Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Need Help with SSTQP.dll removal

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Unread postby Katana » October 5th, 2007, 6:47 am

That is a false alarm, please let the scan run.
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester
Advertisement
Register to Remove

YIKES!!

Unread postby distinctedge » October 5th, 2007, 8:45 pm

OK much to report on.

The panda would not run with Avast on. So I turned off Avast.

Panda made it to about 435,000 files and froze. It had 14 adwares showing at that point. So I ran a Trend Micro. It showed a few items for adware and a few trojans in quarantine. Then I ran a Norton online and it showed 1 cookie and two trojans but one was from the hijack this log and one was from another quarantine file. I then saw an ad for Stop Sign. I DL and ran it. It froze!

Next I ran uniblues Spy Eraser. SOB!! Close to 1500 infections.


Start Date:October 05, 2007 at 02:13:46PM

End Date:October 05, 2007 at 05:00:02PM

Total Time:286 Mins 16 Secs
Detected Infections

AccelerationSoftware
Details: An Adware Program displays ads on users PC, these ads can be in various forms including pop-ups, pop-unders, banners etc. These programs may track users browsing activities, change browsers homepage settings and may hijack search results.
Status:Removed
Adware-Adware



Infected registry keys/values detected
hkey_local_machine\software\microsoft\windows\curr
entversion\uninstall\webscan

StopSign
Details: An Adware Program displays ads on users PC, these ads can be in various forms including pop-ups, pop-unders, banners etc. These programs may track users browsing activities, change browsers homepage settings and may hijack search results.
Status:Removed
Adware-Adware



Infected registry keys/values detected
hkey_classes_root\clsid\{878c1976-66ab-4454-a9b1-4
0cd594ac223}
hkey_classes_root\interface\{e6d85ab8-9be3-4ca4-bb
42-a00fb61dd708}
hkey_classes_root\*\shellex\contextmenuhandlers\st
opsignrcs
hkey_classes_root\clsid\{459729ac-727d-4d97-b18a-7
2ee224efec0}
hkey_classes_root\clsid\{46d570d9-71c8-44e5-a76c-a
adfe94442ca}

Trojan-spy.BZub.hv
Details: A Trojan Spy is a program that sits on the user’s PC in silence and logs keystrokes and other confidential information. This program traces down all the activities of the user, saves information on the hard disk and forwards it to the author. It is also capable of capturing system screen shots and is commonly used to embezzle banking and other financial information in order to encourage online fraud. As program permits the unauthorized collection, distortion, or obliteration of data, it can leave the system more vulnerable and cause damage to user’s data. It can also pose security and privacy threats to one’s system, needless to mention the damage it can cause to the important data and installed programs.
Status:Removed
Trojan-spy-Trojan-spy



Infected registry keys/values detected
hkey_local_machine\software\microsoft\windows\curr
entversion\control panel\load\\

Adware.BHO.t
Details: Adware programs secretly embed themselves on the victim’s computer, hijack the browsing habits and search keywords and then display advertisements accordingly. The ads can include pop-ups, pop-unders, banners, or links etc. It may launch at system startup and modify the browser settings such as the home page, search page and the error page. It results in the browser as well as the system slow down and hence the user is recommended to remove this program.
Status:Removed
Adware-Adware



Infected registry keys/values detected
hkey_users\.default\software\microsoft\internet ex
plorer\main\check_associations\

Active Key Logger
Details: A Trojan is a destructive program that is often disguised as a useful application; which can be downloaded from the internet, can be installed through an exploit or can be sent through an email, for example "xyz.zip" would actually be "xyz.zip.exe" so as soon as the user tries to open "xyz.zip", the trojan would execute and infect the system. Depending on the type, these programs may create various security and stability related issues on the system. They may change or disable various applications.
Status:Removed
Monitoring Software-Monitoring Software



Infected files detected
c:\current installs\collanos\myworkspaces\.metadata\.plugins\org.eclipse.core.resources\.root\.indexes\history.version
c:\documents and settings\hp_administrator\my documents\collanos\myworkspaces\.metadata\.plugins\org.eclipse.core.resources\.root\.indexes\history.version

EAcceleration
Details: An Adware Program displays ads on users PC, these ads can be in various forms including pop-ups, pop-unders, banners etc. These programs may track users browsing activities, change browsers homepage settings and may hijack search results.
Status:Removed
Adware-Adware



