-09-05 Includes\Malware.sbi (*)
2007-09-05 Includes\MalwareC.sbi (*)
2007-09-05 Includes\PUPS.sbi (*)
2007-09-05 Includes\PUPSC.sbi (*)
2007-09-05 Includes\Revision.sbi (*)
2007-05-30 Includes\Security.sbi (*)
2007-09-05 Includes\SecurityC.sbi (*)
2007-09-05 Includes\Spybots.sbi (*)
2007-09-05 Includes\SpybotsC.sbi (*)
2007-08-21 Includes\Tracks.uti
2007-09-05 Includes\Trojans.sbi (*)
2007-09-05 Includes\TrojansC.sbi (*)
2008-12-24 Plugins\TCPIPAddress.dll
Here is the fixed log:
--- Report generated: 2007-09-10 22:26 ---
ISearchTech.PowerScan: [SBI $8C761F66] Settings (Registry value, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\BandRest
Keylogger-Pro: [SBI $38842E01] Settings (Registry value, fixed)
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\IEPK
Perfect Keylogger: [SBI $C4657531] Program directory (Directory, fixed)
C:\Program Files\BPK\
DyFuCA: [SBI $C0E9D215] Settings (Registry value, fixed)
HKEY_USERS\S-1-5-21-86532585-3105783985-1982547305-1006\Software\Microsoft\Internet Explorer\Main\BandRest
DyFuCA.InternetOptimizer: [SBI $17CB3733] Settings (Registry key, fixed)
HKEY_USERS\S-1-5-21-86532585-3105783985-1982547305-1006\Software\Microsoft\Windows\CurrentVersion\Policies\AMeOpt
DyFuCA.InternetOptimizer: [SBI $8156DB3F] Settings (Registry key, fixed) HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\AMeOpt
eAcceleration: [SBI $1919079E] Common application data folder (Directory, fixed)
C:\Documents and Settings\All Users\Application Data\eAcceleration
eAcceleration: [SBI $1919079E] Application data folder (Directory, fixed)
C:\Documents and Settings\Eric Zent\Application Data\eAcceleration
InternetWasher: [SBI $6F58FFFB] Library (File, fixed)
C:\WINDOWS\Downloaded Program Files\IWCHECK.DLL
ISearchTech.YSB: [SBI $4B70DACB] Module usage (Registry key, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/YSBactivex.dll
ISearchTech.YSB: [SBI $67644A8D] Shared DLL (1 apps) (Registry value, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\WINDOWS\Downloaded Program Files\YSBactivex.dll
FunWebProducts: [SBI $7AEE25A5] Class ID (Registry key, fixed)
HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
MiniBug: [SBI $EFF38791] Installer (File, fixed)
C:\WINDOWS\Downloaded Program Files\minibuginstaller.inf
NewDotNet: [SBI $44A0B4A7] Uninstaller (File, fixed)
C:\WINDOWS\NDNuninstall4_50.exe
Microsoft.WindowsSecurityCenter.AntiVirusDisableNotify: [SBI $5509538C] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify
Microsoft.WindowsSecurityCenter.FirewallDisableNotify: [SBI $8CFC8C85] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify
Microsoft.WindowsSecurityCenter.UpdateDisableNotify: [SBI $2FAA945D] Settings (Registry change, fixed)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify
Microsoft.Windows.IEFirewallBypass: [SBI $FFF24D3C] Settings (Registry value, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\Program Files\Internet Explorer\IEXPLORE.EXE
Microsoft.Windows.IEFirewallBypass: [SBI $1721401B] Settings (Registry value, fixed)
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\Program Files\Internet Explorer\IEXPLORE.EXE
Cassava: [SBI $63C16629] Settings (Registry key, fixed)
HKEY_USERS\S-1-5-21-86532585-3105783985-1982547305-1006\Software\casinoonnet
Cassava: [SBI $1CE6337D] Settings (Registry key, fixed)
HKEY_USERS\S-1-5-21-86532585-3105783985-1982547305-1006\Software\VHLD
DoubleClick: [SBI $4CDCC3D5] Tracking cookie (Internet Explorer: Eric Zent) (Cookie, fixed)
TagASaurus: [SBI $4CDCC3D5] Tracking cookie (Internet Explorer: Eric Zent) (Cookie, fixed)