Infected files detected
c:\documents and settings\hp_administrator\desktop\scan now for viruses and threats.lnk
c:\program files\acceleration software\anti-virus\aliaslist.xml
c:\program files\acceleration software\anti-virus\buynow.gif
c:\program files\acceleration software\anti-virus\clean.html
c:\program files\acceleration software\anti-virus\clnlist.dat
c:\program files\acceleration software\anti-virus\clnrchk.dat
c:\program files\acceleration software\anti-virus\clnrfail.html
c:\program files\acceleration software\anti-virus\clnrpending.html
c:\program files\acceleration software\anti-virus\clnrrestart.html
c:\program files\acceleration software\anti-virus\clnrretry.html
c:\program files\acceleration software\anti-virus\clnrsuccess.html
c:\program files\acceleration software\anti-virus\cookies1.cnr
c:\program files\acceleration software\anti-virus\cookies2.cnr
c:\program files\acceleration software\anti-virus\cookies3.cnr
c:\program files\acceleration software\anti-virus\cookies4.cnr
c:\program files\acceleration software\anti-virus\coolws.cnr
c:\program files\acceleration software\anti-virus\cure_rslt01.gif
c:\program files\acceleration software\anti-virus\drw43300.vdb
c:\program files\acceleration software\anti-virus\drw43301.vdb
c:\program files\acceleration software\anti-virus\drw43302.vdb
c:\program files\acceleration software\anti-virus\drw43303.vdb
c:\program files\acceleration software\anti-virus\drw43304.vdb
c:\program files\acceleration software\anti-virus\drw43305.vdb
c:\program files\acceleration software\anti-virus\drw43306.vdb
c:\program files\acceleration software\anti-virus\drw43307.vdb
c:\program files\acceleration software\anti-virus\drw43308.vdb
c:\program files\acceleration software\anti-virus\drw43309.vdb
c:\program files\acceleration software\anti-virus\drw43310.vdb
c:\program files\acceleration software\anti-virus\drw43311.vdb
c:\program files\acceleration software\anti-virus\drw43312.vdb
c:\program files\acceleration software\anti-virus\drw43313.vdb
c:\program files\acceleration software\anti-virus\drw43314.vdb
c:\program files\acceleration software\anti-virus\drw43315.vdb
c:\program files\acceleration software\anti-virus\drw43316.vdb
c:\program files\acceleration software\anti-virus\drw43317.vdb
c:\program files\acceleration software\anti-virus\drw43318.vdb
c:\program files\acceleration software\anti-virus\drw43319.vdb
c:\program files\acceleration software\anti-virus\drw43320.vdb
c:\program files\acceleration software\anti-virus\drw43321.vdb
c:\program files\acceleration software\anti-virus\drw43322.vdb
c:\program files\acceleration software\anti-virus\drw43323.vdb
c:\program files\acceleration software\anti-virus\drw43324.vdb
c:\program files\acceleration software\anti-virus\drw43325.vdb
c:\program files\acceleration software\anti-virus\drw43326.vdb
c:\program files\acceleration software\anti-virus\drw43327.vdb
c:\program files\acceleration software\anti-virus\drw43328.vdb
c:\program files\acceleration software\anti-virus\drw43329.vdb
c:\program files\acceleration software\anti-virus\drw43330.vdb
c:\program files\acceleration software\anti-virus\drw43331.vdb
c:\program files\acceleration software\anti-virus\drw43332.vdb
c:\program files\acceleration software\anti-virus\drw43333.vdb
c:\program files\acceleration software\anti-virus\drw43334.vdb
c:\program files\acceleration software\anti-virus\drw43335.vdb
c:\program files\acceleration software\anti-virus\drw43336.vdb
c:\program files\acceleration software\anti-virus\drw43337.vdb
c:\program files\acceleration software\anti-virus\drw43338.vdb
c:\program files\acceleration software\anti-virus\drw43339.vdb
c:\program files\acceleration software\anti-virus\drw43340.vdb
c:\program files\acceleration software\anti-virus\drw43341.vdb
c:\program files\acceleration software\anti-virus\drw43342.vdb
c:\program files\acceleration software\anti-virus\drw43343.vdb
c:\program files\acceleration software\anti-virus\drw43344.vdb
c:\program files\acceleration software\anti-virus\drw43345.vdb
c:\program files\acceleration software\anti-virus\drw43346.vdb
c:\program files\acceleration software\anti-virus\drw43347.vdb
c:\program files\acceleration software\anti-virus\drw43348.vdb
c:\program files\acceleration software\anti-virus\drw43349.vdb
c:\program files\acceleration software\anti-virus\drw43350.vdb
c:\program files\acceleration software\anti-virus\drw43351.vdb
c:\program files\acceleration software\anti-virus\drw43352.vdb
c:\program files\acceleration software\anti-virus\drw43353.vdb
c:\program files\acceleration software\anti-virus\drw43354.vdb
c:\program files\acceleration software\anti-virus\drw43355.vdb
c:\program files\acceleration software\anti-virus\drw43356.vdb
c:\program files\acceleration software\anti-virus\drw43357.vdb
c:\program files\acceleration software\anti-virus\drw43358.vdb
c:\program files\acceleration software\anti-virus\drw43359.vdb
c:\program files\acceleration software\anti-virus\drw43360.vdb
c:\program files\acceleration software\anti-virus\drw43361.vdb
c:\program files\acceleration software\anti-virus\drw43362.vdb
c:\program files\acceleration software\anti-virus\drw43363.vdb
c:\program files\acceleration software\anti-virus\drw43364.vdb
c:\program files\acceleration software\anti-virus\drw43365.vdb
c:\program files\acceleration software\anti-virus\drw43366.vdb
c:\program files\acceleration software\anti-virus\drw43367.vdb
c:\program files\acceleration software\anti-virus\drw43368.vdb
c:\program files\acceleration software\anti-virus\drw43369.vdb
c:\program files\acceleration software\anti-virus\drw43370.vdb
c:\program files\acceleration software\anti-virus\drw43371.vdb
c:\program files\acceleration software\anti-virus\drw43372.vdb
c:\program files\acceleration software\anti-virus\drw43373.vdb
c:\program files\acceleration software\anti-virus\drw43374.vdb
c:\program files\acceleration software\anti-virus\drw43375.vdb
c:\program files\acceleration software\anti-virus\drw43376.vdb
c:\program files\acceleration software\anti-virus\drw43377.vdb
c:\program files\acceleration software\anti-virus\drw43378.vdb
c:\program files\acceleration software\anti-virus\drw43379.vdb
c:\program files\acceleration software\anti-virus\drw43380.vdb
c:\program files\acceleration software\anti-virus\drw43381.vdb
c:\program files\acceleration software\anti-virus\drw43382.vdb
c:\program files\acceleration software\anti-virus\drw43383.vdb
c:\program files\acceleration software\anti-virus\drw43384.vdb
c:\program files\acceleration software\anti-virus\drw43385.vdb
c:\program files\acceleration software\anti-virus\drw43386.vdb
c:\program files\acceleration software\anti-virus\drw43387.vdb
c:\program files\acceleration software\anti-virus\drw43388.vdb
c:\program files\acceleration software\anti-virus\drw43389.vdb
c:\program files\acceleration software\anti-virus\drw43390.vdb
c:\program files\acceleration software\anti-virus\drw43391.vdb
c:\program files\acceleration software\anti-virus\drw43392.vdb
c:\program files\acceleration software\anti-virus\drw43393.vdb
c:\program files\acceleration software\anti-virus\drw43394.vdb
c:\program files\acceleration software\anti-virus\drw43395.vdb
c:\program files\acceleration software\anti-virus\drw43396.vdb
c:\program files\acceleration software\anti-virus\drw43397.vdb
c:\program files\acceleration software\anti-virus\drw43398.vdb
c:\program files\acceleration software\anti-virus\drw43399.vdb
c:\program files\acceleration software\anti-virus\drw4339a.vdb
c:\program files\acceleration software\anti-virus\drw4339b.vdb
c:\program files\acceleration software\anti-virus\drw4339c.vdb
c:\program files\acceleration software\anti-virus\drw4339d.vdb
c:\program files\acceleration software\anti-virus\drw4339e.vdb
c:\program files\acceleration software\anti-virus\drw4339f.vdb
c:\program files\acceleration software\anti-virus\drw4339g.vdb
c:\program files\acceleration software\anti-virus\drw4339h.vdb
c:\program files\acceleration software\anti-virus\drweb32.dll
c:\program files\acceleration software\anti-virus\drwebase.vdb
c:\program files\acceleration software\anti-virus\drwnasty.vdb
c:\program files\acceleration software\anti-virus\drwrisky.vdb
c:\program files\acceleration software\anti-virus\drwtoday.vdb
c:\program files\acceleration software\anti-virus\dsshell.dll
c:\program files\acceleration software\anti-virus\dwn43301.vdb
c:\program files\acceleration software\anti-virus\dwn43302.vdb
c:\program files\acceleration software\anti-virus\dwn43303.vdb
c:\program files\acceleration software\anti-virus\dwn43304.vdb
c:\program files\acceleration software\anti-virus\dwn43305.vdb
c:\program files\acceleration software\anti-virus\dwn43306.vdb
c:\program files\acceleration software\anti-virus\dwn43307.vdb
c:\program files\acceleration software\anti-virus\dwn43308.vdb
c:\program files\acceleration software\anti-virus\dwn43309.vdb
c:\program files\acceleration software\anti-virus\dwn43310.vdb
c:\program files\acceleration software\anti-virus\dwntoday.vdb
c:\program files\acceleration software\anti-virus\dwr43301.vdb
c:\program files\acceleration software\anti-virus\dwr43302.vdb
c:\program files\acceleration software\anti-virus\dwrtoday.vdb
c:\program files\acceleration software\anti-virus\eac_install00.dat
c:\program files\acceleration software\anti-virus\eac_mindef.dll
c:\program files\acceleration software\anti-virus\eanth_alert.exe
c:\program files\acceleration software\anti-virus\firststrike.cnr
c:\program files\acceleration software\anti-virus\firststrike_win32.hllm.generic.345.cnr
c:\program files\acceleration software\anti-virus\lspfix.exe
c:\program files\acceleration software\anti-virus\lspfix.txt
c:\program files\acceleration software\anti-virus\onlineclnr.html
c:\program files\acceleration software\anti-virus\regsvr32.exe
c:\program files\acceleration software\anti-virus\requestclnr.html
c:\program files\acceleration software\anti-virus\resources\css\theme.css
c:\program files\acceleration software\anti-virus\resources\html\stops_threatscanner.htm
c:\program files\acceleration software\anti-virus\resources\images\collapse.gif
c:\program files\acceleration software\anti-virus\resources\images\expand.gif
c:\program files\acceleration software\anti-virus\resources\images\off_blue.gif
c:\program files\acceleration software\anti-virus\resources\images\on_blue.gif
c:\program files\acceleration software\anti-virus\resources\images\on_darkyellow.gif
c:\program files\acceleration software\anti-virus\resources\images\prodbtn_down.gif
c:\program files\acceleration software\anti-virus\resources\images\prodbtn_over.gif
c:\program files\acceleration software\anti-virus\resources\images\prodbtn_up.gif
c:\program files\acceleration software\anti-virus\resources\images\ss_boxhead_lft.gif
c:\program files\acceleration software\anti-virus\resources\images\ss_boxhead_rt.gif
c:\program files\acceleration software\anti-virus\resources\images\ss_boxhead_space.gif
c:\program files\acceleration software\anti-virus\resources\images\ss_headers_ss_expand.gif
c:\program files\acceleration software\anti-virus\resources\images\ss_headers_ss_results.gif
c:\program files\acceleration software\anti-virus\resources\images\ss_headers_ss_ts.gif
c:\program files\acceleration software\anti-virus\resources\images\ss_icons_ss_moreinfo_wht16.gif
c:\program files\acceleration software\anti-virus\resources\images\ss_icons_ss_off_wht16.gif
c:\program files\acceleration software\anti-virus\resources\images\ss_icons_ss_on_wht16.gif
c:\program files\acceleration software\anti-virus\resources\images\ss_icons_ss_sett_wht16.gif
c:\program files\acceleration software\anti-virus\resources\images\ss_icon_ea_help_16.gif
c:\program files\acceleration software\anti-virus\resources\images\ss_icon_ss_scan-results_16.gif
c:\program files\acceleration software\anti-virus\resources\images\ss_icon_ss_scanner_16.gif
c:\program files\acceleration software\anti-virus\resources\images\ss_icon_ss_scanner_32.gif
c:\program files\acceleration software\anti-virus\resources\js\panel.js
c:\program files\acceleration software\anti-virus\resources\js\scripts.js
c:\program files\acceleration software\anti-virus\resources\xml\results.xml
c:\program files\acceleration software\anti-virus\resources\xml\scanner.xml
c:\program files\acceleration software\anti-virus\results.css
c:\program files\acceleration software\anti-virus\results.js
c:\program files\acceleration software\anti-virus\runclnr.html
c:\program files\acceleration software\anti-virus\s-explorer.cpn
c:\program files\acceleration software\anti-virus\scancore.dll
c:\program files\acceleration software\anti-virus\scancoredll.dll
c:\program files\acceleration software\anti-virus\scanlog.log
c:\program files\acceleration software\anti-virus\scanner_plugin.dll
c:\program files\acceleration software\anti-virus\scanrs_meg.dll
c:\program files\acceleration software\anti-virus\scanrs_vlz.dll
c:\program files\acceleration software\anti-virus\shexclude.dat
c:\program files\acceleration software\anti-virus\siexclude.dat
c:\program files\acceleration software\anti-virus\spyware.cnr
c:\program files\acceleration software\anti-virus\spy_180_solutions_n-case.cnr
c:\program files\acceleration software\anti-virus\spy_180_solutions_seekmo.cnr
c:\program files\acceleration software\anti-virus\spy_180_solutions_zango.cnr
c:\program files\acceleration software\anti-virus\spy_2spy!.cnr
c:\program files\acceleration software\anti-virus\spy_3721_com_cnsmin.cnr
c:\program files\acceleration software\anti-virus\spy_3dstate_web-entrance.cnr
c:\program files\acceleration software\anti-virus\spy_7search_7fasst.cnr
c:\program files\acceleration software\anti-virus\spy_aby_software_ab_system_spy.cnr
c:\program files\acceleration software\anti-virus\spy_acceso_group_s_l__123mania.cnr
c:\program files\acceleration software\anti-virus\spy_activity-tracker_com.cnr
c:\program files\acceleration software\anti-virus\spy_activity-tracker_com_.cnr
c:\program files\acceleration software\anti-virus\spy_addictive_technologies_atpartners.cnr
c:\program files\acceleration software\anti-virus\spy_adghost_startsurfing.cnr
c:\program files\acceleration software\anti-virus\spy_adintelligence_2nd-thought.cnr
c:\program files\acceleration software\anti-virus\spy_adroar.cnr
c:\program files\acceleration software\anti-virus\spy_adrotator_enhanced_browser_overlay.cnr
c:\program files\acceleration software\anti-virus\spy_adrotator_icons.cnr
c:\program files\acceleration software\anti-virus\spy_adservs_com_command.cnr
c:\program files\acceleration software\anti-virus\spy_adspyre_midaddle.cnr
c:\program files\acceleration software\anti-virus\spy_ae_covert_operation_monitor.cnr
c:\program files\acceleration software\anti-virus\spy_alexa_internet_alexa_toolbar.cnr
c:\program files\acceleration software\anti-virus\spy_all-in-one_telcom.cnr
c:\program files\acceleration software\anti-virus\spy_alpine_snow_desktop_spy.cnr
c:\program files\acceleration software\anti-virus\spy_alpine_snow_save_keys.cnr
c:\program files\acceleration software\anti-virus\spy_alset_helpexpress.cnr
c:\program files\acceleration software\anti-virus\spy_antispywarebox_com.cnr
c:\program files\acceleration software\anti-virus\spy_antispyware_soldier.cnr
c:\program files\acceleration software\anti-virus\spy_antispyzone.cnr
c:\program files\acceleration software\anti-virus\spy_antivermin.cnr
c:\program files\acceleration software\anti-virus\spy_antivirus_golden.cnr
c:\program files\acceleration software\anti-virus\spy_appswebservice_com_search_assistant.cnr
c:\program files\acceleration software\anti-virus\spy_apropos_media_autoupdate.cnr
c:\program files\acceleration software\anti-virus\spy_apropos_media_client.cnr
c:\program files\acceleration software\anti-virus\spy_apropos_media_context_plus.cnr
c:\program files\acceleration software\anti-virus\spy_apropos_media_peopleonpage.cnr
c:\program files\acceleration software\anti-virus\spy_ardamax_keylogger.cnr
c:\program files\acceleration software\anti-virus\spy_athoc_toolbar.cnr
c:\program files\acceleration software\anti-virus\spy_aureate.cnr
c:\program files\acceleration software\anti-virus\spy_avenue_media_internet-optimizer.cnr
c:\program files\acceleration software\anti-virus\spy_a_better_internet.cnr
c:\program files\acceleration software\anti-virus\spy_a_value_systems_mom.cnr
c:\program files\acceleration software\anti-virus\spy_backdoor_birose_a.cnr
c:\program files\acceleration software\anti-virus\spy_backdoor_bulknet_a1a.cnr
c:\program files\acceleration software\anti-virus\spy_backdoor_bulknet_hide.cnr
c:\program files\acceleration software\anti-virus\spy_backdoor_errorhandler.cnr
c:\program files\acceleration software\anti-virus\spy_backdoor_generic_1570.cnr
c:\program files\acceleration software\anti-virus\spy_backdoor_irc_hackbot.cnr
c:\program files\acceleration software\anti-virus\spy_backdoor_irc_sdbot_1272832.cnr
c:\program files\acceleration software\anti-virus\spy_backdoor_irc_sdbot_795.cnr
c:\program files\acceleration software\anti-virus\spy_backdoor_petribot_1.cnr
c:\program files\acceleration software\anti-virus\spy_backdoor_probe_109101.cnr
c:\program files\acceleration software\anti-virus\spy_backdoor_sdbot_777.cnr
c:\program files\acceleration software\anti-virus\spy_backdoor_sdbot_terminals.cnr
c:\program files\acceleration software\anti-virus\spy_backdoor_uragan.cnr
c:\program files\acceleration software\anti-virus\spy_backdoor_yamu.cnr
c:\program files\acceleration software\anti-virus\spy_badboykilla_hack99_keylogger.cnr
c:\program files\acceleration software\anti-virus\spy_bar888.cnr
c:\program files\acceleration software\anti-virus\spy_bc_computing_win-spy.cnr
c:\program files\acceleration software\anti-virus\spy_best-search_us_megasearch.cnr
c:\program files\acceleration software\anti-virus\spy_bitlogic_desktop_detective_2000.cnr
c:\program files\acceleration software\anti-virus\spy_blue_tide_software_surf_sidekick.cnr
c:\program files\acceleration software\anti-virus\spy_bobworkz_hellz_little_spy.cnr
c:\program files\acceleration software\anti-virus\spy_bonut_com_hpdll.cnr
c:\program files\acceleration software\anti-virus\spy_bonzi_com_bonzibuddy.cnr
c:\program files\acceleration software\anti-virus\spy_bookedspace.cnr
c:\program files\acceleration software\anti-virus\spy_bookmarkexpress.cnr
c:\program files\acceleration software\anti-virus\spy_bps_spyware-adware_remover.cnr
c:\program files\acceleration software\anti-virus\spy_brilliant_digital_entertainment.cnr
c:\program files\acceleration software\anti-virus\spy_broadcastpc_2_0.cnr
c:\program files\acceleration software\anti-virus\spy_broderbund_dssagent.cnr
c:\program files\acceleration software\anti-virus\spy_browseraid_abcsearch.cnr
c:\program files\acceleration software\anti-virus\spy_browseraid_browserpal.cnr
c:\program files\acceleration software\anti-virus\spy_browseraid_cashtoolbar.cnr
c:\program files\acceleration software\anti-virus\spy_browseraid_featuredresults.cnr
c:\program files\acceleration software\anti-virus\spy_browseraid_letssearch.cnr
c:\program files\acceleration software\anti-virus\spy_browseraid_pstopper.cnr
c:\program files\acceleration software\anti-virus\spy_browseraid_quicklaunch.cnr
c:\program files\acceleration software\anti-virus\spy_browseraid_rundll16.cnr
c:\program files\acceleration software\anti-virus\spy_bulla_ie_plugin.cnr
c:\program files\acceleration software\anti-virus\spy_cashsurfers_donationtree_shopper.cnr
c:\program files\acceleration software\anti-virus\spy_cashsurfer_cashbar.cnr
c:\program files\acceleration software\anti-virus\spy_claria_dashbar.cnr
c:\program files\acceleration software\anti-virus\spy_claria_date_manager.cnr
c:\program files\acceleration software\anti-virus\spy_claria_ewallet.cnr
c:\program files\acceleration software\anti-virus\spy_claria_precision_time.cnr
c:\program files\acceleration software\anti-virus\spy_claria_trickler.cnr
c:\program files\acceleration software\anti-virus\spy_claria_weatherscope.cnr
c:\program files\acceleration software\anti-virus\spy_claria_web_secure_alert.cnr
c:\program files\acceleration software\anti-virus\spy_clear_search_address_bar.cnr
c:\program files\acceleration software\anti-virus\spy_clickspring_outerinfo_networks.cnr
c:\program files\acceleration software\anti-virus\spy_clickspring_purityscan.cnr
c:\program files\acceleration software\anti-virus\spy_clickthebutton.cnr
c:\program files\acceleration software\anti-virus\spy_clicktilluwin.cnr
c:\program files\acceleration software\anti-virus\spy_coding_workshop_codename_alvin.cnr
c:\program files\acceleration software\anti-virus\spy_coding_workshop_codename_alwin.cnr
c:\program files\acceleration software\anti-virus\spy_comet_systems_comet_cursor.cnr
c:\program files\acceleration software\anti-virus\spy_commonname.cnr
c:\program files\acceleration software\anti-virus\spy_comodo_trusttoolbar.cnr
c:\program files\acceleration software\anti-virus\spy_comscore_networks_marketscore.cnr
c:\program files\acceleration software\anti-virus\spy_conducent_timesink.cnr
c:\program files\acceleration software\anti-virus\spy_contraviruspro.cnr
c:\program files\acceleration software\anti-virus\spy_coolspot_ag_x-diver.cnr
c:\program files\acceleration software\anti-virus\spy_costasoft_download_plus.cnr
c:\program files\acceleration software\anti-virus\spy_coulomb_comload.cnr
c:\program files\acceleration software\anti-virus\spy_cpm_media_freescratchandwin.cnr
c:\program files\acceleration software\anti-virus\spy_crystalys_media_limited_crystalys_media_internet_assistant.cnr
c:\program files\acceleration software\anti-virus\spy_custom_browser_custom_toolbar.cnr
c:\program files\acceleration software\anti-virus\spy_cydoor_technologies_cydoor_desktop_media.cnr
c:\program files\acceleration software\anti-virus\spy_cytron_targetingsource.cnr
c:\program files\acceleration software\anti-virus\spy_dawn_of_time_inc_search-exe_com.cnr
c:\program files\acceleration software\anti-virus\spy_deal_helper_time_sync.cnr
c:\program files\acceleration software\anti-virus\spy_deal_helper_web_driver.cnr
c:\program files\acceleration software\anti-virus\spy_deep_software_activity_logger.cnr
c:\program files\acceleration software\anti-virus\spy_deep_software_activity_monitor.cnr
c:\program files\acceleration software\anti-virus\spy_delfin_project_delfin_media_viewer.cnr
c:\program files\acceleration software\anti-virus\spy_delfin_project_display_utility.cnr
c:\program files\acceleration software\anti-virus\spy_delfin_project_savingshound.cnr
c:\program files\acceleration software\anti-virus\spy_derbiz_com_dbaccess.cnr
c:\program files\acceleration software\anti-virus\spy_deskbar.cnr
c:\program files\acceleration software\anti-virus\spy_digital_starfish_mixlister.cnr
c:\program files\acceleration software\anti-virus\spy_diplodock_keyboard_guardian.cnr
c:\program files\acceleration software\anti-virus\spy_diplodock_system_spy.cnr
c:\program files\acceleration software\anti-virus\spy_direct_revenue_best_offers_networks.cnr
c:\program files\acceleration software\anti-virus\spy_dollarrevenue.cnr
c:\program files\acceleration software\anti-virus\spy_drantispy.cnr
c:\program files\acceleration software\anti-virus\spy_drivecleaner.cnr
c:\program files\acceleration software\anti-virus\spy_e-ventures_rapidblaster.cnr
c:\program files\acceleration software\anti-virus\spy_e2give_plug-in.cnr
c:\program files\acceleration software\anti-virus\spy_ebates_moe_money_maker.cnr
c:\program files\acceleration software\anti-virus\spy_ecommerce_dialer.cnr
c:\program files\acceleration software\anti-virus\spy_effective-i_ucmore.cnr
c:\program files\acceleration software\anti-virus\spy_elite_toolbar.cnr
c:\program files\acceleration software\anti-virus\spy_enbrowser.cnr
c:\program files\acceleration software\anti-virus\spy_enconfidence_my_daily_horoscope.cnr
c:\program files\acceleration software\anti-virus\spy_enhancemysearch_helper101.cnr
c:\program files\acceleration software\anti-virus\spy_eqadvice.cnr
c:\program files\acceleration software\anti-virus\spy_errorsafe.cnr
c:\program files\acceleration software\anti-virus\spy_esd_technologies_inetspeak.cnr
c:\program files\acceleration software\anti-virus\spy_estart_startec.cnr
c:\program files\acceleration software\anti-virus\spy_everad.cnr
c:\program files\acceleration software\anti-virus\spy_exact_advertising_bargain_buddy.cnr
c:\program files\acceleration software\anti-virus\spy_exact_advertising_exact_searchbar.cnr
c:\program files\acceleration software\anti-virus\spy_ezcybersearch_ez_searchbar.cnr
c:\program files\acceleration software\anti-virus\spy_ezula_toptext_ilookup.cnr
c:\program files\acceleration software\anti-virus\spy_ezula_web_offer.cnr
c:\program files\acceleration software\anti-virus\spy_e_spy_software_007_spy_software.cnr
c:\program files\acceleration software\anti-virus\spy_fairdialer_dialer.cnr
c:\program files\acceleration software\anti-virus\spy_fake_dns_codec.cnr
c:\program files\acceleration software\anti-virus\spy_findthewebsiteyouneed_searchbar.cnr
c:\program files\acceleration software\anti-virus\spy_findwhatevernow_toolbar.cnr
c:\program files\acceleration software\anti-virus\spy_fkware_sysmon_system_monitor.cnr
c:\program files\acceleration software\anti-virus\spy_flyswat_websearch.cnr
c:\program files\acceleration software\anti-virus\spy_freeprod_toolbar.cnr
c:\program files\acceleration software\anti-virus\spy_free_scratch_and_win.cnr
c:\program files\acceleration software\anti-virus\spy_fullcontext_pshope.cnr
c:\program files\acceleration software\anti-virus\spy_gigatech_superbar.cnr
c:\program files\acceleration software\anti-virus\spy_global_patrol_etherscout.cnr
c:\program files\acceleration software\anti-virus\spy_global_patrol_webscout.cnr
c:\program files\acceleration software\anti-virus\spy_gocybersearch.cnr
c:\program files\acceleration software\anti-virus\spy_gohip_freevideo.cnr
c:\program files\acceleration software\anti-virus\spy_haczyk_dialer.cnr
c:\program files\acceleration software\anti-virus\spy_halex_online_dialer.cnr
c:\program files\acceleration software\anti-virus\spy_harmony_hollow_favsearch.cnr
c:\program files\acceleration software\anti-virus\spy_high_rollers_club_casino.cnr
c:\program files\acceleration software\anti-virus\spy_hotbar_outlook_tools.cnr
c:\program files\acceleration software\anti-virus\spy_hotoffers.cnr
c:\program files\acceleration software\anti-virus\spy_huy-search_info.cnr
c:\program files\acceleration software\anti-virus\spy_iccee_com_cmapp_websearch.cnr
c:\program files\acceleration software\anti-virus\spy_igetnet_ign_keyword.cnr
c:\program files\acceleration software\anti-virus\spy_imiserver_ie_plugin.cnr
c:\program files\acceleration software\anti-virus\spy_index_se_msn_dll.cnr
c:\program files\acceleration software\anti-virus\spy_inet-traffic_inet_delivery.cnr
c:\program files\acceleration software\anti-virus\spy_innovagest2000_s_l__alfacleaner.cnr
c:\program files\acceleration software\anti-virus\spy_integrated_search_technologies_istbar.cnr
c:\program files\acceleration software\anti-virus\spy_integrated_search_technologies_power_scan.cnr
c:\program files\acceleration software\anti-virus\spy_integrated_search_technologies_sidefind.cnr
c:\program files\acceleration software\anti-virus\spy_integrated_search_technologies_yoursitebar.cnr
c:\program files\acceleration software\anti-virus\spy_integrated_ventures_the_communicator.cnr
c:\program files\acceleration software\anti-virus\spy_intercort_systems_downloadware.cnr
c:\program files\acceleration software\anti-virus\spy_intermix_media_wotch.cnr
c:\program files\acceleration software\anti-virus\spy_internet_safety_software_iambigbrother.cnr
c:\program files\acceleration software\anti-virus\spy_invisible_keylogger_stealth_key_logger.cnr
c:\program files\acceleration software\anti-virus\spy_ipwindows.cnr
c:\program files\acceleration software\anti-virus\spy_isearch_desktop_search.cnr
c:\program files\acceleration software\anti-virus\spy_iwon_toolbar.cnr
c:\program files\acceleration software\anti-virus\spy_k8l_info.cnr
c:\program files\acceleration software\anti-virus\spy_kalptaru_infotech_windows_sr_2_0.cnr
c:\program files\acceleration software\anti-virus\spy_keramitsu_llc_spywarestrike.cnr
c:\program files\acceleration software\anti-virus\spy_kill_and_clean.cnr
c:\program files\acceleration software\anti-virus\spy_kmint21_software_personal_desktop_spy.cnr
c:\program files\acceleration software\anti-virus\spy_lastbit_software_absolute_key_logger.cnr
c:\program files\acceleration software\anti-virus\spy_linar_software_xbox_emulator.cnr
c:\program files\acceleration software\anti-virus\spy_lions_pride_enterprises_twistedhumor.cnr
c:\program files\acceleration software\anti-virus\spy_lycos_sidesearch.cnr
c:\program files\acceleration software\anti-virus\spy_mainpean_stardialer.cnr
c:\program files\acceleration software\anti-virus\spy_makemesearch_search_toolbar.cnr