MediaPlex: [SBI $4CDCC3D5] Tracking cookie (Internet Explorer: Eric Zent) (Cookie, fixed)
CasaleMedia: [SBI $4CDCC3D5] Tracking cookie (Internet Explorer: Eric Zent) (Cookie, fixed)
--- Spybot - Search & Destroy version: 1.5 (build: 20070830) ---
2007-08-31 blindman.exe (1.0.0.6)
2007-08-31 SDMain.exe (1.0.0.4)
2007-08-31 SDUpdate.exe (1.0.6.4)
2007-08-31 SDWinSec.exe (1.0.0.8)
2007-08-31 SpybotSD.exe (1.5.1.15)
2007-08-31 TeaTimer.exe (1.5.0.9)
2007-09-10 unins000.exe (51.46.0.0)
2007-08-31 Update.exe (1.4.0.5)
2007-08-31 advcheck.dll (1.5.3.0)
2007-04-02 aports.dll (2.1.0.0)
2007-04-02 DelZip179.dll (1.79.5.3)
2007-08-31 SDHelper.dll (1.5.0.8)
2007-08-31 Tools.dll (2.1.2.0)
2007-09-05 Includes\Cookies.sbi (*)
2007-07-25 Includes\Dialer.sbi (*)
2007-09-05 Includes\DialerC.sbi (*)
2007-08-29 Includes\Hijackers.sbi (*)
2007-09-05 Includes\HijackersC.sbi (*)
2007-07-25 Includes\Keyloggers.sbi (*)
2007-09-05 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2007-09-05 Includes\Malware.sbi (*)
2007-09-05 Includes\MalwareC.sbi (*)
2007-09-05 Includes\PUPS.sbi (*)
2007-09-05 Includes\PUPSC.sbi (*)
2007-09-05 Includes\Revision.sbi (*)
2007-05-30 Includes\Security.sbi (*)
2007-09-05 Includes\SecurityC.sbi (*)
2007-09-05 Includes\Spybots.sbi (*)
2007-09-05 Includes\SpybotsC.sbi (*)
2007-08-21 Includes\Tracks.uti
2007-09-05 Includes\Trojans.sbi (*)
2007-09-05 Includes\TrojansC.sbi (*)
2008-12-24 Plugins\TCPIPAddress.dll
Here is my last spybot log:
--- Report generated: 2007-09-11 18:37 ---
Microsoft.WindowsSecurityCenter.AntiVirusOverride: [SBI $3604910C] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride
--- Spybot - Search & Destroy version: 1.5 (build: 20070830) ---
2007-08-31 blindman.exe (1.0.0.6)
2007-08-31 SDMain.exe (1.0.0.4)
2007-08-31 SDUpdate.exe (1.0.6.4)
2007-08-31 SDWinSec.exe (1.0.0.8)
2007-08-31 SpybotSD.exe (1.5.1.15)
2007-08-31 TeaTimer.exe (1.5.0.9)
2007-09-10 unins000.exe (51.46.0.0)
2007-08-31 Update.exe (1.4.0.5)
2007-08-31 advcheck.dll (1.5.3.0)
2007-04-02 aports.dll (2.1.0.0)
2007-04-02 DelZip179.dll (1.79.5.3)
2007-08-31 SDHelper.dll (1.5.0.8)
2007-08-31 Tools.dll (2.1.2.0)
2007-09-05 Includes\Cookies.sbi (*)
2007-07-25 Includes\Dialer.sbi (*)
2007-09-05 Includes\DialerC.sbi (*)
2007-08-29 Includes\Hijackers.sbi (*)
2007-09-05 Includes\HijackersC.sbi (*)
2007-07-25 Includes\Keyloggers.sbi (*)
2007-09-05 Includes\KeyloggersC.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2007-09-05 Includes\Malware.sbi (*)
2007-09-05 Includes\MalwareC.sbi (*)
2007-09-05 Includes\PUPS.sbi (*)
2007-09-05 Includes\PUPSC.sbi (*)
2007-09-05 Includes\Revision.sbi (*)
2007-05-30 Includes\Security.sbi (*)
2007-09-05 Includes\SecurityC.sbi (*)
2007-09-05 Includes\Spybots.sbi (*)
2007-09-05 Includes\SpybotsC.sbi (*)
2007-08-21 Includes\Tracks.uti
2007-09-05 Includes\Trojans.sbi (*)
2007-09-05 Includes\TrojansC.sbi (*)
2008-12-24 Plugins\TCPIPAddress.dll
AD-Aware log:
ArchiveData(auto-quarantine- 2007-09-11 06-04-39.bckp)
Referencefile : SE1R191 10.09.2007
======================================================
EACCELERATION
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[0]=Regkey : clsid\{842c48f3-9928-4617-be20-2cb6039aaf46}
ADWARE.BHO(GENERIC)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[1]=Regkey : S-1-5-21-86532585-3105783985-1982547305-1006\software\microsoft\windows\currentversion\ext\stats\{e6280729-9251-41d7-bc1c-572c9548c962}
obj[19]=File : C:\WINDOWS\SYSTEM32\HPDirecter.dll
obj[20]=File : C:\WINDOWS\SYSTEM32\HPI2.dll
obj[21]=File : C:\WINDOWS\SYSTEM32\HPI3.dll