c:\program files\acceleration software\anti-virus\spy_malwarealarm.cnr
c:\program files\acceleration software\anti-virus\spy_malwarewiped.cnr
c:\program files\acceleration software\anti-virus\spy_manila_industries_quicklinks.cnr
c:\program files\acceleration software\anti-virus\spy_marsfind_com_httper.cnr
c:\program files\acceleration software\anti-virus\spy_maui_media_llc_adcom.cnr
c:\program files\acceleration software\anti-virus\spy_maxifiles_dns.cnr
c:\program files\acceleration software\anti-virus\spy_maxifiles_inetget.cnr
c:\program files\acceleration software\anti-virus\spy_mbkwbar_ietoolbar.cnr
c:\program files\acceleration software\anti-virus\spy_mdsa_sentinel.cnr
c:\program files\acceleration software\anti-virus\spy_media-motor_joystick_networks.cnr
c:\program files\acceleration software\anti-virus\spy_mediainject_micore.cnr
c:\program files\acceleration software\anti-virus\spy_media_tickets.cnr
c:\program files\acceleration software\anti-virus\spy_mfc_retrieve.cnr
c:\program files\acceleration software\anti-virus\spy_microsmarts_enterprise_showbehind.cnr
c:\program files\acceleration software\anti-virus\spy_mikko_technology_screen_logger.cnr
c:\program files\acceleration software\anti-virus\spy_mindset_interactive_favoriteman.cnr
c:\program files\acceleration software\anti-virus\spy_mindset_interactive_ipinsight.cnr
c:\program files\acceleration software\anti-virus\spy_mindset_interactive_netpal.cnr
c:\program files\acceleration software\anti-virus\spy_mindset_interactive_transponder.cnr
c:\program files\acceleration software\anti-virus\spy_mirar_toolbar.cnr
c:\program files\acceleration software\anti-virus\spy_modification_of_trojan_packed_2.cnr
c:\program files\acceleration software\anti-virus\spy_mraskalot_com_forethought.cnr
c:\program files\acceleration software\anti-virus\spy_mworld_holdings_ltd_zipclix.cnr
c:\program files\acceleration software\anti-virus\spy_mx-target_twain_tech.cnr
c:\program files\acceleration software\anti-virus\spy_myvod_inc_weird_on_the_web.cnr
c:\program files\acceleration software\anti-virus\spy_my_way_searchbar.cnr
c:\program files\acceleration software\anti-virus\spy_my_way_speedbar.cnr
c:\program files\acceleration software\anti-virus\spy_natasoft_intraspy.cnr
c:\program files\acceleration software\anti-virus\spy_need2find_bar.cnr
c:\program files\acceleration software\anti-virus\spy_nelroy_ltd_the_spy_guard.cnr
c:\program files\acceleration software\anti-virus\spy_nethunter_group_probot.cnr
c:\program files\acceleration software\anti-virus\spy_netsonic_web3000.cnr
c:\program files\acceleration software\anti-virus\spy_netster_smart_browse_toolbar.cnr
c:\program files\acceleration software\anti-virus\spy_newads1_com_tspd.cnr
c:\program files\acceleration software\anti-virus\spy_new_media_properties_searchsquire.cnr
c:\program files\acceleration software\anti-virus\spy_nictech_networks_look2me.cnr
c:\program files\acceleration software\anti-virus\spy_njstar_asian_explorer.cnr
c:\program files\acceleration software\anti-virus\spy_ntsecurity_klogger.cnr
c:\program files\acceleration software\anti-virus\spy_numb-soft_com_software.cnr
c:\program files\acceleration software\anti-virus\spy_odisolf_solutions_appstraka.cnr
c:\program files\acceleration software\anti-virus\spy_odysseus_marketing_clientman.cnr
c:\program files\acceleration software\anti-virus\spy_onflow.cnr
c:\program files\acceleration software\anti-virus\spy_outer_info_networks_media_tickets.cnr
c:\program files\acceleration software\anti-virus\spy_oversee_searchandbrowse.cnr
c:\program files\acceleration software\anti-virus\spy_panelpartners_opinionbar.cnr
c:\program files\acceleration software\anti-virus\spy_pave_blue_consumer_alert_system.cnr
c:\program files\acceleration software\anti-virus\spy_pc_spy_123_xpc_spy.cnr
c:\program files\acceleration software\anti-virus\spy_pc_weasel.cnr
c:\program files\acceleration software\anti-virus\spy_pearl_software_cyber_snoop_desktop.cnr
c:\program files\acceleration software\anti-virus\spy_permission_media_friendgreetings.cnr
c:\program files\acceleration software\anti-virus\spy_pestcapture.cnr
c:\program files\acceleration software\anti-virus\spy_pesttrap.cnr
c:\program files\acceleration software\anti-virus\spy_popup_network_popup_notes.cnr
c:\program files\acceleration software\anti-virus\spy_positive_commerce_ltd_bravesentry.cnr
c:\program files\acceleration software\anti-virus\spy_radlight_media_player.cnr
c:\program files\acceleration software\anti-virus\spy_ramdud.cnr
c:\program files\acceleration software\anti-virus\spy_razor_media_dailywinner.cnr
c:\program files\acceleration software\anti-virus\spy_rebate_nation.cnr
c:\program files\acceleration software\anti-virus\spy_redv_easyinstall.cnr
c:\program files\acceleration software\anti-virus\spy_redv_popupprotector.cnr
c:\program files\acceleration software\anti-virus\spy_relevantknowledge.cnr
c:\program files\acceleration software\anti-virus\spy_riviera_gold_casino.cnr
c:\program files\acceleration software\anti-virus\spy_safenet_corp_internet_activity_monitor.cnr
c:\program files\acceleration software\anti-virus\spy_search-control_com_search_toolbar.cnr
c:\program files\acceleration software\anti-virus\spy_searchex_hotlink.cnr
c:\program files\acceleration software\anti-virus\spy_searching4u_toolbar.cnr
c:\program files\acceleration software\anti-virus\spy_search_for_it.cnr
c:\program files\acceleration software\anti-virus\spy_search_it_toolbar.cnr
c:\program files\acceleration software\anti-virus\spy_secureservicepack.cnr
c:\program files\acceleration software\anti-virus\spy_secure_computer_spyware_cleaner.cnr
c:\program files\acceleration software\anti-virus\spy_security_toolbar.cnr
c:\program files\acceleration software\anti-virus\spy_seekseek_slmss.cnr
c:\program files\acceleration software\anti-virus\spy_segobit_software_actions_monitor.cnr
c:\program files\acceleration software\anti-virus\spy_shelron_group_active_shopper.cnr
c:\program files\acceleration software\anti-virus\spy_shopnav.cnr
c:\program files\acceleration software\anti-virus\spy_shop_at_home_select_sah_agent.cnr
c:\program files\acceleration software\anti-virus\spy_sidestep_toolbar.cnr
c:\program files\acceleration software\anti-virus\spy_simplenter_com_universal_ie_toolbar.cnr
c:\program files\acceleration software\anti-virus\spy_sirsearch_powersearch_toolbar.cnr
c:\program files\acceleration software\anti-virus\spy_smartpops_network_essentials.cnr
c:\program files\acceleration software\anti-virus\spy_smartpops_recommended_hotfix.cnr
c:\program files\acceleration software\anti-virus\spy_sm_lab_spy_keylogger.cnr
c:\program files\acceleration software\anti-virus\spy_sony_bmg_rootkit.cnr
c:\program files\acceleration software\anti-virus\spy_speedbit_download_accelerator_plus.cnr
c:\program files\acceleration software\anti-virus\spy_spyarsenal_com_home_keylogger.cnr
c:\program files\acceleration software\anti-virus\spy_spyaxe.cnr
c:\program files\acceleration software\anti-virus\spy_spycrush.cnr
c:\program files\acceleration software\anti-virus\spy_spydawn.cnr
c:\program files\acceleration software\anti-virus\spy_spylocked.cnr
c:\program files\acceleration software\anti-virus\spy_spymarshal.cnr
c:\program files\acceleration software\anti-virus\spy_spyshredder.cnr
c:\program files\acceleration software\anti-virus\spy_spytech_software_and_design_spyagent.cnr
c:\program files\acceleration software\anti-virus\spy_spytech_software_and_design_spyanywhere.cnr
c:\program files\acceleration software\anti-virus\spy_spywareheal.cnr
c:\program files\acceleration software\anti-virus\spy_spywarequake.cnr
c:\program files\acceleration software\anti-virus\spy_spyware_labs_ad_destroyer.cnr
c:\program files\acceleration software\anti-virus\spy_spyware_labs_virtual_bouncer.cnr
c:\program files\acceleration software\anti-virus\spy_ss_development_spysheriff_desktop_hijacker.cnr
c:\program files\acceleration software\anti-virus\spy_ss_development_spytrooper.cnr
c:\program files\acceleration software\anti-virus\spy_starware_toolbar.cnr
c:\program files\acceleration software\anti-virus\spy_stratex_international_unspypc.cnr
c:\program files\acceleration software\anti-virus\spy_sunshine_ltd_spyaxe.cnr
c:\program files\acceleration software\anti-virus\spy_sunshine_ltd_spyfalcon.cnr
c:\program files\acceleration software\anti-virus\spy_sureshot_surfing_spy.cnr
c:\program files\acceleration software\anti-virus\spy_sureshot_windows_spy.cnr
c:\program files\acceleration software\anti-virus\spy_surfaccuracy.cnr
c:\program files\acceleration software\anti-virus\spy_surfrbar_toolbar.cnr
c:\program files\acceleration software\anti-virus\spy_sysprotect.cnr
c:\program files\acceleration software\anti-virus\spy_system1060.cnr
c:\program files\acceleration software\anti-virus\spy_system_doctor.cnr
c:\program files\acceleration software\anti-virus\spy_system_soap_pro.cnr
c:\program files\acceleration software\anti-virus\spy_tagasaurus.cnr
c:\program files\acceleration software\anti-virus\spy_talyasoft_informer.cnr
c:\program files\acceleration software\anti-virus\spy_targetsaver.cnr
c:\program files\acceleration software\anti-virus\spy_targit_gratisware.cnr
c:\program files\acceleration software\anti-virus\spy_tech-critic_msn_messenger_polygamy.cnr
c:\program files\acceleration software\anti-virus\spy_teknum_systems.cnr
c:\program files\acceleration software\anti-virus\spy_tenebril_keycorder.cnr
c:\program files\acceleration software\anti-virus\spy_the_brickner_group_flashtalk.cnr
c:\program files\acceleration software\anti-virus\spy_thunderdownloads_keenvalue.cnr
c:\program files\acceleration software\anti-virus\spy_tibs_systems_premium_rate_internet_dialer.cnr
c:\program files\acceleration software\anti-virus\spy_tibs_systems_premuim_rate_internet_dialer.cnr
c:\program files\acceleration software\anti-virus\spy_tintel_bv.cnr
c:\program files\acceleration software\anti-virus\spy_toolbar888.cnr
c:\program files\acceleration software\anti-virus\spy_topsites_us.cnr
c:\program files\acceleration software\anti-virus\spy_top_moxie_coupons_and_offers.cnr
c:\program files\acceleration software\anti-virus\spy_top_moxie_mypoints_pointalert.cnr
c:\program files\acceleration software\anti-virus\spy_top_rebates_web_rebates.cnr
c:\program files\acceleration software\anti-virus\spy_total_velocity_memory_meter.cnr
c:\program files\acceleration software\anti-virus\spy_total_velocity_tv_media.cnr
c:\program files\acceleration software\anti-virus\spy_totem_media_totem_shared.cnr
c:\program files\acceleration software\anti-virus\spy_trade_news_adultlinks.cnr
c:\program files\acceleration software\anti-virus\spy_trafficadvance_net_dialer.cnr
c:\program files\acceleration software\anti-virus\spy_trojan-spy_html_smitfraud_c.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_backdoor_finog.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_backdoor_vibdo.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_brontok_kr.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_chod.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_click_2085_asx.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_downloader_11356.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_downloader_11357.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_downloader_11358.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_downloader_12166.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_downloader_14523.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_downloader_17817.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_downloader_19797.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_downloader_2674.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_downloader_344.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_downloader_4798.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_downloader_5401.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_downloader_6186.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_downloader_6296.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_downloader_9064.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_downloader_aarz.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_downloader_agent_8704_9.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_downloader_agent_blzbub_4.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_downloader_agent_grum_p.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_downloader_conhook_ai.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_downloader_goldun_behav_010.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_downloader_hippygone_generic_130.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_downloader_navi_a.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_downloader_small_ebr.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_downloader_small_ekr.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_downloader_vb_arf.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_durvil.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_durvil_b.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_emailspy.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_googlefake.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_grub_r.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_kill_fd.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_mespam.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_muldrop_5450.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_muldrop_70565.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_muldrop_agent_rm.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_netax_afd.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_palkon.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_peed.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_popuper.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_proxy_1154.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_proxy_811.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_proxy_jbp.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_pws_bludit.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_pws_explorerhijack.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_pws_frethog.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_pws_gamania.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_pws_gamejack.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_pws_micro.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_pws_poptang.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_pws_poptcap.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_pws_poptit.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_pws_tanspy.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_pws_tanspy_az.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_pws_tanspy_fl.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_pws_wsgame_a.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_pws_wsgame_b.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_pws_wsgame_c.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_qhost.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_starter_81.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_startpage_38400.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_systemposer.cnr
c:\program files\acceleration software\anti-virus\spy_trojan_wowstealer.cnr
c:\program files\acceleration software\anti-virus\spy_tropical_software_winvestigator.cnr
c:\program files\acceleration software\anti-virus\spy_trueactive_software_monitor.cnr
c:\program files\acceleration software\anti-virus\spy_tsm-soft_spycapture.cnr
c:\program files\acceleration software\anti-virus\spy_ultimate_defender.cnr
c:\program files\acceleration software\anti-virus\spy_ultimate_popup_killer.cnr
c:\program files\acceleration software\anti-virus\spy_upc.cnr
c:\program files\acceleration software\anti-virus\spy_updsys_windows_visfx_components.cnr
c:\program files\acceleration software\anti-virus\spy_upnet_search_relevancy.cnr
c:\program files\acceleration software\anti-virus\spy_urlblaze_client.cnr
c:\program files\acceleration software\anti-virus\spy_urlblaze_turbo_download.cnr
c:\program files\acceleration software\anti-virus\spy_vaap_salus.cnr
c:\program files\acceleration software\anti-virus\spy_vcclient.cnr
c:\program files\acceleration software\anti-virus\spy_vflash_nowbox.cnr
c:\program files\acceleration software\anti-virus\spy_virtumondo_newtonknows.cnr
c:\program files\acceleration software\anti-virus\spy_virus-burst.cnr
c:\program files\acceleration software\anti-virus\spy_virusprotectpro.cnr
c:\program files\acceleration software\anti-virus\spy_vista_interactive_instafinder.cnr
c:\program files\acceleration software\anti-virus\spy_vista_interactive_rxtoolbar.cnr
c:\program files\acceleration software\anti-virus\spy_walnut_ventures_2020search_toolbar.cnr
c:\program files\acceleration software\anti-virus\spy_walnut_ventures_searchbasket.cnr
c:\program files\acceleration software\anti-virus\spy_wazam_toolbar.cnr
c:\program files\acceleration software\anti-virus\spy_wdwctrl.cnr
c:\program files\acceleration software\anti-virus\spy_webhancer_corp_webhancer_customer_companion.cnr
c:\program files\acceleration software\anti-virus\spy_webinstall_dialer.cnr
c:\program files\acceleration software\anti-virus\spy_webroot_winguardian.cnr
c:\program files\acceleration software\anti-virus\spy_websearch_toolbar.cnr
c:\program files\acceleration software\anti-virus\spy_websearch_wintools.cnr
c:\program files\acceleration software\anti-virus\spy_web_buying.cnr
c:\program files\acceleration software\anti-virus\spy_web_nexus_network.cnr
c:\program files\acceleration software\anti-virus\spy_western_software_group_netzany.cnr
c:\program files\acceleration software\anti-virus\spy_west_frontier_holdings_bho_dll.cnr
c:\program files\acceleration software\anti-virus\spy_west_frontier_holdings_bigtrafficnetwork_com.cnr
c:\program files\acceleration software\anti-virus\spy_west_frontier_holdings_pshow.cnr
c:\program files\acceleration software\anti-virus\spy_whenu_browser_toolbar.cnr
c:\program files\acceleration software\anti-virus\spy_whenu_clocksync.cnr
c:\program files\acceleration software\anti-virus\spy_whenu_desktop_search.cnr
c:\program files\acceleration software\anti-virus\spy_whenu_pricebandit_toolbar.cnr
c:\program files\acceleration software\anti-virus\spy_whenu_save_now.cnr
c:\program files\acceleration software\anti-virus\spy_whenu_sidefinder.cnr
c:\program files\acceleration software\anti-virus\spy_whenu_weathercast.cnr
c:\program files\acceleration software\anti-virus\spy_win32_fontra_c.cnr
c:\program files\acceleration software\anti-virus\spy_win32_hllm_brontok.cnr
c:\program files\acceleration software\anti-virus\spy_win32_hllm_brontok_br.cnr
c:\program files\acceleration software\anti-virus\spy_win32_hllm_buzz_warezov.cnr
c:\program files\acceleration software\anti-virus\spy_win32_hllm_krepper_s.cnr
c:\program files\acceleration software\anti-virus\spy_win32_hllm_krepper_v.cnr
c:\program files\acceleration software\anti-virus\spy_win32_hllm_limar.cnr
c:\program files\acceleration software\anti-virus\spy_win32_hllm_limar_bean.cnr
c:\program files\acceleration software\anti-virus\spy_win32_hllm_perf.cnr
c:\program files\acceleration software\anti-virus\spy_win32_hllm_perf_based.cnr
c:\program files\acceleration software\anti-virus\spy_win32_hllm_perf_based_r.cnr
c:\program files\acceleration software\anti-virus\spy_win32_hllm_perf_r.cnr
c:\program files\acceleration software\anti-virus\spy_win32_hllm_stration_agent.cnr
c:\program files\acceleration software\anti-virus\spy_win32_hllw_autoruner.cnr
c:\program files\acceleration software\anti-virus\spy_win32_hllw_mybot.cnr
c:\program files\acceleration software\anti-virus\spy_winantispyware.cnr
c:\program files\acceleration software\anti-virus\spy_winantivirus_pro.cnr
c:\program files\acceleration software\anti-virus\spy_windows_afa_internet_enhancement.cnr
c:\program files\acceleration software\anti-virus\spy_windows_overlay_components.cnr
c:\program files\acceleration software\anti-virus\spy_wind_updates_media_gateway.cnr
c:\program files\acceleration software\anti-virus\spy_wind_updates_windows_controlad.cnr
c:\program files\acceleration software\anti-virus\spy_winpop.cnr
c:\program files\acceleration software\anti-virus\spy_winsoftware_ltd_winfixer.cnr
c:\program files\acceleration software\anti-virus\spy_winstall_desktop_changer.cnr
c:\program files\acceleration software\anti-virus\spy_wintouch.cnr
c:\program files\acceleration software\anti-virus\spy_wishbone_media_wishbone_toolbar.cnr
c:\program files\acceleration software\anti-virus\spy_wonderland_wonderplus_dialer.cnr
c:\program files\acceleration software\anti-virus\spy_wpc_productions_limited_partypoker.cnr
c:\program files\acceleration software\anti-virus\spy_wurld_media_buyers_port.cnr
c:\program files\acceleration software\anti-virus\spy_xcp_drm_rootkit.cnr
c:\program files\acceleration software\anti-virus\spy_xelerate_spypc.cnr
c:\program files\acceleration software\anti-virus\spy_xxxdial_dialer.cnr
c:\program files\acceleration software\anti-virus\spy_zapspot.cnr
c:\program files\acceleration software\anti-virus\spy_zeno_tecnico_zeno_browser_enhancer.cnr
c:\program files\acceleration software\anti-virus\spy_zestyfind_iconz.cnr
c:\program files\acceleration software\anti-virus\spy_zotob.cnr
c:\program files\acceleration software\anti-virus\spy_zsearch_toolbar.cnr
c:\program files\acceleration software\anti-virus\sr_lp_arrow.gif
c:\program files\acceleration software\anti-virus\sr_lp_caution_sm.gif
c:\program files\acceleration software\anti-virus\sr_lp_curebtn.gif
c:\program files\acceleration software\anti-virus\sscomm_header_logo.gif
c:\program files\acceleration software\anti-virus\sscomm_spacer.gif
c:\program files\acceleration software\anti-virus\sscomm_title_results.gif
c:\program files\acceleration software\anti-virus\ssssmon.dll
c:\program files\acceleration software\anti-virus\ssssmon.mof
c:\program files\acceleration software\anti-virus\sstsmon.dll
c:\program files\acceleration software\anti-virus\sstsmon.mof
c:\program files\acceleration software\anti-virus\ssupload.dll
c:\program files\acceleration software\anti-virus\stopsignav.exe
c:\program files\acceleration software\anti-virus\stops_dlg_header_tl.gif
c:\program files\acceleration software\anti-virus\stops_dlg_header_tm.gif
c:\program files\acceleration software\anti-virus\vclnr.cnr
c:\program files\acceleration software\anti-virus\vclnr.dll
c:\program files\acceleration software\anti-virus\vclnrlog.xml
c:\program files\acceleration software\anti-virus\vclnrun.exe
c:\program files\acceleration software\anti-virus\vir_backdoor_beast.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_brat.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_bulknet.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_bulknet_45.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_dosia.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_eggdrop_1619.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_generic_1273.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_generic_1451.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_generic_267.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_generic_603.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_generic_82.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_gspot.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_hackdef_84.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_hangup_65535.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_irc_sdbot_151.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_irc_sdbot_496.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_irc_sdbot_707.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_irc_sdbot_753.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_irc_sdbot_755.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_irc_sdbot_775.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_iterator.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_jink.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_lala_136.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_lanfilt.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_latinus.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_matrix.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_mosu.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_muska.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_netag.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_netbus.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_netdevil.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_nota.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_oscar.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_pandu.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_pest.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_plain.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_psychward.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_ptakks.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_ptsnoop.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_ra.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_ruller.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_servu.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_snid.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_sparta.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_theef.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_wow.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_xanadu.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_xot.cnr
c:\program files\acceleration software\anti-virus\vir_backdoor_y3krat.cnr
c:\program files\acceleration software\anti-virus\vir_bat_generic_38.cnr
c:\program files\acceleration software\anti-virus\vir_cry_30577.cnr
c:\program files\acceleration software\anti-virus\vir_ddos_slack.cnr
c:\program files\acceleration software\anti-virus\vir_dialer_online.cnr
c:\program files\acceleration software\anti-virus\vir_dialer_riprova.cnr
c:\program files\acceleration software\anti-virus\vir_dialer_silent.cnr
c:\program files\acceleration software\anti-virus\vir_esbot.cnr
c:\program files\acceleration software\anti-virus\vir_exploit_byteverify.cnr
c:\program files\acceleration software\anti-virus\vir_exploit_dialogarg.cnr
c:\program files\acceleration software\anti-virus\vir_exploit_mhtredir.cnr
c:\program files\acceleration software\anti-virus\vir_irc_generic_86.cnr
c:\program files\acceleration software\anti-virus\vir_irc_mimic.cnr
c:\program files\acceleration software\anti-virus\vir_irc_winhelp.cnr
c:\program files\acceleration software\anti-virus\vir_modification_of_backdoor_generic_1373.cnr
c:\program files\acceleration software\anti-virus\vir_modification_of_renegade_1176.cnr
c:\program files\acceleration software\anti-virus\vir_modification_of_trojan_downloader_6144.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_appactxcomp.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_backreg.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_bagzproxy.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_bispy.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_briss.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_checkin.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_classloader.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_click.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_click_1206.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_click_1207.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_click_1209.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_click_1210.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_click_1237.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_click_1360.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_click_1432.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_click_1475.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_click_2085.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_click_2485.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_click_3162.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_click_42.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_click_686.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_click_870.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_cool.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_delwin.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_dicamex.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_dnschange.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_downloader_1035.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_downloader_10919.cnr
c:\program files\acceleration software\anti-virus\vir_trojan_downloader_11051.cnr
c:\program files\a
distinctedge
Regular Member
 