obj[22]=File : C:\WINDOWS\SYSTEM32\HPI4.dll
MICROGAMING
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[2]=Regkey : S-1-5-21-86532585-3105783985-1982547305-1006\software\microgaming
TRACKING COOKIE
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[3]=IECache Entry : Cookie:eric zent@atdmt.com/
obj[4]=IECache Entry : Cookie:eric zent@tacoda.net/
obj[5]=IECache Entry : Cookie:eric zent@com.com/
obj[6]=IECache Entry : Cookie:eric zent@server.iad.liveperson.net/hc/80503492
obj[7]=IECache Entry : Cookie:eric zent@server.iad.liveperson.net/
obj[8]=IECache Entry : Cookie:eric zent@server.iad.liveperson.net/hc/42100763
obj[9]=IECache Entry : Cookie:eric zent@www.stopzilla.com/
obj[10]=IECache Entry : Cookie:eric zent@betanews.com/
obj[11]=IECache Entry : Cookie:eric zent@adbrite.com/
obj[12]=IECache Entry : Cookie:eric zent@streamaudio.com/
obj[13]=IECache Entry : Cookie:eric zent@tribalfusion.com/
WIN32.TROJANCLICKER
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[14]=Regkey : software\microsoft\windows\currentversion\internet settings\zonemap\domains\gooogle.bz
obj[15]=RegValue : software\microsoft\windows\currentversion\run "msmsgs"
obj[16]=RegValue : software\microsoft\windows\currentversion\run "pop32 message client"
obj[17]=File : C:\Documents and Settings\Eric Zent\Local Settings\Temp\$updater\LZMCKT.exe
obj[23]=File : C:\WINDOWS\SYSTEM32\PFQEJ.exe
NETSTER SEARCHBAR
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
obj[18]=File : C:\Documents and Settings\Eric Zent\My Documents\Downloaded Program Files\Netster.dll
a2 report:
a-squared Free - Version 3.0
Last update: 9/11/2007 6:24:53 AM
Scan settings:
Objects: Memory, Traces, Cookies, C:\
Scan archives: On
Heuristics: On
ADS Scan: On
Scan start: 9/11/2007 6:25:41 AM
c:\program files\mediagateway detected: Trace.Directory.MediaGateway
c:\program files\aws\weatherbug detected: Trace.Directory.WeatherBug
c:\windows\system32\system.dag detected: Trace.File.GoldenKeylogger
c:\program files\aws\weatherbug\remove.exe detected: Trace.File.WeatherBug
Key: HKEY_CLASSES_ROOT\interface\{549f957d-2f89-11d6-8cfe-00c04f52b225} detected: Trace.Registry.CoolSavings
Key: HKEY_CLASSES_ROOT\interface\{549f957f-2f89-11d6-8cfe-00c04f52b225} detected: Trace.Registry.CoolSavings
Key: HKEY_LOCAL_MACHINE\software\updater detected: Trace.Registry.EUniverse
Key: HKEY_CLASSES_ROOT\clsid\{9afb8248-617f-460d-9366-d71cdeda3179} detected: Trace.Registry.FunWebProducts
Key: HKEY_LOCAL_MACHINE\software\kmint21\goldenkeylogger detected: Trace.Registry.GoldenKeylogger
Key: HKEY_CLASSES_ROOT\protocols\name-space handler\res detected: Trace.Registry.IBISToolbar
Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\d:\installshield\kazaa detected: Trace.Registry.KaZaA
Key: HKEY_LOCAL_MACHINE\software\sharman networks ltd detected: Trace.Registry.KaZaA
Key: HKEY_CLASSES_ROOT\mediagateway.licenseinstaller detected: Trace.Registry.MediaGateway
Key: HKEY_CLASSES_ROOT\protocols\name-space handler\res detected: Trace.Registry.WebSearchToolbar
Value: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\savenow --> changed detected: Trace.Registry.WhenU.SaveNow
Value: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app management\arpcache\savenow --> slowinfocache detected: Trace.Registry.WhenU.SaveNow
c:\windows\system32\system.dag detected: Trace.File.Golden Keylogger
Value: HKEY_LOCAL_MACHINE\Software\KMiNT21\GoldenKeylogger --> ConfigPath detected: Trace.Registry.Golden Keylogger
Value: HKEY_LOCAL_MACHINE\Software\KMiNT21\GoldenKeylogger --> Path detected: Trace.Registry.Golden Keylogger