Posts: 17
Joined: September 27th, 2007, 7:00 pm

Unread postby Katana » October 5th, 2007, 9:16 pm

Spy Eraser has had some dubious reviews in the past, and since most of the problems seem to be in c:\program files\acceleration software it looks like it still targets other AV programs.

If Total Scan was relatively clean then at the moment there is not much to worry about.
Remember that we can not guarantee it will stay that way. !!

Be cautious about installing random AntiSpyware programs, some of them cause more problems than they solve.

Download and Run ComboFix
Please delete your copy of ComboFix as it is updated on a regular basis.
Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Panda Scan

Unread postby distinctedge » October 6th, 2007, 12:59 pm

All went well this time. I have discovered that all spyware and antivirus must be off before the Panda run.


Incident Status Location

Virus:Generic Malware Not disinfected C:\current installs\Magic.DVD.Copier.v4.4.2.WinALL.Incl.Keygen-BRD.rar[keygen.exe]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\teif9g5p.default\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/Findwhat Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\teif9g5p.default\cookies.txt[.findwhat.com/]
Spyware:Cookie/Enhance Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\teif9g5p.default\cookies.txt[.enhance.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Netscape\Navigator\Profiles\c93xbf75.default\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Netscape\Navigator\Profiles\c93xbf75.default\cookies.txt[.doubleclick.net/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Netscape\Navigator\Profiles\c93xbf75.default\cookies.txt[.advertising.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Netscape\Navigator\Profiles\c93xbf75.default\cookies.txt[.mediaplex.com/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Netscape\Navigator\Profiles\c93xbf75.default\cookies.txt[.atdmt.com/]
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Netscape\Navigator\Profiles\c93xbf75.default\cookies.txt[.com.com/]
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Netscape\Navigator\Profiles\c93xbf75.default\cookies.txt[.questionmarket.com/]
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Netscape\Navigator\Profiles\c93xbf75.default\cookies.txt[.ads.pointroll.com/]
Spyware:Cookie/Versiontracker Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Netscape\Navigator\Profiles\c93xbf75.default\cookies.txt[.versiontracker.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Netscape\Navigator\Profiles\c93xbf75.default\cookies.txt[.atwola.com/]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Netscape\Navigator\Profiles\c93xbf75.default\cookies.txt[.2o7.net/]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\HP_Administrator\Application Data\Uniblue\SpyEraser\Quarantine\Adware.MediaTickets.o_05_10_2007_17_09_32.asq3340
Virus:Trj/Rebooter.J Disinfected C:\Documents and Settings\HP_Administrator\Application Data\Uniblue\SpyEraser\Quarantine\Surveillance Tool (General Components)_05_10_2007_17_09_24.asq17713
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@2o7[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@atdmt[2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@atwola[1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\HP_Administrator\Cookies\hp_administrator@doubleclick[1].txt
Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\Documents and Settings\HP_Administrator\Desktop\AntiSpyware\Combo fix\ComboFix.exe[nircmd.exe]
Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\Documents and Settings\HP_Administrator\Desktop\AntiSpyware\Combo fix\ComboFix.exe[nircmd.cfexe]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\HP_Administrator\Desktop\SmitfraudFix\Process.exe
Potentially unwanted tool:Application/SuperFast Not disinfected C:\Documents and Settings\HP_Administrator\Desktop\SmitfraudFix\restart.exe
Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\teif9g5p.default\Cache\C2152591d01[nircmd.exe]
Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Mozilla\Firefox\Profiles\teif9g5p.default\Cache\C2152591d01[nircmd.cfexe]
Potentially unwanted tool:Application/KillApp.B Not disinfected C:\hp\bin\KillIt.exe
Virus:Generic Malware Disinfected C:\online installs\DVD Copier\keygen.exe
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\online installs\Nero 8\Nero PhotoShow Express\nero_photoshow_express_5_setup.exe[²ÜÇ\Toolbar.exe]
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\online installs\Nero 8\Toolbar.exe
Potentially unwanted tool:Application/MyWebSearch Not disinfected C:\Program Files\Nero\PhotoShow 5\data\Xtras\nero_photoshow_express_5_setup.exe[²ÜÇ\Toolbar.exe]
Spyware:Spyware/PeoplePC Not disinfected C:\Program Files\Online Services\PeoplePC\ISP5900\Dll\RAS.DLL
Adware:Adware/VideoAccess Not disinfected C:\qoobox\Quarantine\C\Program Files\VideoAccessCodec\Uninstall.exe.vir
Virus:Trj/Agent.GOT Disinfected C:\qoobox\Quarantine\C\WINDOWS\main_uninstaller.exe.vir
Spyware:Cookie/YieldManager Not disinfected C:\RECYCLER\NPROTECT\01816317.MOZ[ad.yieldmanager.com/]
Spyware:Cookie/Findwhat Not disinfected C:\RECYCLER\NPROTECT\01816317.MOZ[.findwhat.com/]
Spyware:Cookie/Enhance Not disinfected C:\RECYCLER\NPROTECT\01816317.MOZ[.enhance.com/]
Spyware:Cookie/YieldManager Not disinfected C:\RECYCLER\NPROTECT\01816703.MOZ[ad.yieldmanager.com/]
Spyware:Cookie/Findwhat Not disinfected C:\RECYCLER\NPROTECT\01816703.MOZ[.findwhat.com/]
Spyware:Cookie/Enhance Not disinfected C:\RECYCLER\NPROTECT\01816703.MOZ[.enhance.com/]
Spyware:Cookie/YieldManager Not disinfected C:\RECYCLER\NPROTECT\01816705.MOZ[ad.yieldmanager.com/]
Spyware:Cookie/Findwhat Not disinfected C:\RECYCLER\NPROTECT\01816705.MOZ[.findwhat.com/]
Spyware:Cookie/Enhance Not disinfected C:\RECYCLER\NPROTECT\01816705.MOZ[.enhance.com/]
Spyware:Cookie/YieldManager Not disinfected C:\RECYCLER\NPROTECT\01816707.MOZ[ad.yieldmanager.com/]
Spyware:Cookie/Findwhat Not disinfected C:\RECYCLER\NPROTECT\01816707.MOZ[.findwhat.com/]
Spyware:Cookie/Enhance Not disinfected C:\RECYCLER\NPROTECT\01816707.MOZ[.enhance.com/]
Spyware:Cookie/YieldManager Not disinfected C:\RECYCLER\NPROTECT\01817306.MOZ[ad.yieldmanager.com/]
Spyware:Cookie/Findwhat Not disinfected C:\RECYCLER\NPROTECT\01817306.MOZ[.findwhat.com/]
Spyware:Cookie/Enhance Not disinfected C:\RECYCLER\NPROTECT\01817306.MOZ[.enhance.com/]
Spyware:Cookie/Advertising Not disinfected C:\RECYCLER\S-1-5-21-2982711081-2778569064-2777351055-1007\Dc1339.txt
Spyware:Cookie/Doubleclick Not disinfected C:\RECYCLER\S-1-5-21-2982711081-2778569064-2777351055-1007\Dc1341.txt
Spyware:Cookie/WebtrendsLive Not disinfected C:\RECYCLER\S-1-5-21-2982711081-2778569064-2777351055-1007\Dc1354.txt
Spyware:Cookie/Zedo Not disinfected C:\RECYCLER\S-1-5-21-2982711081-2778569064-2777351055-1007\Dc1365.txt
Potentially unwanted tool:Application/Processor Not disinfected C:\RECYCLER\S-1-5-21-2982711081-2778569064-2777351055-1007\Dc1545.zip[SmitfraudFix/Process.exe]
Virus:Trj/Rebooter.J Disinfected C:\RECYCLER\S-1-5-21-2982711081-2778569064-2777351055-1007\Dc1545.zip[SmitfraudFix/Reboot.exe]
Potentially unwanted tool:Application/SuperFast Not disinfected C:\RECYCLER\S-1-5-21-2982711081-2778569064-2777351055-1007\Dc1545.zip[SmitfraudFix/restart.exe]
Spyware:Cookie/7search Not disinfected C:\RECYCLER\S-1-5-21-2982711081-2778569064-2777351055-1007\Dc1563.txt
Spyware:Cookie/Atlas DMT Not disinfected C:\RECYCLER\S-1-5-21-2982711081-2778569064-2777351055-1007\Dc1566.txt
Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\RECYCLER\S-1-5-21-2982711081-2778569064-2777351055-1007\Dc1663.exe[nircmd.exe]
Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\WINDOWS\NirCmd.exe
distinctedge
Regular Member
 
Posts: 17
Joined: September 27th, 2007, 7:00 pm

Combo Fix Log

Unread postby distinctedge » October 6th, 2007, 1:02 pm

ComboFix 07-10-06.3 - HP_Administrator 2007-10-05 22:54:37.5 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1281 [GMT -7:00]
Running from: C:\Documents and Settings\HP_Administrator\Desktop\AntiSpyware\Combo fix\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\system
C:\WINDOWS\system32\system\msxml4.dll
C:\WINDOWS\system32\system\msxml4r.dll

.
((((((((((((((((((((((((( Files Created from 2007-09-06 to 2007-10-06 )))))))))))))))))))))))))))))))
.

2007-10-05 09:03 6,902 --a------ C:\WINDOWS\system32\tmp.reg
2007-10-05 09:02 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-10-05 09:02 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2007-10-05 09:02 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-10-05 09:02 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2007-10-05 06:13 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Application Data\eAcceleration
2007-10-05 06:13 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\eAcceleration
2007-10-04 21:51 <DIR> d-------- C:\Documents and Settings\HP_Administrator\.housecall6.6
2007-10-04 20:23 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-10-04 20:04 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2007-10-04 20:04 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Application Data\HouseCall 6.6
2007-10-04 19:39 <DIR> d-------- C:\Program Files\Panda Security
2007-10-04 17:12 <DIR> d-------- C:\Program Files\RegCure
2007-10-04 16:44 <DIR> d-------- C:\Adobe Fireworks CS3
2007-10-04 09:43 <DIR> d-------- C:\WINDOWS\system32\XPSViewer
2007-10-03 21:55 <DIR> d-------- C:\Program Files\Common Files\TiVo Shared
2007-10-03 08:23 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Application Data\Talkback
2007-10-02 22:07 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-10-02 22:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-10-02 16:50 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Roxio
2007-10-02 16:49 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Application Data\Roxio
2007-10-02 16:46 <DIR> d-------- C:\Program Files\InterActual
2007-10-02 16:27 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Roxio
2007-10-02 16:24 <DIR> d-------- C:\Program Files\SmartSound Software
2007-10-02 16:24 <DIR> d-------- C:\Program Files\Common Files\Roxio Shared
2007-10-02 16:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
2007-10-02 16:23 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll
2007-10-02 16:23 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll
2007-10-02 16:23 <DIR> d-------- C:\Program Files\Roxio
2007-10-02 16:22 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2007-10-01 19:42 <DIR> d-------- C:\Intel
2007-10-01 16:38 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Application Data\OpenOffice.org2
2007-10-01 16:23 <DIR> d-------- C:\Program Files\OpenOffice.org 2.3
2007-10-01 16:05 <DIR> d-------- C:\Program Files\uTorrent
2007-10-01 16:05 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Application Data\uTorrent
2007-10-01 09:09 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2007-10-01 00:59 30,592 --------- C:\WINDOWS\system32\drivers\rndismpx.sys
2007-10-01 00:59 12,800 --------- C:\WINDOWS\system32\drivers\usb8023x.sys
2007-10-01 00:58 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WinZip
2007-10-01 00:49 <DIR> d-------- C:\Program Files\Registry Defragmentation
2007-09-30 22:23 88 -r-hs---- C:\WINDOWS\system32\D75EC8DB78.sys
2007-09-30 20:34 74,703 --a------ C:\WINDOWS\system32\mfc45.dll
2007-09-30 18:52 1,030,144 --a------ C:\WINDOWS\system32\dbghelp-xfw.dll
2007-09-30 18:08 56 -r-hs---- C:\WINDOWS\system32\84D98D6F94.sys
2007-09-30 09:24 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\vsosdk
2007-09-30 08:43 <DIR> d-------- C:\Program Files\DVD Decrypter
2007-09-29 22:45 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-09-29 21:18 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Application Data\Publish Providers
2007-09-29 21:15 <DIR> d-------- C:\Program Files\Common Files\xing shared
2007-09-29 20:58 <DIR> d-------- C:\Documents and Settings\HP_Administrator\Application Data\Sony
2007-09-29 20:44 <DIR> d-------- C:\Program Files\Vstplugins
2007-09-29 20:43 <DIR> d-------- C:\Program Files\Sony
2007-09-29 20:37 <DIR> d-------- C:\Program Files\Sony Setup
2007-09-29 20:27 <DIR> d-------- C:\WINDOWS\system32\runtime
2007-09-29 17:31 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll
2007-09-29 17:31 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
2007-09-29 17:31 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll
2007-09-29 17:31 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll
2007-09-29 17:31 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2007-09-29 17:13 82,248 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2007-09-29 17:13 57,672 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2007-09-29 17:13 40,264 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2007-09-29 17:13 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2007-09-29 16:04 6,890 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2007-09-29 14:55 <DIR> d-------- C:\current installs
2007-09-29 14:50 40,960 --a------ C:\WINDOWS\system32\SSubTmr6.dll
2007-09-29 14:22 <DIR> d-------- C:\Program Files\Common Files\Download Manager
2007-09-29 13:49 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2007-09-29 12:36 <DIR> d-------- C:\Program Files\Advanced Registry Doctor
2007-09-29 11:58 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-09-29 11:43 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
2007-09-29 10:59 138,624 --a------ C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
2007-09-29 09:49 8,413 --a------ C:\WINDOWS\system32\drivers\mcstrm.sys
2007-09-29 09:11 23 --ahs---- C:\WINDOWS\system32\adced8_r.dll
2007-09-29 03:53 <DIR> d-------- C:\Program Files\Support Tools
2007-09-29 03:09 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2007-09-29 03:09 94,416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-09-29 03:09 92,848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-09-29 03:09 801,144 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-09-29 03:09 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-09-29 03:09 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-09-29 03:09 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-09-29 03:09 <DIR> d-------- C:\Program Files\Alwil Software
2007-09-29 02:45 60,800 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2007-09-29 02:45 123,952 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-09-29 02:45 <DIR> d-------- C:\Program Files\Norton SystemWorks Basic Edition
2007-09-29 02:06 <DIR> d-------- C:\Program Files\Symantec
2007-09-29 02:06 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2007-09-29 01:17 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2007-09-29 01:17 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2007-09-29 01:13 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
2007-09-29 01:09 96,792 --------- C:\WINDOWS\system32\basecsp.dll
2007-09-29 01:09 84,480 --------- C:\WINDOWS\system32\pintool.exe
2007-09-29 01:09 25,600 --------- C:\WINDOWS\system32\bcsprsrc.dll
2007-09-29 01:09 151,552 --------- C:\WINDOWS\system32\ifxcardm.dll
2007-09-29 01:09 133,120 --------- C:\WINDOWS\system32\axaltocm.dll
2007-09-29 00:28 626,960 -ra------ C:\WINDOWS\system32\hpvaut32.dll
2007-09-29 00:28 487,424 -ra------ C:\WINDOWS\system32\hpvcp70.dll
2007-09-29 00:28 344,064 -ra------ C:\WINDOWS\system32\hpvcr70.dll
2007-09-29 00:27 35,840 --a------ C:\WINDOWS\system32\drivers\AFS2K.SYS

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-05 23:03 --------- d-------- C:\Documents and Settings\HP_Administrator\Application Data\Skype
2007-10-05 21:21 --------- d-------- C:\Program Files\Microsoft ActiveSync
2007-10-05 21:06 --------- d-------- C:\Program Files\DISC
2007-10-05 21:03 --------- d-------- C:\Program Files\Common Files\Symantec Shared
2007-10-05 21:03 --------- d-------- C:\Program Files\Common Files\Sonic Shared
2007-10-05 21:00 --------- d-a------ C:\Program Files\Common Files\LightScribe
2007-10-04 12:34 --------- d-------- C:\Program Files\microsoft frontpage
2007-10-04 09:52 --------- d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-10-03 21:55 --------- d-------- C:\Program Files\Sonic
2007-10-03 21:02 805 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.INF
2007-10-03 21:02 10740 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.CAT
2007-10-03 20:38 --------- d-------- C:\Documents and Settings\All Users\Application Data\CyberLink
2007-10-03 20:35 --------- d-------- C:\Program Files\HP
2007-10-03 20:34 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-10-02 16:31 --------- d-------- C:\Documents and Settings\All Users\Application Data\Sonic
2007-10-02 16:23 --------- d-------- C:\Program Files\Common Files\InstallShield
2007-10-02 12:56 --------- d-------- C:\Program Files\Microsoft Money 2006
2007-10-02 12:30 --------- d-------- C:\Program Files\Microsoft Works
2007-10-02 11:40 --------- d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2007-09-30 20:07 --------- d-------- C:\Program Files\DivX
2007-09-29 21:49 --------- d-------- C:\Program Files\Google
2007-09-29 21:15 --------- d-------- C:\Program Files\Common Files\Real
2007-09-29 13:55 73216 --a------ C:\WINDOWS\ST6UNST.EXE
2007-09-29 13:55 249856 --------- C:\WINDOWS\Setup1.exe
2007-09-29 09:51 --------- d-------- C:\Program Files\Rhapsody
2007-09-29 09:38 --------- d-------- C:\Documents and Settings\HP_Administrator\Application Data\Image Zone Express
2007-09-29 09:30 --------- d-------- C:\Program Files\Netscape
2007-09-29 09:11 --------- d-------- C:\Program Files\Quicken
2007-09-29 02:10 10344 --a------ C:\WINDOWS\system32\drivers\symlcbrd.sys
2007-09-29 00:17 2015 -rahs---- C:\WINDOWS\system32\drivers\103C_HP_CPC_RC643AA-ABA m7667c_YC_0Pavi_QMXF641_E64NAemMPA4_48_IBasswood_SASUSTek Computer INC._V1.05_B3.08_T060918_WXP2_L409_M2047_J300_7Intel_8Core2 6400_92.13_#061217_N168C001B_Z14F12F20_G10DE01DD.MRK
2007-09-24 08:13 --------- d-------- C:\Documents and Settings\HP_Administrator\Application Data\Google
2007-09-24 07:37 --------- d-------- C:\Documents and Settings\All Users\Application Data\Google
2007-09-19 13:26 --------- d-------- C:\Program Files\MSBuild
2007-09-12 21:03 --------- d-------- C:\Documents and Settings\HP_Administrator\Application Data\HP
2007-09-12 20:43 --------- d-------- C:\Documents and Settings\HP_Administrator\Application Data\AdobeUM
2007-09-12 20:24 --------- d-------- C:\Program Files\Windows Live
2007-09-12 20:22 --------- d-------- C:\Program Files\Apple Software Update
2007-09-12 20:22 --------- d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-09-10 19:25 --------- d-------- C:\Program Files\Common Files\Scanner
2007-09-10 10:26 --------- d--h----- C:\Documents and Settings\HP_Administrator\Application Data\yahoo!
2007-09-10 09:42 --------- d-------- C:\Documents and Settings\All Users\Application Data\yahoo!
2007-09-09 18:15 --------- d-------- C:\Program Files\Common Files\Skype
2007-09-08 12:41 --------- d-------- C:\Program Files\Practiline Source Code Line Counter
2007-08-30 00:46 --------- d-------- C:\Documents and Settings\All Users\Application Data\WindowsLiveInstaller
2007-08-30 00:30 --------- d-------- C:\Program Files\MSXML 6.0
2007-08-30 00:27 --------- d-------- C:\Program Files\Reference Assemblies
2007-08-28 12:00 626688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-08-28 12:00 548864 --a------ C:\WINDOWS\system32\msvcp80.dll
2007-08-28 12:00 1101824 --a------ C:\WINDOWS\system32\mfc80.dll
2007-08-28 01:59 8466432 --a------ C:\WINDOWS\system32\nvcpl.dll
2007-08-28 01:59 81920 --a------ C:\WINDOWS\system32\nvwddi.dll
2007-08-28 01:59 81920 --a------ C:\WINDOWS\system32\nvmctray.dll
2007-08-28 01:59 753664 --a------ C:\WINDOWS\system32\nvcplui.exe
2007-08-28 01:59 6811168 --a------ C:\WINDOWS\system32\drivers\nv4_mini.sys
2007-08-28 01:59 6811168 --a------ C:\WINDOWS\system32\dllcache\nv4_mini.sys
2007-08-28 01:59 6729728 --a------ C:\WINDOWS\system32\nvoglnt.dll
2007-08-28 01:59 6234112 --a------ C:\WINDOWS\system32\nvdisps.dll
2007-08-28 01:59 5695104 --a------ C:\WINDOWS\system32\nv4_disp.dll
2007-08-28 01:59 5455872 --a------ C:\WINDOWS\system32\nvdispsr.dll
2007-08-28 01:59 466944 --a------ C:\WINDOWS\system32\nvshell.dll
2007-08-28 01:59 458752 --a------ C:\WINDOWS\system32\nvmccssr.dll
2007-08-28 01:59 442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2007-08-28 01:59 37376 --a------ C:\WINDOWS\system32\nvcodins.dll
2007-08-28 01:59 37376 --a------ C:\WINDOWS\system32\nvcod.dll
2007-08-28 01:59 360448 --a------ C:\WINDOWS\system32\nvapi.dll
2007-08-28 01:59 3600384 --a------ C:\WINDOWS\system32\nvvitvsr.dll
2007-08-28 01:59 356352 --a------ C:\WINDOWS\system32\nvudisp.exe
2007-08-28 01:59 3518464 --a------ C:\WINDOWS\system32\nvvitvs.dll
2007-08-28 01:59 335872 --a------ C:\WINDOWS\system32\nvwrses.dll
2007-08-28 01:59 3321856 --a------ C:\WINDOWS\system32\nvgames.dll
2007-08-28 01:59 327680 --a------ C:\WINDOWS\system32\nvwrsfr.dll
2007-08-28 01:59 327680 --a------ C:\WINDOWS\system32\nvwrsesm.dll
2007-08-28 01:59 327680 --a------ C:\WINDOWS\system32\nvrsar.dll
2007-08-28 01:59 323584 --a------ C:\WINDOWS\system32\nvwrspt.dll
2007-08-28 01:59 323584 --a------ C:\WINDOWS\system32\nvwrsit.dll
2007-08-28 01:59 319488 --a------ C:\WINDOWS\system32\nvwrsptb.dll
2007-08-28 01:59 319488 --a------ C:\WINDOWS\system32\nvwrsnl.dll
2007-08-28 01:59 315392 --a------ C:\WINDOWS\system32\nvwrsru.dll
2007-08-28 01:59 311296 --a------ C:\WINDOWS\system32\nvwrsde.dll
2007-08-28 01:59 3072000 --a------ C:\WINDOWS\system32\nvgamesr.dll
2007-08-28 01:59 307200 --a------ C:\WINDOWS\system32\nvexpbar.dll
2007-08-28 01:59 303104 --a------ C:\WINDOWS\system32\nvwrstr.dll
2007-08-28 01:59 303104 --a------ C:\WINDOWS\system32\nvwrsfi.dll
2007-08-28 01:59 299008 --a------ C:\WINDOWS\system32\nvwrsno.dll
2007-08-28 01:59 294912 --a------ C:\WINDOWS\system32\nvwrssv.dll
2007-08-28 01:59 294912 --a------ C:\WINDOWS\system32\nvwrspl.dll
2007-08-28 01:59 294912 --a------ C:\WINDOWS\system32\nvwrsda.dll
2007-08-28 01:59 286720 --a------ C:\WINDOWS\system32\nvwrseng.dll
2007-08-28 01:59 2854912 --a------ C:\WINDOWS\system32\nvmoblsr.dll
2007-08-28 01:59 282624 --a------ C:\WINDOWS\system32\nvwrsar.dll
2007-08-28 01:59 282624 --a------ C:\WINDOWS\system32\nvrsfr.dll
2007-08-28 01:59 282624 --a------ C:\WINDOWS\system32\nvrses.dll
2007-08-28 01:59 278528 --a------ C:\WINDOWS\system32\nvrsit.dll
2007-08-28 01:59 278528 --a------ C:\WINDOWS\system32\nvrsde.dll
2007-08-28 01:59 274432 --a------ C:\WINDOWS\system32\nvrspt.dll
2007-08-28 01:59 274432 --a------ C:\WINDOWS\system32\nvrsnl.dll
2007-08-28 01:59 274432 --a------ C:\WINDOWS\system32\nvrsesm.dll
2007-08-28 01:59 270336 --a------ C:\WINDOWS\system32\nvrsru.dll
2007-08-28 01:59 266240 --a------ C:\WINDOWS\system32\nvrsptb.dll
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-09-29 21:01]
"ftutil2"="ftutil2.dll" [2004-06-07 14:05 C:\WINDOWS\system32\ftutil2.dll]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-13 20:05 C:\WINDOWS\RTHDCPL.EXE]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 14:15]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-08-28 01:59]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2005-07-22 22:14]
"HPBootOp"="C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2006-02-15 22:34]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPwuSchd2.exe" [2005-02-17 06:11]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2003-06-26 18:50]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2006-10-27 23:38]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 03:06]
"rfagent"="C:\Program Files\RFA Platinum\rfagent.exe" [2007-03-28 19:52]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2007-09-26 20:29]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-09-29 21:15]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24]
"TrojanScanner"="C:\Program Files\Trojan Remover\Trjscan.exe" [2007-09-29 17:32]
"AntiSpyWare2Guard"="C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWare2Guard.exe" [2007-08-14 09:29]
"Adobe Reader Speed Launcher"="c:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2007-03-14 21:01]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2007-02-07 16:21]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 09:25]
"AcctMgr"="C:\Program Files\Norton Password Manager\AcctMgr.exe" [2005-07-29 10:32]
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatchTray10.exe" [2007-08-24 15:52]
"DMXLauncher"="C:\Program Files\Roxio\CinePlayer\DMXLauncher.exe" [2007-08-14 03:44]
"Acrobat Assistant 8.0"="C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2007-05-10 22:46]
"Corel Photo Downloader"="C:\Program Files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" [2007-08-28 12:00]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-25 22:52]
"Nero PhotoShow Media Manager"="C:\PROGRA~1\Nero\PHOTOS~1\data\xtras\mssysmgr.exe" [2007-04-27 11:22]
"Free Ram Optimizer"="C:\Program Files\AceLogix\Free Ram Optimizer\fro.exe" [2003-08-22 09:19]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-10 19:39]
"Uniblue SpyEraser"="C:\Program Files\Uniblue\SpyEraser\SpyEraser.exe" [2007-08-16 09:03]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2007-09-13 13:31]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-08-03 12:51]
"RegDfrgSch"="C:\Program Files\Registry Defragmentation\RegDfrgSch.exe" [2007-07-16 06:17]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-06-26 16:13]