Value: HKEY_LOCAL_MACHINE\Software\KMiNT21\GoldenKeylogger --> Start Menu Folder detected: Trace.Registry.Golden Keylogger
Value: HKEY_USERS\S-1-5-21-86532585-3105783985-1982547305-1006\Software\MorpheusBar\SearchAssistant --> esh detected: Trace.Registry.Morpheus Toolbar
Value: HKEY_USERS\S-1-5-21-86532585-3105783985-1982547305-1006\Software\MorpheusBar\SearchAssistant --> LastRequest detected: Trace.Registry.Morpheus Toolbar
Value: HKEY_USERS\S-1-5-21-86532585-3105783985-1982547305-1006\Software\MorpheusBar\SearchAssistant --> lsp detected: Trace.Registry.Morpheus Toolbar
Value: HKEY_USERS\S-1-5-21-86532585-3105783985-1982547305-1006\Software\MorpheusBar\SearchAssistant --> NextRequest detected: Trace.Registry.Morpheus Toolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MorpheusBar\bar --> CurInstall detected: Trace.Registry.Morpheus Toolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MorpheusBar\bar --> Dir detected: Trace.Registry.Morpheus Toolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MorpheusBar\bar --> pid detected: Trace.Registry.Morpheus Toolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MorpheusBar\bar --> pl detected: Trace.Registry.Morpheus Toolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MorpheusBar\bar --> PluginPath detected: Trace.Registry.Morpheus Toolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MorpheusBar\bar --> sr detected: Trace.Registry.Morpheus Toolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MorpheusBar\SearchAssistant --> CurInstall detected: Trace.Registry.Morpheus Toolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MorpheusBar\SearchAssistant --> Dir detected: Trace.Registry.Morpheus Toolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MorpheusBar\SearchAssistant --> pl detected: Trace.Registry.Morpheus Toolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MorpheusBar\SearchAssistant --> sr detected: Trace.Registry.Morpheus Toolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ISTsvc --> Changed detected: Trace.Registry.ISTsvc
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ISTsvc --> SlowInfoCache detected: Trace.Registry.ISTsvc
Value: HKEY_CLASSES_ROOT\CLSID\{8C11E411-860C-4BAE-A0F4-CBE8DAE6B84C}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Blubster
Value: HKEY_CLASSES_ROOT\CLSID\{9583E033-1CCC-446E-A858-317A0620EE66}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Blubster
Value: HKEY_CLASSES_ROOT\CLSID\{9E6A5B24-1FBC-42D9-870D-07D5C5738075}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Blubster
Value: HKEY_CLASSES_ROOT\CLSID\{EA6DA0D5-1021-4F55-ACBA-D1D8BA7EAB2C}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Blubster
Value: HKEY_CLASSES_ROOT\CLSID\{EE12598F-BD9F-4BAD-BB13-D49829A024FE}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Blubster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C11E411-860C-4BAE-A0F4-CBE8DAE6B84C}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Blubster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9583E033-1CCC-446E-A858-317A0620EE66}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Blubster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9E6A5B24-1FBC-42D9-870D-07D5C5738075}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Blubster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EA6DA0D5-1021-4F55-ACBA-D1D8BA7EAB2C}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Blubster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE12598F-BD9F-4BAD-BB13-D49829A024FE}\InprocServer32 --> ThreadingModel detected: Trace.Registry.Blubster
c:\program files\the weather channel fw detected: Trace.Directory.Desktop Weather
c:\windows\ncuninst.exe detected: Trace.File.MARAVEL Screensaver
C:\Documents and Settings\Eric Zent\Local Settings\Temp\$updater\YDGUUH.exe detected: Trojan-Clicker.Win32.Delf.hd
C:\Documents and Settings\Eric Zent\Local Settings\Temporary Internet Files\Content.IE5\32IQM6CM\hijackthis[1]\backups\backup-20070910-174458-302.dll detected: Riskware.Downloader.Win32.PopCap.b
C:\Documents and Settings\Eric Zent\My Documents\Azureus Downloads\Adobe Acrobat 8 Professional FULL DVD Incl CRACK\Adobe Acrobat 8 Professional FULL DVD Incl CRACK.rar/Acrobat.dll detected: Heuristic.ArchiveBomb
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP131\A0014732.exe detected: Adware.Win32.WebSearch.bc
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP132\A0014826.dll detected: Adware.Win32.WebSearch.bc
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP132\A0014827.exe detected: Adware.Win32.WebSearch.bc
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP137\A0015181.exe detected: Adware.Win32.NewDotNet
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP139\A0015260.dll detected: Adware.Win32.BHO.cn
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP139\A0015261.dll detected: Adware.Win32.BHO.cn
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP139\A0015262.dll detected: Adware.Win32.BHO.cn
C:\WINDOWS\NDNuninstall4_80.exe detected: Adware.Win32.NewDotNet
C:\WINDOWS\NDNuninstall4_88.exe detected: Adware.NewDotNet
C:\WINDOWS\NDNuninstall4_94.exe detected: Adware.Win32.NewDotNet
C:\WINDOWS\SYSTEM32\2T1QD.exe detected: Trojan-Clicker.Win32.Delf.hd
C:\WINDOWS\SYSTEM32\camdrv.exe detected: Adware.Win32.WebSearch.bc
Scanned
Files: 192092
Traces: 323362
Cookies: 48
Processes: 28
Found
Files: 15
Traces: 48
Cookies: 0
Processes: 0
Registry keys: 0
Scan end: 9/11/2007 7:32:21 AM
Scan time: 1:06:40 AM
C:\Documents and Settings\Eric Zent\Local Settings\Temp\$updater\YDGUUH.exe Quarantined Trojan-Clicker.Win32.Delf.hd
C:\WINDOWS\SYSTEM32\2T1QD.exe Quarantined Trojan-Clicker.Win32.Delf.hd
c:\windows\system32\system.dag Quarantined Trace.File.GoldenKeylogger
C:\WINDOWS\NDNuninstall4_88.exe Quarantined Adware.NewDotNet
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP139\A0015260.dll Quarantined Adware.Win32.BHO.cn
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP139\A0015261.dll Quarantined Adware.Win32.BHO.cn
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP139\A0015262.dll Quarantined Adware.Win32.BHO.cn
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP137\A0015181.exe Quarantined Adware.Win32.NewDotNet
C:\WINDOWS\NDNuninstall4_80.exe Quarantined Adware.Win32.NewDotNet
C:\WINDOWS\NDNuninstall4_94.exe Quarantined Adware.Win32.NewDotNet
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP131\A0014732.exe Quarantined Adware.Win32.WebSearch.bc
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP132\A0014826.dll Quarantined Adware.Win32.WebSearch.bc
C:\System Volume Information\_restore{B37680B2-BA0A-4E5D-BF30-83E44C588624}\RP132\A0014827.exe Quarantined Adware.Win32.WebSearch.bc
C:\WINDOWS\SYSTEM32\camdrv.exe Quarantined Adware.Win32.WebSearch.bc
C:\Documents and Settings\Eric Zent\My Documents\Azureus Downloads\Adobe Acrobat 8 Professional FULL DVD Incl CRACK\Adobe Acrobat 8 Professional FULL DVD Incl CRACK.rar/Acrobat.dll Quarantined Heuristic.ArchiveBomb
C:\Documents and Settings\Eric Zent\Local Settings\Temporary Internet Files\Content.IE5\32IQM6CM\hijackthis[1]\backups\backup-20070910-174458-302.dll Quarantined Riskware.Downloader.Win32.PopCap.b
c:\program files\the weather channel fw Quarantined Trace.Directory.Desktop Weather
Value: HKEY_CLASSES_ROOT\CLSID\{8C11E411-860C-4BAE-A0F4-CBE8DAE6B84C}\InprocServer32 --> ThreadingModel Quarantined Trace.Registry.Blubster
Value: HKEY_CLASSES_ROOT\CLSID\{9583E033-1CCC-446E-A858-317A0620EE66}\InprocServer32 --> ThreadingModel Quarantined Trace.Registry.Blubster
Value: HKEY_CLASSES_ROOT\CLSID\{9E6A5B24-1FBC-42D9-870D-07D5C5738075}\InprocServer32 --> ThreadingModel Quarantined Trace.Registry.Blubster
Value: HKEY_CLASSES_ROOT\CLSID\{EA6DA0D5-1021-4F55-ACBA-D1D8BA7EAB2C}\InprocServer32 --> ThreadingModel Quarantined Trace.Registry.Blubster
Value: HKEY_CLASSES_ROOT\CLSID\{EE12598F-BD9F-4BAD-BB13-D49829A024FE}\InprocServer32 --> ThreadingModel Quarantined Trace.Registry.Blubster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C11E411-860C-4BAE-A0F4-CBE8DAE6B84C}\InprocServer32 --> ThreadingModel Quarantined Trace.Registry.Blubster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9583E033-1CCC-446E-A858-317A0620EE66}\InprocServer32 --> ThreadingModel Quarantined Trace.Registry.Blubster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9E6A5B24-1FBC-42D9-870D-07D5C5738075}\InprocServer32 --> ThreadingModel Quarantined Trace.Registry.Blubster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EA6DA0D5-1021-4F55-ACBA-D1D8BA7EAB2C}\InprocServer32 --> ThreadingModel Quarantined Trace.Registry.Blubster
Value: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE12598F-BD9F-4BAD-BB13-D49829A024FE}\InprocServer32 --> ThreadingModel Quarantined Trace.Registry.Blubster
Value: HKEY_USERS\S-1-5-21-86532585-3105783985-1982547305-1006\Software\MorpheusBar\SearchAssistant --> esh Quarantined Trace.Registry.Morpheus Toolbar
Value: HKEY_USERS\S-1-5-21-86532585-3105783985-1982547305-1006\Software\MorpheusBar\SearchAssistant --> LastRequest Quarantined Trace.Registry.Morpheus Toolbar
Value: HKEY_USERS\S-1-5-21-86532585-3105783985-1982547305-1006\Software\MorpheusBar\SearchAssistant --> lsp Quarantined Trace.Registry.Morpheus Toolbar
Value: HKEY_USERS\S-1-5-21-86532585-3105783985-1982547305-1006\Software\MorpheusBar\SearchAssistant --> NextRequest Quarantined Trace.Registry.Morpheus Toolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MorpheusBar\bar --> CurInstall Quarantined Trace.Registry.Morpheus Toolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MorpheusBar\bar --> Dir Quarantined Trace.Registry.Morpheus Toolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MorpheusBar\bar --> pid Quarantined Trace.Registry.Morpheus Toolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MorpheusBar\bar --> pl Quarantined Trace.Registry.Morpheus Toolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MorpheusBar\bar --> PluginPath Quarantined Trace.Registry.Morpheus Toolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MorpheusBar\bar --> sr Quarantined Trace.Registry.Morpheus Toolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MorpheusBar\SearchAssistant --> CurInstall Quarantined Trace.Registry.Morpheus Toolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MorpheusBar\SearchAssistant --> Dir Quarantined Trace.Registry.Morpheus Toolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MorpheusBar\SearchAssistant --> pl Quarantined Trace.Registry.Morpheus Toolbar
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MorpheusBar\SearchAssistant --> sr Quarantined Trace.Registry.Morpheus Toolbar
Value: HKEY_LOCAL_MACHINE\Software\KMiNT21\GoldenKeylogger --> ConfigPath Quarantined Trace.Registry.Golden Keylogger
Value: HKEY_LOCAL_MACHINE\Software\KMiNT21\GoldenKeylogger --> Path Quarantined Trace.Registry.Golden Keylogger
Value: HKEY_LOCAL_MACHINE\Software\KMiNT21\GoldenKeylogger --> Start Menu Folder Quarantined Trace.Registry.Golden Keylogger
c:\windows\system32\system.dag Quarantined Trace.File.Golden Keylogger
Key: HKEY_CLASSES_ROOT\protocols\name-space handler\res Quarantined Trace.Registry.WebSearchToolbar
Key: HKEY_CLASSES_ROOT\mediagateway.licenseinstaller Quarantined Trace.Registry.MediaGateway
Key: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\app paths\d:\installshield\kazaa Quarantined Trace.Registry.KaZaA
Key: HKEY_LOCAL_MACHINE\software\sharman networks ltd Quarantined Trace.Registry.KaZaA
Key: HKEY_CLASSES_ROOT\protocols\name-space handler\res Quarantined Trace.Registry.IBISToolbar
Key: HKEY_LOCAL_MACHINE\software\kmint21\goldenkeylogger Quarantined Trace.Registry.GoldenKeylogger
Key: HKEY_CLASSES_ROOT\clsid\{9afb8248-617f-460d-9366-d71cdeda3179} Quarantined Trace.Registry.FunWebProducts
Key: HKEY_LOCAL_MACHINE\software\updater Quarantined Trace.Registry.EUniverse
Key: HKEY_CLASSES_ROOT\interface\{549f957d-2f89-11d6-8cfe-00c04f52b225} Quarantined Trace.Registry.CoolSavings
Key: HKEY_CLASSES_ROOT\interface\{549f957f-2f89-11d6-8cfe-00c04f52b225} Quarantined Trace.Registry.CoolSavings
c:\program files\aws\weatherbug\remove.exe Quarantined Trace.File.WeatherBug
c:\program files\aws\weatherbug Quarantined Trace.Directory.WeatherBug
c:\program files\mediagateway Quarantined Trace.Directory.MediaGateway
Quarantined
Files: 13
Traces: 42
Cookies: 0
HJT log:
Logfile of HijackThis v1.99.1
Scan saved at 6:44:07 PM, on 9/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\M-Audio Ozone\Install\Ozinst.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\HPAware.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\M-Audio Ozone\OZTask.exe
C:\WINDOWS\SYSTEM32\cidaemon.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dellnet.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customi ... .yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer Provided by Cox High Speed Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = smtp.west.cox.net:26
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [HP Update Assistant] C:\WINDOWS\system32\HPAware.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: M-Audio Ozone Control Panel Launcher.lnk = C:\Program Files\M-Audio Ozone\OZTask.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\GameClient.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1842B0EE-B597-11D4-8997-00104BD12D94} (iCC Class) - http://www.pcpitstop.com/internet/pcpConnCheck.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 7157208544
O16 - DPF: {9BFC2253-B9D9-477E-9488-CA450232620D} (BinAg1 Class) - https://fastconnectkitsetup.cox.net/wiz ... ctiveX.CAB
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Ozone Installer (OzoneInstallerService) - Nemesis - C:\Program Files\M-Audio Ozone\Install\Ozinst.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
I’m sorry about the length and probably repetition of information but I just want to give you guys as much information on what I have done and what the programs said they found. And if at all possible if I could get some information on what I can delete or how to research what I can delete in my quarantine files. Just afraid I’m going to do something that I can’t reverse. Thanks in advance! Eric.
[/list]