C:\Documents and Settings\HP_Administrator\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 20:24:54]
wkcalrem.LNK - C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe [2005-08-18 04:44:26]
Yahoo! Widget Engine.lnk - C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe [2007-07-20 10:57:16]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Google Updater.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-09-24 07:37:21]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 05:21:22]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 06:05:56]
Norton System Doctor.LNK - C:\Program Files\Norton SystemWorks Basic Edition\Norton Utilities\SYSDOC32.EXE [2005-11-03 20:09:04]
Updates From HP.lnk - C:\Program Files\Updates from HP\9972322\Program\Updates from HP.exe [2006-09-29 08:02:33]
Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2007-02-05 15:40:46]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoViewOnDrive"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 15:39 294400]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"

R1 sp_rsdrv2;Spyware Terminator Driver 2;\??\C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B};\??\C:\Program Files\CyberLink\PowerDVD\000.fcl
R2 AASW2_Service;Ashampoo AntiSpyWare 2 Service;C:\Program Files\Ashampoo\Ashampoo AntiSpyWare 2\AntiSpyWareService.exe
R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3;C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
R2 SQLWriter;SQL Server VSS Writer;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
R3 NPDriver;Norton UnErase Protection Driver;\??\C:\WINDOWS\system32\Drivers\NPDRIVER.SYS
S2 Roxio Upnp Server 10;Roxio Upnp Server 10;"C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe"
S2 RoxLiveShare10;LiveShare P2P Server 10;"C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe"
S2 RoxWatch10;Roxio Hard Drive Watcher 10;"C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe"
S3 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;"C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe"
S3 RoxMediaDB10;RoxMediaDB10;"C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe"
S3 SDdriver;SDdriver;\??\C:\WINDOWS\system32\Drivers\sddriver.sys
S3 WN5301;LIteon Wireless PCI Network Adapter Service;C:\WINDOWS\system32\DRIVERS\wn5301.sys

.
Contents of the 'Scheduled Tasks' folder
"2007-10-04 04:32:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
"2007-10-06 05:47:00 C:\WINDOWS\Tasks\Check Updates for Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
"2007-10-01 06:11:43 C:\WINDOWS\Tasks\DMATask 0 {D2B22905-47C9-4b82-8E74-47AA9D2DE378} 0~0.job"
- c:\Program Files\HP DigitalMedia Archive\DMAScheduler.exe
"2007-09-29 07:16:41 C:\WINDOWS\Tasks\Easy Internet Sign-up.job"
"2007-10-05 10:30:00 C:\WINDOWS\Tasks\ErrorSmart Scheduled Scan.job"
- C:\Program Files\errorsmart\ErrorSmart.exe
"2007-09-29 07:16:50 C:\WINDOWS\Tasks\HPCeeSchedule.job"
- C:\Program Files\Hewlett-Packard\SDP\Ceement\HPCEE.exe
"2007-10-05 09:25:00 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
- C:\Program Files\Windows Defender\MpCmdRun.exe
"2007-10-02 03:00:00 C:\WINDOWS\Tasks\Norton Internet Security - Run Full System Scan - HP_Administrator.job"
- C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe
"2007-10-05 22:00:00 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
"2007-10-01 19:02:01 C:\WINDOWS\Tasks\Norton SystemWorks One Button Checkup.job"
"2007-10-06 05:59:12 C:\WINDOWS\Tasks\RegCure Program Check.job"
"2007-10-05 00:13:01 C:\WINDOWS\Tasks\RegCure.job"
- C:\Program Files\RegCure\RegCure.exe
"2007-10-05 07:00:07 C:\WINDOWS\Tasks\Symantec Drmc.job"
"2007-10-03 09:44:06 C:\WINDOWS\Tasks\Uniblue SpyEraser.job"
"2007-09-29 07:17:24 C:\WINDOWS\Tasks\Warranty Reminder 11 month.job"
- c:\windows\system32\pcintro\reminder\Warranty_Reminder_11_month\Warranty_Reminder_11_month.bat
.
**************************************************************************

catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-05 22:59:23
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

C:\WINDOWS\system32\d3d9caps.tmp

scan completed successfully
hidden files: 1

**************************************************************************
.
Completion time: 2007-10-05 23:10:13 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-10-05 23:10
C:\ComboFix2.txt ... 2007-10-01 12:09
C:\ComboFix3.txt ... 2007-09-29 23:15
.
--- E O F ---
distinctedge
Regular Member
 
Posts: 17
Joined: September 27th, 2007, 7:00 pm

Unread postby Katana » October 6th, 2007, 4:00 pm

Your logs look as clean as we are ever going to get them, without a reinstall
Downloading Keygens and Cracks is guaranteed way of getting infected.

OTMoveIt
  • Download OTMoveIt by OldTimer from here
  • Double click on OTMoveIt to start OTMoveIt
    Image
  • Untick the option to Unregister Dll's and Ocx's (1)
  • Select the contents of the below codebox, then press Ctrl+C to copy it to the clipboard
    Code: Select all
    C:\current installs\Magic.DVD.Copier.v4.4.2.WinALL.Incl.Keygen-BRD.rar
    C:\online installs\DVD Copier\keygen.exe
    C:\online installs\Nero 8\Nero PhotoShow Express\nero_photoshow_express_5_setup.exe
    C:\Program Files\Nero\PhotoShow 5\data\Xtras\nero_photoshow_express_5_setup.exe
    C:\online installs\Nero 8\Toolbar.exe
    C:\Program Files\Online Services\PeoplePC\ISP5900\Dll\RAS.DLL
    
  • In OTMoveIt Right click on the box labelled Paste List of Files/Folders to be Moved
  • Click Paste (2)
  • Click MoveIt! (3)
  • Copy and paste the contents of the results box (4) as a reply to this topic



Submit a File For Analysis
We need to have the file below Scanned by Uploading it to Jotti

Please visit Jotti
Copy/paste the the following file path into the window
C:\WINDOWS\system32\d3d9caps.tmp
Click Submit/Send File
Please post back, to let me know the results.

If Jotti is too busy please try Virustotal
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Unread postby distinctedge » October 6th, 2007, 4:44 pm

C:\current installs\Magic.DVD.Copier.v4.4.2.WinALL.Incl.Keygen-BRD.rar moved successfully.
File/Folder C:\online installs\DVD Copier\keygen.exe not found.
C:\online installs\Nero 8\Nero PhotoShow Express\nero_photoshow_express_5_setup.exe moved successfully.
C:\Program Files\Nero\PhotoShow 5\data\Xtras\nero_photoshow_express_5_setup.exe moved successfully.
C:\online installs\Nero 8\Toolbar.exe moved successfully.
C:\Program Files\Online Services\PeoplePC\ISP5900\Dll\RAS.DLL moved successfully.

Created on 10/06/2007 13:29:44


On the C:\WINDOWS\system32\d3d9caps.tmp It will not upload.

I went into the folder and found C:\WINDOWS\system32\d3d9caps
It is a CD movie file that goes with the Nero movie player
That address will not upload either.

So if I completely uninstall Nero this should fix?

The CastleStormer
distinctedge
Regular Member
 
Posts: 17
Joined: September 27th, 2007, 7:00 pm

Unread postby distinctedge » October 6th, 2007, 5:32 pm

I ran the Norton sytem doc and I have 26 problems similar to this:
C:\Program Files\Adobe\Acrobat 8.0\Designer 8.0\ConvertIP.exe" cannot access a necessary file, "mfc80u.dll."

I have the driver but do not know where to place it?

What to do?
distinctedge
Regular Member
 
Posts: 17
Joined: September 27th, 2007, 7:00 pm

Unread postby Katana » October 6th, 2007, 6:11 pm

Regarding the Nero file, You do not need to uninstall it.
I was just wondering why that file was hidden.
It is probably just a temp file for when you are using it.

Regarding the mfc80u.dll problem, what driver do you have ?
Do you mean you have that file ?
Do you have Acrobat 8.0, can you just reinstall it ?
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Unread postby distinctedge » October 6th, 2007, 6:29 pm

I went and DL the driver so I have it on my files.

Here are some more of the 26 problems:

"C:\WINDOWS\system32\MAPISRVR.EXE" cannot access a necessary file, "gapi32.dll."

"C:\WINDOWS\Microsoft.NET\Framework\v3.5\vbc.exe" cannot access a necessary file, "msvcr90.dll."

"C:\PROGRA~1\MICROS~4\Office12\GROOVE.EXE" cannot access a necessary file, "atl80.dll."

"C:\Program Files\Nero\Nero8\Nero Toolkit\RescueAgent\NeroRescueAgent.exe" cannot access a necessary file, "mfc80u.dll."

"C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\VWDExpress.exe" cannot access a necessary file, "msvcr90.dll."

"C:\Program Files\HP\Digital Imaging\bin\hpqgrcpy.exe" cannot access a necessary file, "hpgreg32.dll."

"C:\Program Files\Adobe\Acrobat 8.0\Designer 8.0\ConvertPDF.exe" cannot access a necessary file, "mfc80u.dll."

"C:\Program Files\Common Files\Nero\Lib\NeroScoutOptions.exe" cannot access a necessary file, "mfc80u.dll."

Now these programs run OK. Norton is the only one reporting this.

I am just wondering if I place the drivers in the correct folders if that will help with this?

The CastleStormer
distinctedge
Regular Member
 
Posts: 17
Joined: September 27th, 2007, 7:00 pm

Unread postby Katana » October 8th, 2007, 10:46 am

Some of those errors are known "false positives" if you visit the Symantec site it will give you details
See Here



Congratulations your logs look clean :D

Let’s see if I can help you keep it that way

First lets tidy up :D


Open OTMoveIt Click Cleanup,
it will now connect to the internet and get a list of files to delete.
When a box pops up click YES.

Set correct settings for files that should be hidden in Windows XP
  • Click Start > My Computer > Tools menu (at top of page) > Folder Options > View tab.
  • Under "Hidden files and folders" if necessary select Do not show hidden files and folders.
  • If unchecked please checkHide protected operating system files (Recommended)
  • If necessary check "Display content of system folders"
  • If necessary Uncheck Hide file extensions for known file types.
  • Click OK


Reset System Restore.
Now you should disable System restore to purge any infected files and then re-enable it,

On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Check Turn off System Restore.
Click Apply, and then click OK.
Restart your computer

Turn ON System Restore

On the Desktop, right-click My Computer.
Click Properties.
Click the System Restore tab.
Un-Check Turn off System Restore.
Click Apply, and then click OK.


Also PLEASE read this article

So How Did I Get Infected In The First Place

If you can see a program in the must have section that you have never seen or used then get it!

The last and most important thing I can tell you is UPDATE.
If you don't update your security programs (Antivirus, Antispyware even Windows) then you are at risk.
Malware changes on a day to day basis. You should update every week at the very least.

If you follow this advice then (with a bit of luck) you will never have to hear from me again :D


If you could post back one more time to let me know everything is OK, then I can have this thread archived.

Happy surfing K'
User avatar
Katana
MRU Teacher Emeritus
 
Posts: 6412
Joined: November 10th, 2006, 5:00 pm
Location: Manchester

Unread postby distinctedge » October 8th, 2007, 10:58 am

Hello Katana,

Well something happened. All was fine and when I turned on the computer it was a "NTLEADER not found". So I could not boot. Went to my other computer and di some searching. Seems pretty bad. I did a scan in the boot mode to make sure no viruses, All clean.

I ended up doing a go back from HP recovery again.

So I am a bit overwhelmed. I read where this cause may be because of too many DL to the root folder. Well at any rate Give me a day or so to get all back in order. I did another complete Avast scan last night. Clean.

I want to thank you for you much needed help.

The CastleStormer
distinctedge
Regular Member
 
Posts: 17
Joined: September 27th, 2007, 7:00 pm

Unread postby askey127 » October 18th, 2007, 7:30 am

Glad we could be of assistance.

This topic is now closed. If you wish it reopened, please send us an email to 'admin at malwareremoval.com' with a link to your thread.
If you are the topic starter, you will need a valid, working link to the closed topic, along with the user name used.
The user name must match the one in the linked thread linked to avoid having the email deleted.

You can help support this site from this link :
Donations For Malware Removal
User avatar
askey127
Admin/Teacher
Admin/Teacher
 
Posts: 14025
Joined: April 17th, 2005, 3:25 pm
Location: New Hampshire USA
Advertisement
Register to Remove

Previous

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 297 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware